Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Uživatel (2016-01-28 12:59:48)
Running from C:\Users\Uživatel\Desktop
Windows 10 Pro (X64) (2015-11-13 10:31:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-346663436-2988962487-3144823818-500 - Administrator - Disabled)
andro (S-1-5-21-346663436-2988962487-3144823818-1004 - Limited - Enabled) => C:\Users\andro
DefaultAccount (S-1-5-21-346663436-2988962487-3144823818-503 - Limited - Disabled)
Guest (S-1-5-21-346663436-2988962487-3144823818-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-346663436-2988962487-3144823818-1002 - Limited - Enabled)
Uživatel (S-1-5-21-346663436-2988962487-3144823818-1001 - Administrator - Enabled) => C:\Users\Uživatel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360安全卫士 (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360安全卫士 (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.10 beta (HKLM-x32\...\7-Zip) (Version: 15.10 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Accusoft PICVideo Motion JPEG 4 (HKLM-x32\...\InstallShield_{F015C84A-A7FA-4DFC-A266-1754CC536056}) (Version: 4.0.17 - Accusoft)
Accusoft PICVideo Motion JPEG 4 (x32 Version: 4.0.17 - Accusoft) Hidden
ACID Pro 7.0 (HKLM-x32\...\{BFA5441E-B7E6-46F5-A15D-1B74707AE93A}) (Version: 7.0.641 - Sony)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM-x32\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.2.1.171 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
AIDA64 Extreme v4.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.00 - FinalWire Ltd.)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1324, 15.11.2013 - AIMP DevTeam)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Amara - Flash Intro and Banner Builder (HKLM-x32\...\Amara - Flash Intro and Banner Builder) (Version: - )
Amara - Flash Menu Builder (HKLM-x32\...\Amara - Flash Menu Builder) (Version: - )
Amara - Flash News Ticker (HKLM-x32\...\Amara - Flash News Ticker) (Version: - )
Amara - Flash Photo Animation Software (HKLM-x32\...\Amara - Flash Photo Animation Software) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Bontia Studio 5.0 (HKLM-x32\...\{27A8CEC3-F518-40F0-BA50-EDB47150BF33}) (Version: 5.0.4267.0 - Bontia, a.s.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CloudBuckIt (HKLM-x32\...\{8B8D9C33-4230-41EB-A303-791DBAB7DBCC}) (Version: 2.0.2.9 - CloudBuckIt)
Copy (HKLM\...\{6C680D3E-8940-4FEA-BA3A-E57825C691AF}) (Version: 1.48.456.0 - Barracuda Networks, Inc.)
CrystalDiskInfo 6.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.0 - Crystal Dew World)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5724.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5724.0 - CyberLink Corp.) Hidden
Debugging Tools for Windows (x86) (HKLM-x32\...\{83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}) (Version: 6.11.1.402 - Microsoft Corporation)
Deckadance (HKLM-x32\...\Deckadance) (Version: - Image-Line)
Degoo (HKLM-x32\...\{EA165371-61E8-4C63-AA30-798781DAE653}) (Version: 1.0.1680 - Degoo Backup AB)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Drumaxx (HKLM-x32\...\Drumaxx) (Version: - Image-Line)
DX10 (HKLM-x32\...\DX10) (Version: - Image-Line)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version: - File Repair)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Freemake Video Converter verze 4.1.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.1 - Ellora Assets Corporation)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hdd Speed Test Tool v. 1.0.14 (RC 1) (HKLM-x32\...\Hdd Speed Test Tool_is1) (Version: - Marko Oette (oette.info)) <==== ATTENTION
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
hubiC - x64 (Version: 1.2.5.85 - OVH) Hidden
hubiC (HKLM-x32\...\{13f707f4-410d-4c85-95ea-a373458d9c98}) (Version: 1.2.5.85 - OVH)
IL Autogun (HKLM-x32\...\IL Autogun) (Version: - Image-Line)
IL DrumSynth Live (HKLM-x32\...\IL DrumSynth Live) (Version: - Image-Line)
IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version: - Image-Line)
IL Harmless (HKLM-x32\...\IL Harmless) (Version: - Image-Line)
IL Harmor (HKLM-x32\...\IL Harmor) (Version: - Image-Line)
IL Juice Pack (HKLM-x32\...\IL Juice Pack) (Version: - Image-Line)
IL Ogun (HKLM-x32\...\IL Ogun) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
IL Slicex (HKLM-x32\...\IL Slicex) (Version: - Image-Line)
IL Vocodex (HKLM-x32\...\IL Vocodex) (Version: - Image-Line)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.2.0.5 - Karen Kenworthy)
K-Lite Mega Codec Pack 11.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.0 - )
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Magic Partition Recovery 2.3 (HKLM-x32\...\Magic Partition Recovery) (Version: - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Maximus (HKLM-x32\...\Maximus) (Version: - Image-Line)
MediaInfo 0.7.81 (HKLM\...\MediaInfo) (Version: 0.7.81 - MediaArea.net)
MEGAsync 1.0.22 (HKLM-x32\...\MEGAsync) (Version: 1.0.22 - Mega Limited)
Microsoft GIF Animator (HKLM-x32\...\GIF Animator) (Version: - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Power Data Recovery - Bootable Media Builder 6.8 (HKLM-x32\...\{33187B46-F813-428A-8EE0-4B721B838C2C}_is1) (Version: - MiniTool Solution Ltd.)
Morphine (HKLM-x32\...\Morphine) (Version: - Image-Line bvba)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 43.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 cs)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 cs)) (Version: 38.5.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 cs) (HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\Mozilla Thunderbird 38.5.1 (x86 cs)) (Version: 38.5.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7143 - MyHeritage.com)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero 12 Content Pack (HKLM-x32\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{831D3D7B-169D-47F3-9117-D74934BF71BF}) (Version: 12.5.00100 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
ODF Add-in for Microsoft Office (HKLM-x32\...\{59D1195A-7E64-4120-BB37-F053D9FD45FB}) (Version: 3.0.5254.0 - OpenXML/ODF Translator Team)
Opera Stable 34.0.2036.50 (HKLM-x32\...\Opera 34.0.2036.50) (Version: 34.0.2036.50 - Opera Software)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\PhotoFiltre 7) (Version: - )
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Rajče průvodce verze 1.59.52.267 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registr koz (HKLM-x32\...\Registr koz_is1) (Version: - CompAct Bohemia s.r.o.)
Registr ovcí (HKLM-x32\...\Registr ovcí_is1) (Version: - CompAct Bohemia s.r.o.)
Registrace uživatele zařízení Canon MG2900 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2900 series) (Version: - Canon Inc.)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SevenZip (HKLM-x32\...\SevenZip) (Version: 9.20 - SevenZip)
Seznam Software (HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\SeznamInstall) (Version: - Seznam.cz)
SimSynth (HKLM-x32\...\SimSynth) (Version: - Image-Line bvba)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
Sony ACID (HKLM-x32\...\Sony ACID 7) (Version: 7 - Sony ACID )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1116 - SUPERAntiSpyware.com)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System GoBack Free (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 1.0 - CHENGDU YIWO Tech Development Co., Ltd)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line bvba)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.0 (HKLM-x32\...\VLC media player) (Version: 1.1.0 - VideoLAN)
Wasp (HKLM-x32\...\Wasp) (Version: - Image-Line bvba)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-346663436-2988962487-3144823818-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07F5220E-4F42-4F1E-A976-2E066AA812C7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {12219AE4-D669-484F-8198-4B39E5909964} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {13A38E81-44A3-4203-8B68-901BB5BDE90A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {14EA167E-0A6D-42C0-9461-5ED5717813D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {18D67E5D-A6BA-45D6-801C-1937E78FFFA1} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1C216D00-09CC-4151-B420-71BDF0941E9F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {239E0906-78A6-4C56-BCF8-8F72DA400E53} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {2F7AFBD1-FBCC-4077-9820-B1E74A740306} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3200172D-88F4-41F6-B5D0-36F23A13837D} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {34F1C41C-C425-4853-98A3-1DE85B1AB295} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3D2CD942-8F4D-4643-842C-72129801CF09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {45C83A71-F729-42BC-BB05-AD471B0877EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {4EF85F4E-8698-4616-BBC8-85A85A365FCE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {51FC04FA-19BF-4D9A-8D80-85A3C62D85DF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {5246AF65-30EB-4A8E-9679-ABA3209A628C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {54A58476-F975-4562-A662-815A6F846A95} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {598C6866-A881-433D-81CC-0C2FB9F8C822} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5EF010FB-C879-4A2E-8318-D7337568C2A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6221DD26-AAD6-4390-8BAE-8CFFF2A2DB8F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {6B828DFD-E97B-4025-9D73-60E9BBB7CAAA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2016-01-15] (Microsoft Corporation)
Task: {6C9768BE-9E7F-4B0C-A764-2FDE63CF3897} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {70BA7359-4AC1-4030-96E3-E866AFFCD8F3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {80B35853-C042-4529-95D0-785BDC7FD299} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {842A730F-A8E1-4E2A-96E2-1FBD52549303} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {8D986827-765C-444C-9E7E-BBBC7B09ACEB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {94FE1D48-62C2-44F1-A0A1-CD86132F31B2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {9A2468BC-7441-44C3-BCA7-1323F2A9AB7D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {9E90A8C5-2CEA-4366-ABFB-3151E4F21D61} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {B32B83AB-4498-4B0F-8859-703330C94A82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {B733C396-DEAD-4598-AA64-EE510FFBDEB6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5} - System32\Tasks\Opera scheduled Autoupdate 1423502777 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {C10704C0-B63A-4B1C-ABC1-51B2818FC50C} - \AVGPCTuneUp_Task_BkGndMaintenance -> No File <==== ATTENTION
Task: {CA207352-89A7-4EBD-8C0E-EA7AFAAC2F9E} - System32\Tasks\Uživatel 12 0 => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe [2012-08-13] (Nero AG)
Task: {CE6A381B-01A2-4422-B7F1-5AE5D4015930} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D30AB82E-117A-4FEB-BE7C-4C2BE09AD417} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {D97B3792-E1F8-4A4B-AF1C-35CD25B8A695} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {EED94250-CB67-41FD-8BC4-AF0B25CF64A2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F731A61D-5D5F-48CD-9412-E1C0FA67787E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\8JZX6Df1iHpBQZqSwImqnCa1Lc.job => C:\Users\U�ivatel\AppData\Roaming\8JZX6Df1iHpBQZqSwImqnCa1Lc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EkyjVZl9TU.job => C:\Users\U�ivatel\AppData\Roaming\EkyjVZl9TU.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Uživatel\Desktop\Tor Browser\Stаrt Tоr Brоwsеr.lnk -> C:\Users\Uživatel\Desktop\Tor Browser\Browser\firefox.bat ()
Shortcut: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Tоr Brоwsеr.lnk -> C:\Users\Uživatel\Desktop\Tor Browser\Browser\firefox.bat ()
Shortcut: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе (2).lnk -> C:\Program Files (x86)\Google\Chrome\chrome.bat ()
Shortcut: C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mоzillа Firеfох (2).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat ()
Shortcut: C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ореrа (2).lnk -> C:\Program Files (x86)\Opera\launcher.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mоzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ореrа.lnk -> C:\Program Files (x86)\Opera\launcher.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\chrome.bat ()
Shortcut: C:\Users\Public\Desktop\Mоzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat ()
==================== Loaded Modules (Whitelisted) ==============
2015-11-13 15:33 - 2015-07-15 03:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2013-11-27 19:30 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-13 15:33 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-11-13 15:31 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-13 15:31 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-13 15:29 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-08 19:57 - 2015-11-25 05:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-08 19:57 - 2015-11-25 05:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-08 19:57 - 2015-11-25 05:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2014-12-09 16:39 - 2014-09-09 13:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2016-01-28 12:42 - 2016-01-28 12:42 - 00098816 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32api.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00110080 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\pywintypes27.dll
2016-01-28 12:42 - 2016-01-28 12:42 - 00364544 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\pythoncom27.dll
2016-01-28 12:42 - 2016-01-28 12:42 - 00046080 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_socket.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 01208320 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_ssl.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00320512 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32com.shell.shell.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00776704 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_hashlib.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 01176576 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._core_.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00806400 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._gdi_.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00816128 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._windows_.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 01067008 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._controls_.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00733184 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._misc_.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00682496 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\pysqlite2._sqlite.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00088064 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_ctypes.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00119808 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32file.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00108544 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32security.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00007168 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\hashobjs_ext.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00017920 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\thumbnails_ext.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00079360 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\usb_ext.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00167936 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32gui.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00018432 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32event.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00128512 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_elementtree.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00127488 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\pyexpat.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00013824 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\common.time34.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00036864 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_psutil_windows.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00038912 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32inet.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00525640 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\windows._lib_cacheinvalidation.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00011264 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32crypt.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00077312 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._html2.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00027136 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_multiprocessing.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00020480 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\_yappi.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00035840 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32process.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00686080 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\unicodedata.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00123392 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._wizard.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00024064 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32pipe.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00010240 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\select.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00025600 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32pdh.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00017408 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32profile.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00022528 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\win32ts.pyd
2016-01-28 12:42 - 2016-01-28 12:42 - 00078848 _____ () C:\Users\Uživatel\AppData\Local\Temp\_MEI45562\wx._animate.pyd
2015-12-11 08:04 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-11 08:04 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-11 08:04 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-11 08:04 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-11 08:04 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-11 08:04 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 08:04 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-11 08:04 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-12-11 08:04 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-11 08:04 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 08:04 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-11 08:04 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-11 08:04 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 08:04 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-11 08:04 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-11 08:04 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-12-11 08:04 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-11 08:04 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-11 08:04 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:8331D35A
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:EBC2DB92
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\1C5AC7CF.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27268288.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\1C5AC7CF.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27268288.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\exefile: <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-01-27 19:04 - 2016-01-27 19:04 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search Vyřešeno
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A992A79B-D829-4EF3-8DBF-63CE539DCC72}] => (Allow) C:\Users\Uživatel\AppData\Roaming\Copy\CopyAgent.exe
FirewallRules: [{740197B5-9B91-43DC-9448-5F2FAA99E4ED}] => (Allow) LPort=48113
FirewallRules: [{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}] => (Allow) LPort=48113
FirewallRules: [{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}] => (Allow) LPort=1900
FirewallRules: [{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}] => (Allow) LPort=2869
FirewallRules: [{6253EFD8-B7E4-4428-92DF-AF42E2F64B43}] => (Allow) C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{50641C89-999D-46DB-A120-ABF795F64BDB}] => (Allow) C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{141E186A-1727-45F1-99CC-A941A7DF5F5E}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{F43BEADB-D288-412E-8794-3037895CFA82}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{32570C47-FC43-4CE5-8252-4711A0C374C9}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7F9870C3-6C11-4BB4-A7C2-71FFD78F00F6}] => (Block) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [{E489CCA3-5747-40A6-BE97-6F476A0DD7DB}] => (Block) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [UDP Query User{C4AF3A01-F72D-4EAA-BEEB-D1371C46BD02}C:\program files (x86)\samsung\intelli-studio\istudio.exe] => (Allow) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [TCP Query User{B8AE5A72-13F5-4294-821B-0BE385C66378}C:\program files (x86)\samsung\intelli-studio\istudio.exe] => (Allow) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [{19A5191F-7F74-415C-8BFD-64CBB9564764}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{33D15020-7B91-45BB-9798-CC53C511540C}] => (Allow) C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
FirewallRules: [{361AF3A2-C3DA-4587-8523-3122389E6B77}] => (Allow) C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
FirewallRules: [{23E5300F-0F82-4C2F-B4F4-DF5FF480ED15}] => (Allow) LPort=1900
FirewallRules: [{25FDC09D-88A7-4D20-BCE6-4CDEF2760037}] => (Allow) LPort=2869
FirewallRules: [{9AEB5378-FA7C-40AA-92E1-40EFD77EB825}] => (Allow) LPort=0
FirewallRules: [UDP Query User{5C0E1A4B-7CF2-4B7E-BC49-3AD6AAA305AC}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [TCP Query User{C4ECEDC9-E886-482F-AB94-2218C972C13D}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [{351B77C4-511D-44A3-864F-6B973B63F799}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{627B9F2A-2C0D-47D4-BF19-547393A81AD6}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [UDP Query User{FE7DC0C8-1DD2-44DD-BD7F-E059429BB3E8}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B517CFFC-2946-423E-ABA1-79F54ECC2D23}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E92334C8-330F-4499-B3C5-420C49BE615B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{168B36AA-3D0A-4AA0-A6A4-F6329D1C5BDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{246D70D8-7A0D-40DA-A200-9C4CE3C45B3E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5000CBCB-683F-4770-96E5-CDA9A34936C1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{F3E95734-F3C9-4FC8-9249-C721C3FADE54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17A2693D-1EF7-4FEC-907B-0FDCB0F37687}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97DBDFAE-2DB0-4805-80B1-D33E6A5CD3C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{855D728F-B7C0-44B6-8B9F-255340FEE28E}] => (Allow) C:\Users\Uživatel\Downloads\inst.exe
FirewallRules: [{1E51CBBD-2B66-4660-9268-245CFC87820C}] => (Allow) C:\Users\Uživatel\Downloads\inst.exe
FirewallRules: [TCP Query User{1939CBAA-7A0C-427E-A100-7BC6A9D13B41}C:\users\uživatel\appdata\local\degoo\degoo.exe] => (Allow) C:\users\uživatel\appdata\local\degoo\degoo.exe
FirewallRules: [UDP Query User{FF1E98C1-3013-41C3-81DE-D841E2709F06}C:\users\uživatel\appdata\local\degoo\degoo.exe] => (Allow) C:\users\uživatel\appdata\local\degoo\degoo.exe
==================== Restore Points =========================
28-01-2016 12:48:28 End of disinfection
==================== Faulty Device Manager Devices =============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/28/2016 12:47:46 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:46 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:36 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:36 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:25 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:25 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:15 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:15 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:05 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:05 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (01/28/2016 12:45:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba MBAMService přestala během spouštění reagovat.
Error: (01/28/2016 12:40:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
%%1053
Error: (01/28/2016 12:40:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba sdílení portů Net.Tcp neuspěla při spuštění v důsledku následující chyby:
%%1053
Error: (01/28/2016 12:40:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba sdílení portů Net.Tcp bylo dosaženo časového limitu (30000 ms).
Error: (01/28/2016 12:39:56 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (01/28/2016 12:38:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Automatická konfigurace sítě WWAN byla ukončena s následující chybou:
%%997
Error: (01/28/2016 12:38:29 PM) (Source: DCOM) (EventID: 10010) (User: UZIVATEL_PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (01/28/2016 12:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (01/28/2016 12:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (01/28/2016 12:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2016-01-26 14:46:44.603
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 11:50:34.735
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 10:49:47.262
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 10:25:58.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 07:52:10.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-24 11:34:52.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-24 11:34:52.826
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-20 20:51:26.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-20 19:25:42.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-20 18:35:36.073
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 31%
Total physical RAM: 6143.11 MB
Available physical RAM: 4190.71 MB
Total Virtual: 7423.11 MB
Available Virtual: 5454.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:68.77 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 232.9 GB) (Disk ID: 0D840D83)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A992A79B-D829-4EF3-8DBF-63CE539DCC72}] => (Allow) C:\Users\Uživatel\AppData\Roaming\Copy\CopyAgent.exe
FirewallRules: [{740197B5-9B91-43DC-9448-5F2FAA99E4ED}] => (Allow) LPort=48113
FirewallRules: [{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}] => (Allow) LPort=48113
FirewallRules: [{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}] => (Allow) LPort=1900
FirewallRules: [{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}] => (Allow) LPort=2869
FirewallRules: [{6253EFD8-B7E4-4428-92DF-AF42E2F64B43}] => (Allow) C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{50641C89-999D-46DB-A120-ABF795F64BDB}] => (Allow) C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{141E186A-1727-45F1-99CC-A941A7DF5F5E}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{F43BEADB-D288-412E-8794-3037895CFA82}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{32570C47-FC43-4CE5-8252-4711A0C374C9}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7F9870C3-6C11-4BB4-A7C2-71FFD78F00F6}] => (Block) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [{E489CCA3-5747-40A6-BE97-6F476A0DD7DB}] => (Block) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [UDP Query User{C4AF3A01-F72D-4EAA-BEEB-D1371C46BD02}C:\program files (x86)\samsung\intelli-studio\istudio.exe] => (Allow) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [TCP Query User{B8AE5A72-13F5-4294-821B-0BE385C66378}C:\program files (x86)\samsung\intelli-studio\istudio.exe] => (Allow) C:\program files (x86)\samsung\intelli-studio\istudio.exe
FirewallRules: [{19A5191F-7F74-415C-8BFD-64CBB9564764}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{33D15020-7B91-45BB-9798-CC53C511540C}] => (Allow) C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
FirewallRules: [{361AF3A2-C3DA-4587-8523-3122389E6B77}] => (Allow) C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
FirewallRules: [{23E5300F-0F82-4C2F-B4F4-DF5FF480ED15}] => (Allow) LPort=1900
FirewallRules: [{25FDC09D-88A7-4D20-BCE6-4CDEF2760037}] => (Allow) LPort=2869
FirewallRules: [{9AEB5378-FA7C-40AA-92E1-40EFD77EB825}] => (Allow) LPort=0
FirewallRules: [UDP Query User{5C0E1A4B-7CF2-4B7E-BC49-3AD6AAA305AC}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [TCP Query User{C4ECEDC9-E886-482F-AB94-2218C972C13D}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [{351B77C4-511D-44A3-864F-6B973B63F799}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{627B9F2A-2C0D-47D4-BF19-547393A81AD6}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [UDP Query User{FE7DC0C8-1DD2-44DD-BD7F-E059429BB3E8}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B517CFFC-2946-423E-ABA1-79F54ECC2D23}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E92334C8-330F-4499-B3C5-420C49BE615B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{168B36AA-3D0A-4AA0-A6A4-F6329D1C5BDD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{246D70D8-7A0D-40DA-A200-9C4CE3C45B3E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5000CBCB-683F-4770-96E5-CDA9A34936C1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{F3E95734-F3C9-4FC8-9249-C721C3FADE54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17A2693D-1EF7-4FEC-907B-0FDCB0F37687}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97DBDFAE-2DB0-4805-80B1-D33E6A5CD3C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{855D728F-B7C0-44B6-8B9F-255340FEE28E}] => (Allow) C:\Users\Uživatel\Downloads\inst.exe
FirewallRules: [{1E51CBBD-2B66-4660-9268-245CFC87820C}] => (Allow) C:\Users\Uživatel\Downloads\inst.exe
FirewallRules: [TCP Query User{1939CBAA-7A0C-427E-A100-7BC6A9D13B41}C:\users\uživatel\appdata\local\degoo\degoo.exe] => (Allow) C:\users\uživatel\appdata\local\degoo\degoo.exe
FirewallRules: [UDP Query User{FF1E98C1-3013-41C3-81DE-D841E2709F06}C:\users\uživatel\appdata\local\degoo\degoo.exe] => (Allow) C:\users\uživatel\appdata\local\degoo\degoo.exe
==================== Restore Points =========================
28-01-2016 12:48:28 End of disinfection
==================== Faulty Device Manager Devices =============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/28/2016 12:47:46 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:46 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:36 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:36 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:25 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:25 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:15 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:15 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (01/28/2016 12:47:05 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4336) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (01/28/2016 12:47:05 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4336) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (01/28/2016 12:45:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba MBAMService přestala během spouštění reagovat.
Error: (01/28/2016 12:40:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
%%1053
Error: (01/28/2016 12:40:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba sdílení portů Net.Tcp neuspěla při spuštění v důsledku následující chyby:
%%1053
Error: (01/28/2016 12:40:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba sdílení portů Net.Tcp bylo dosaženo časového limitu (30000 ms).
Error: (01/28/2016 12:39:56 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (01/28/2016 12:38:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Automatická konfigurace sítě WWAN byla ukončena s následující chybou:
%%997
Error: (01/28/2016 12:38:29 PM) (Source: DCOM) (EventID: 10010) (User: UZIVATEL_PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (01/28/2016 12:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (01/28/2016 12:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (01/28/2016 12:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2016-01-26 14:46:44.603
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 11:50:34.735
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 10:49:47.262
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 10:25:58.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 07:52:10.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-24 11:34:52.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-24 11:34:52.826
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-20 20:51:26.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-20 19:25:42.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-20 18:35:36.073
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\360safe\safemon\safewrapper.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 31%
Total physical RAM: 6143.11 MB
Available physical RAM: 4190.71 MB
Total Virtual: 7423.11 MB
Available Virtual: 5454.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:68.77 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 232.9 GB) (Disk ID: 0D840D83)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
Odinstaluj HitmanPro, SUPERAntiSpyware, PC Tools, Kaspersky,
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusť FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Stáhni si z některého odkazu SystemLook
SystemLook (32-bit)
http://jpshortstuff.247fixes.com/SystemLook.exe
SystemLook (64-bit)
http://jpshortstuff.247fixes.com/SystemLook_x64.exe
a ulož si ho na plochu.
Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:
Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 6D4FA089415C9FCCAFEDF216C5EDC22C URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 73CB03F7C33C318B01EC942CC0EE3B92 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 9B33E58D86F9336F710C1DEF2C2C610F URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> B8D479F19C4EDCAB256CB3F3BC86DBFD URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826&query={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Edge HomeButtonPage: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> hxxp://www.seznam.cz/?clid=6826
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @360.cn/npaxlogin -> C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll [2014-04-22] (360.cn)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1221171.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-346663436-2988962487-3144823818-1001: @360.cn/360MMPlugin -> C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll [2015-06-03] (360.cn)
FF Extension: Mega Button - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\jid1-STt04aUU3EuD3A@jetpack.xpi [2016-01-25]
FF Extension: Seznam lištička - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-07] [not signed]
FF Extension: IDM CC - C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 [2016-01-28] [not signed]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-01-27]
CHR Extension: (MEGA) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-01-27]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-01-27]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-01-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
U5 1C5AC7CF; C:\Windows\System32\Drivers\1C5AC7CF.sys [478392 2016-01-12] (Kaspersky Lab ZAO)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2015-12-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [321616 2015-10-16] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-04-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [375376 2015-12-11] (360.cn)
S4 360Hvm; C:\Windows\System32\Drivers\360Hvm64.sys [191568 2015-11-25] (360安全中心)
R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [72776 2014-12-24] (360.cn)
R1 360reskit64; C:\WINDOWS\system32\drivers\360reskit64.sys [65104 2015-09-24] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2015-12-01] (360.cn)
S3 DsArk; C:\Windows\System32\drivers\DsArk64.sys [136272 2015-07-02] (360.cn)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\360Disabled
C:\Program Files (x86)\360\
C:\Program Files (x86)\Seznam.cz\
C:\Program Files (x86)\AVG
C:\Program Files (x86)\Seznam.cz
C:\Users\Uživatel\AppData\Roaming\360WeChatClean
C:\360SANDBOX
C:\Users\Uživatel\AppData\Roaming\360mobilemgr
C:\WINDOWS\system32\Drivers\360Hvm64.dat
C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
C:\WINDOWS\system32\Drivers\360FsFlt.sys
C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
C:\WINDOWS\system32\Drivers\360Hvm64.sys
C:\WINDOWS\system32\Drivers\360Box64.sys
C:\WINDOWS\system32\Drivers\360reskit64.sys
C:\WINDOWS\SysWOW64\360SoftMgr.cpl
C:\WINDOWS\system32\Drivers\360netmon.sys
C:\WINDOWS\system32\Drivers\360LanProtect.sys
C:\WINDOWS\system32\Drivers\360Camera64.sys
C:\Users\Uživatel\Downloads\inst.exe
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12 (1).apk
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250 (1).exe
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12.apk
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250.exe
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
C:\Users\Uživatel\AppData\Roaming\AVG
C:\WINDOWS\system32\Drivers\86425349.sys
C:\WINDOWS\system32\Drivers\1C5AC7CF.sys
C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{42A2194F-6342-4591-9C6B-654F79D0F881}
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
C:\Users\Uživatel\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
AV: 360安全卫士 (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360安全卫士 (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
Task: {14EA167E-0A6D-42C0-9461-5ED5717813D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1C216D00-09CC-4151-B420-71BDF0941E9F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2F7AFBD1-FBCC-4077-9820-B1E74A740306} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3200172D-88F4-41F6-B5D0-36F23A13837D} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {3D2CD942-8F4D-4643-842C-72129801CF09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {45C83A71-F729-42BC-BB05-AD471B0877EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {5246AF65-30EB-4A8E-9679-ABA3209A628C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5EF010FB-C879-4A2E-8318-D7337568C2A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9A2468BC-7441-44C3-BCA7-1323F2A9AB7D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {B32B83AB-4498-4B0F-8859-703330C94A82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5} - System32\Tasks\Opera scheduled Autoupdate 1423502777 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {C10704C0-B63A-4B1C-ABC1-51B2818FC50C} - \AVGPCTuneUp_Task_BkGndMaintenance -> No File <==== ATTENTION
Task: {D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\8JZX6Df1iHpBQZqSwImqnCa1Lc.job => C:\Users\U�ivatel\AppData\Roaming\8JZX6Df1iHpBQZqSwImqnCa1Lc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EkyjVZl9TU.job => C:\Users\U�ivatel\AppData\Roaming\EkyjVZl9TU.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:8331D35A
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:EBC2DB92
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\exefile: <===== ATTENTION
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusť FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Stáhni si z některého odkazu SystemLook
SystemLook (32-bit)
http://jpshortstuff.247fixes.com/SystemLook.exe
SystemLook (64-bit)
http://jpshortstuff.247fixes.com/SystemLook_x64.exe
a ulož si ho na plochu.
Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:
Kód: Vybrat vše
:filefind
SUPERAntiSpyware
hitmanpro
ad-aware
avg
seznam
listicka
Kaspersky
360safe
PC Tools
ZhuDongFangYu
:dir
AVG PC TuneUp
SUPERAntiSpyware
hitmanpro
ad-aware
avg
seznam
listicka
Kaspersky
360safe
PC Tools
ZhuDongFangYu
:regfind
SUPERAntiSpyware
hitmanpro
ad-aware
seznam
listicka
Kaspersky
360safe
PC Tools
ZhuDongFangYu
:folderfind
SUPERAntiSpyware
hitmanpro
ad-aware
seznam
listicka
Kaspersky
360safe
PC Tools
ZhuDongFangYu
:process
SUPERAntiSpyware
hitmanpro
ad-aware
avg
seznam
listicka
Kaspersky
360safe
PC Tools
ZhuDongFangYu
Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Uživatel (2016-01-28 16:58:58) Run:1
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel & andro & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 6D4FA089415C9FCCAFEDF216C5EDC22C URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 73CB03F7C33C318B01EC942CC0EE3B92 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 9B33E58D86F9336F710C1DEF2C2C610F URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> B8D479F19C4EDCAB256CB3F3BC86DBFD URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826&query={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Edge HomeButtonPage: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> hxxp://www.seznam.cz/?clid=6826
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @360.cn/npaxlogin -> C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll [2014-04-22] (360.cn)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1221171.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-346663436-2988962487-3144823818-1001: @360.cn/360MMPlugin -> C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll [2015-06-03] (360.cn)
FF Extension: Mega Button - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\jid1-STt04aUU3EuD3A@jetpack.xpi [2016-01-25]
FF Extension: Seznam lištička - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-07] [not signed]
FF Extension: IDM CC - C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 [2016-01-28] [not signed]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-01-27]
CHR Extension: (MEGA) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-01-27]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-01-27]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-01-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
U5 1C5AC7CF; C:\Windows\System32\Drivers\1C5AC7CF.sys [478392 2016-01-12] (Kaspersky Lab ZAO)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2015-12-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [321616 2015-10-16] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-04-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [375376 2015-12-11] (360.cn)
S4 360Hvm; C:\Windows\System32\Drivers\360Hvm64.sys [191568 2015-11-25] (360安全中心)
R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [72776 2014-12-24] (360.cn)
R1 360reskit64; C:\WINDOWS\system32\drivers\360reskit64.sys [65104 2015-09-24] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2015-12-01] (360.cn)
S3 DsArk; C:\Windows\System32\drivers\DsArk64.sys [136272 2015-07-02] (360.cn)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\360Disabled
C:\Program Files (x86)\360\
C:\Program Files (x86)\Seznam.cz\
C:\Program Files (x86)\AVG
C:\Program Files (x86)\Seznam.cz
C:\Users\Uživatel\AppData\Roaming\360WeChatClean
C:\360SANDBOX
C:\Users\Uživatel\AppData\Roaming\360mobilemgr
C:\WINDOWS\system32\Drivers\360Hvm64.dat
C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
C:\WINDOWS\system32\Drivers\360FsFlt.sys
C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
C:\WINDOWS\system32\Drivers\360Hvm64.sys
C:\WINDOWS\system32\Drivers\360Box64.sys
C:\WINDOWS\system32\Drivers\360reskit64.sys
C:\WINDOWS\SysWOW64\360SoftMgr.cpl
C:\WINDOWS\system32\Drivers\360netmon.sys
C:\WINDOWS\system32\Drivers\360LanProtect.sys
C:\WINDOWS\system32\Drivers\360Camera64.sys
C:\Users\Uživatel\Downloads\inst.exe
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12 (1).apk
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250 (1).exe
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12.apk
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250.exe
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
C:\Users\Uživatel\AppData\Roaming\AVG
C:\WINDOWS\system32\Drivers\86425349.sys
C:\WINDOWS\system32\Drivers\1C5AC7CF.sys
C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{42A2194F-6342-4591-9C6B-654F79D0F881}
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
C:\Users\Uživatel\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
AV: 360安全卫士 (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360安全卫士 (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
Task: {14EA167E-0A6D-42C0-9461-5ED5717813D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1C216D00-09CC-4151-B420-71BDF0941E9F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2F7AFBD1-FBCC-4077-9820-B1E74A740306} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3200172D-88F4-41F6-B5D0-36F23A13837D} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {3D2CD942-8F4D-4643-842C-72129801CF09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {45C83A71-F729-42BC-BB05-AD471B0877EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {5246AF65-30EB-4A8E-9679-ABA3209A628C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5EF010FB-C879-4A2E-8318-D7337568C2A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9A2468BC-7441-44C3-BCA7-1323F2A9AB7D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {B32B83AB-4498-4B0F-8859-703330C94A82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5} - System32\Tasks\Opera scheduled Autoupdate 1423502777 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {C10704C0-B63A-4B1C-ABC1-51B2818FC50C} - \AVGPCTuneUp_Task_BkGndMaintenance -> No File <==== ATTENTION
Task: {D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\8JZX6Df1iHpBQZqSwImqnCa1Lc.job => C:\Users\U�ivatel\AppData\Roaming\8JZX6Df1iHpBQZqSwImqnCa1Lc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EkyjVZl9TU.job => C:\Users\U�ivatel\AppData\Roaming\EkyjVZl9TU.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:8331D35A
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:EBC2DB92
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\exefile: <===== ATTENTION
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvgUi => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\6D4FA089415C9FCCAFEDF216C5EDC22C" => key removed successfully
HKCR\CLSID\6D4FA089415C9FCCAFEDF216C5EDC22C => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\73CB03F7C33C318B01EC942CC0EE3B92" => key removed successfully
HKCR\CLSID\73CB03F7C33C318B01EC942CC0EE3B92 => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\9B33E58D86F9336F710C1DEF2C2C610F" => key removed successfully
HKCR\CLSID\9B33E58D86F9336F710C1DEF2C2C610F => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\B8D479F19C4EDCAB256CB3F3BC86DBFD" => key removed successfully
HKCR\CLSID\B8D479F19C4EDCAB256CB3F3BC86DBFD => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
"HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer" => key removed successfully
C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@360.cn/npaxlogin" => key removed successfully
Could not move "C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll" => Scheduled to move on reboot.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/AuthorwarePlayer" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\MozillaPlugins\@360.cn/360MMPlugin" => key removed successfully
Could not move "C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll" => Scheduled to move on reboot.
C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\jid1-STt04aUU3EuD3A@jetpack.xpi => moved successfully
C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => moved successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF} => value removed successfully
C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => moved successfully
C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd" => key removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
1C5AC7CF => service removed successfully
360AntiHacker => service could not remove
360Box64 => Unable to stop service.
360Box64 => service could not remove
360Camera => service could not remove
360FsFlt => Unable to stop service.
360FsFlt => service could not remove
360Hvm => service could not remove
360netmon => Unable to stop service.
360netmon => service removed successfully
360reskit64 => Unable to stop service.
360reskit64 => service removed successfully
BAPIDRV => Unable to stop service.
BAPIDRV => service could not remove
DsArk => service could not remove
idsvc => service removed successfully
wpcsvc => service removed successfully
C:\WINDOWS\Tasks\360Disabled => moved successfully
"C:\Program Files (x86)\360" folder move:
Could not move "C:\Program Files (x86)\360" => Scheduled to move on reboot.
C:\Program Files (x86)\Seznam.cz => moved successfully
C:\Program Files (x86)\AVG => moved successfully
"C:\Program Files (x86)\Seznam.cz" => not found.
C:\Users\Uživatel\AppData\Roaming\360WeChatClean => moved successfully
"C:\360SANDBOX" folder move:
Could not move "C:\360SANDBOX" => Scheduled to move on reboot.
C:\Users\Uživatel\AppData\Roaming\360mobilemgr => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\360Hvm64.dat" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360AntiHacker64.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360FsFlt.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360Hvm64.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360Box64.sys" => Scheduled to move on reboot.
C:\WINDOWS\system32\Drivers\360reskit64.sys => moved successfully
C:\WINDOWS\SysWOW64\360SoftMgr.cpl => moved successfully
C:\WINDOWS\system32\Drivers\360netmon.sys => moved successfully
C:\WINDOWS\system32\Drivers\360LanProtect.sys => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\360Camera64.sys" => Scheduled to move on reboot.
C:\Users\Uživatel\Downloads\inst.exe => moved successfully
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12 (1).apk => moved successfully
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250 (1).exe => moved successfully
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12.apk => moved successfully
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250.exe => moved successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
C:\Users\Uživatel\AppData\Roaming\AVG => moved successfully
C:\WINDOWS\system32\Drivers\86425349.sys => moved successfully
C:\WINDOWS\system32\Drivers\1C5AC7CF.sys => moved successfully
C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{42A2194F-6342-4591-9C6B-654F79D0F881} => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\Users\Uživatel\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => moved successfully
AV: 360安全卫士 (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} => removed successfully
AS: 360安全卫士 (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14EA167E-0A6D-42C0-9461-5ED5717813D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14EA167E-0A6D-42C0-9461-5ED5717813D6}" => key removed successfully
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C216D00-09CC-4151-B420-71BDF0941E9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C216D00-09CC-4151-B420-71BDF0941E9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F7AFBD1-FBCC-4077-9820-B1E74A740306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F7AFBD1-FBCC-4077-9820-B1E74A740306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3200172D-88F4-41F6-B5D0-36F23A13837D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3200172D-88F4-41F6-B5D0-36F23A13837D}" => key removed successfully
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D2CD942-8F4D-4643-842C-72129801CF09}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D2CD942-8F4D-4643-842C-72129801CF09}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45C83A71-F729-42BC-BB05-AD471B0877EB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45C83A71-F729-42BC-BB05-AD471B0877EB}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5246AF65-30EB-4A8E-9679-ABA3209A628C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5246AF65-30EB-4A8E-9679-ABA3209A628C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EF010FB-C879-4A2E-8318-D7337568C2A5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EF010FB-C879-4A2E-8318-D7337568C2A5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A2468BC-7441-44C3-BCA7-1323F2A9AB7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A2468BC-7441-44C3-BCA7-1323F2A9AB7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9}" => key removed successfully
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B32B83AB-4498-4B0F-8859-703330C94A82}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B32B83AB-4498-4B0F-8859-703330C94A82}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5}" => key removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1423502777 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1423502777" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C10704C0-B63A-4B1C-ABC1-51B2818FC50C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10704C0-B63A-4B1C-ABC1-51B2818FC50C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" => key removed successfully
C:\WINDOWS\Tasks\8JZX6Df1iHpBQZqSwImqnCa1Lc.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => not found.
C:\WINDOWS\Tasks\EkyjVZl9TU.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\TEMP => ":430C6D84" ADS removed successfully.
C:\ProgramData\TEMP => ":8331D35A" ADS removed successfully.
C:\ProgramData\TEMP => ":B755D674" ADS removed successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
C:\ProgramData\TEMP => ":EBC2DB92" ADS removed successfully.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\exefile" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-28 17:03:17)
"C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll" => Could not move
"C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll" => Could not move
"C:\Program Files (x86)\360" => Could not move
"C:\360SANDBOX" => Could not move
"C:\WINDOWS\system32\Drivers\360Hvm64.dat" => Could not move
"C:\WINDOWS\system32\Drivers\360AntiHacker64.sys" => Could not move
"C:\WINDOWS\system32\Drivers\360FsFlt.sys" => Could not move
"C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS" => Could not move
"C:\WINDOWS\system32\Drivers\360Hvm64.sys" => Could not move
"C:\WINDOWS\system32\Drivers\360Box64.sys" => Could not move
"C:\WINDOWS\system32\Drivers\360Camera64.sys" => Could not move
==== End of Fixlog 17:03:23 ====
Ran by Uživatel (2016-01-28 16:58:58) Run:1
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel & andro & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 6D4FA089415C9FCCAFEDF216C5EDC22C URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 73CB03F7C33C318B01EC942CC0EE3B92 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 9B33E58D86F9336F710C1DEF2C2C610F URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> B8D479F19C4EDCAB256CB3F3BC86DBFD URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826&query={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Edge HomeButtonPage: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> hxxp://www.seznam.cz/?clid=6826
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @360.cn/npaxlogin -> C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll [2014-04-22] (360.cn)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1221171.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-346663436-2988962487-3144823818-1001: @360.cn/360MMPlugin -> C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll [2015-06-03] (360.cn)
FF Extension: Mega Button - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\jid1-STt04aUU3EuD3A@jetpack.xpi [2016-01-25]
FF Extension: Seznam lištička - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-07] [not signed]
FF Extension: IDM CC - C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 [2016-01-28] [not signed]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-01-27]
CHR Extension: (MEGA) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-01-27]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-01-27]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-01-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
U5 1C5AC7CF; C:\Windows\System32\Drivers\1C5AC7CF.sys [478392 2016-01-12] (Kaspersky Lab ZAO)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2015-12-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [321616 2015-10-16] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-04-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [375376 2015-12-11] (360.cn)
S4 360Hvm; C:\Windows\System32\Drivers\360Hvm64.sys [191568 2015-11-25] (360安全中心)
R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [72776 2014-12-24] (360.cn)
R1 360reskit64; C:\WINDOWS\system32\drivers\360reskit64.sys [65104 2015-09-24] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2015-12-01] (360.cn)
S3 DsArk; C:\Windows\System32\drivers\DsArk64.sys [136272 2015-07-02] (360.cn)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\WINDOWS\Tasks\360Disabled
C:\Program Files (x86)\360\
C:\Program Files (x86)\Seznam.cz\
C:\Program Files (x86)\AVG
C:\Program Files (x86)\Seznam.cz
C:\Users\Uživatel\AppData\Roaming\360WeChatClean
C:\360SANDBOX
C:\Users\Uživatel\AppData\Roaming\360mobilemgr
C:\WINDOWS\system32\Drivers\360Hvm64.dat
C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
C:\WINDOWS\system32\Drivers\360FsFlt.sys
C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
C:\WINDOWS\system32\Drivers\360Hvm64.sys
C:\WINDOWS\system32\Drivers\360Box64.sys
C:\WINDOWS\system32\Drivers\360reskit64.sys
C:\WINDOWS\SysWOW64\360SoftMgr.cpl
C:\WINDOWS\system32\Drivers\360netmon.sys
C:\WINDOWS\system32\Drivers\360LanProtect.sys
C:\WINDOWS\system32\Drivers\360Camera64.sys
C:\Users\Uživatel\Downloads\inst.exe
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12 (1).apk
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250 (1).exe
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12.apk
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250.exe
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
C:\Users\Uživatel\AppData\Roaming\AVG
C:\WINDOWS\system32\Drivers\86425349.sys
C:\WINDOWS\system32\Drivers\1C5AC7CF.sys
C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{42A2194F-6342-4591-9C6B-654F79D0F881}
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
C:\Users\Uživatel\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
AV: 360安全卫士 (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360安全卫士 (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
Task: {14EA167E-0A6D-42C0-9461-5ED5717813D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1C216D00-09CC-4151-B420-71BDF0941E9F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2F7AFBD1-FBCC-4077-9820-B1E74A740306} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3200172D-88F4-41F6-B5D0-36F23A13837D} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {3D2CD942-8F4D-4643-842C-72129801CF09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {45C83A71-F729-42BC-BB05-AD471B0877EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {5246AF65-30EB-4A8E-9679-ABA3209A628C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5EF010FB-C879-4A2E-8318-D7337568C2A5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9A2468BC-7441-44C3-BCA7-1323F2A9AB7D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.)
Task: {B32B83AB-4498-4B0F-8859-703330C94A82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5} - System32\Tasks\Opera scheduled Autoupdate 1423502777 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {C10704C0-B63A-4B1C-ABC1-51B2818FC50C} - \AVGPCTuneUp_Task_BkGndMaintenance -> No File <==== ATTENTION
Task: {D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\8JZX6Df1iHpBQZqSwImqnCa1Lc.job => C:\Users\U�ivatel\AppData\Roaming\8JZX6Df1iHpBQZqSwImqnCa1Lc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EkyjVZl9TU.job => C:\Users\U�ivatel\AppData\Roaming\EkyjVZl9TU.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:8331D35A
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:EBC2DB92
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\exefile: <===== ATTENTION
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvgUi => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\6D4FA089415C9FCCAFEDF216C5EDC22C" => key removed successfully
HKCR\CLSID\6D4FA089415C9FCCAFEDF216C5EDC22C => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\73CB03F7C33C318B01EC942CC0EE3B92" => key removed successfully
HKCR\CLSID\73CB03F7C33C318B01EC942CC0EE3B92 => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\9B33E58D86F9336F710C1DEF2C2C610F" => key removed successfully
HKCR\CLSID\9B33E58D86F9336F710C1DEF2C2C610F => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\B8D479F19C4EDCAB256CB3F3BC86DBFD" => key removed successfully
HKCR\CLSID\B8D479F19C4EDCAB256CB3F3BC86DBFD => key not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
"HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer" => key removed successfully
C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@360.cn/npaxlogin" => key removed successfully
Could not move "C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll" => Scheduled to move on reboot.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/AuthorwarePlayer" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => not found.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\MozillaPlugins\@360.cn/360MMPlugin" => key removed successfully
Could not move "C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll" => Scheduled to move on reboot.
C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\jid1-STt04aUU3EuD3A@jetpack.xpi => moved successfully
C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => moved successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF} => value removed successfully
C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => moved successfully
C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => moved successfully
C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd" => key removed successfully
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
1C5AC7CF => service removed successfully
360AntiHacker => service could not remove
360Box64 => Unable to stop service.
360Box64 => service could not remove
360Camera => service could not remove
360FsFlt => Unable to stop service.
360FsFlt => service could not remove
360Hvm => service could not remove
360netmon => Unable to stop service.
360netmon => service removed successfully
360reskit64 => Unable to stop service.
360reskit64 => service removed successfully
BAPIDRV => Unable to stop service.
BAPIDRV => service could not remove
DsArk => service could not remove
idsvc => service removed successfully
wpcsvc => service removed successfully
C:\WINDOWS\Tasks\360Disabled => moved successfully
"C:\Program Files (x86)\360" folder move:
Could not move "C:\Program Files (x86)\360" => Scheduled to move on reboot.
C:\Program Files (x86)\Seznam.cz => moved successfully
C:\Program Files (x86)\AVG => moved successfully
"C:\Program Files (x86)\Seznam.cz" => not found.
C:\Users\Uživatel\AppData\Roaming\360WeChatClean => moved successfully
"C:\360SANDBOX" folder move:
Could not move "C:\360SANDBOX" => Scheduled to move on reboot.
C:\Users\Uživatel\AppData\Roaming\360mobilemgr => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\360Hvm64.dat" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360AntiHacker64.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360FsFlt.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360Hvm64.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\Drivers\360Box64.sys" => Scheduled to move on reboot.
C:\WINDOWS\system32\Drivers\360reskit64.sys => moved successfully
C:\WINDOWS\SysWOW64\360SoftMgr.cpl => moved successfully
C:\WINDOWS\system32\Drivers\360netmon.sys => moved successfully
C:\WINDOWS\system32\Drivers\360LanProtect.sys => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\360Camera64.sys" => Scheduled to move on reboot.
C:\Users\Uživatel\Downloads\inst.exe => moved successfully
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12 (1).apk => moved successfully
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250 (1).exe => moved successfully
C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12.apk => moved successfully
C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250.exe => moved successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
C:\Users\Uživatel\AppData\Roaming\AVG => moved successfully
C:\WINDOWS\system32\Drivers\86425349.sys => moved successfully
C:\WINDOWS\system32\Drivers\1C5AC7CF.sys => moved successfully
C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{42A2194F-6342-4591-9C6B-654F79D0F881} => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\Users\Uživatel\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => moved successfully
AV: 360安全卫士 (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} => removed successfully
AS: 360安全卫士 (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14EA167E-0A6D-42C0-9461-5ED5717813D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14EA167E-0A6D-42C0-9461-5ED5717813D6}" => key removed successfully
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A9A76F2-2F8A-4D0D-8445-945E5D40C0E5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C216D00-09CC-4151-B420-71BDF0941E9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C216D00-09CC-4151-B420-71BDF0941E9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F7AFBD1-FBCC-4077-9820-B1E74A740306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F7AFBD1-FBCC-4077-9820-B1E74A740306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3200172D-88F4-41F6-B5D0-36F23A13837D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3200172D-88F4-41F6-B5D0-36F23A13837D}" => key removed successfully
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D2CD942-8F4D-4643-842C-72129801CF09}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D2CD942-8F4D-4643-842C-72129801CF09}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45C83A71-F729-42BC-BB05-AD471B0877EB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45C83A71-F729-42BC-BB05-AD471B0877EB}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5246AF65-30EB-4A8E-9679-ABA3209A628C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5246AF65-30EB-4A8E-9679-ABA3209A628C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B788D8E-4CE0-420E-B71A-00FC5CBFB8CA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EF010FB-C879-4A2E-8318-D7337568C2A5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EF010FB-C879-4A2E-8318-D7337568C2A5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E2FF239-DCE9-4F65-BEDA-DA2DD4FE008D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EFBC6AB-8A28-4BF5-AE5C-F72E5C2DC719}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A2468BC-7441-44C3-BCA7-1323F2A9AB7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A2468BC-7441-44C3-BCA7-1323F2A9AB7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BABC7F6-4FCC-4A5D-BBE1-5ECD345DFBE9}" => key removed successfully
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B32B83AB-4498-4B0F-8859-703330C94A82}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B32B83AB-4498-4B0F-8859-703330C94A82}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9023C9B-58DB-4DBA-A7E3-CF6BB09994B5}" => key removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1423502777 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1423502777" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C10704C0-B63A-4B1C-ABC1-51B2818FC50C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10704C0-B63A-4B1C-ABC1-51B2818FC50C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" => key removed successfully
C:\WINDOWS\Tasks\8JZX6Df1iHpBQZqSwImqnCa1Lc.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => not found.
C:\WINDOWS\Tasks\EkyjVZl9TU.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\TEMP => ":430C6D84" ADS removed successfully.
C:\ProgramData\TEMP => ":8331D35A" ADS removed successfully.
C:\ProgramData\TEMP => ":B755D674" ADS removed successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
C:\ProgramData\TEMP => ":EBC2DB92" ADS removed successfully.
"HKU\S-1-5-21-346663436-2988962487-3144823818-1001\Software\Classes\exefile" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-28 17:03:17)
"C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll" => Could not move
"C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll" => Could not move
"C:\Program Files (x86)\360" => Could not move
"C:\360SANDBOX" => Could not move
"C:\WINDOWS\system32\Drivers\360Hvm64.dat" => Could not move
"C:\WINDOWS\system32\Drivers\360AntiHacker64.sys" => Could not move
"C:\WINDOWS\system32\Drivers\360FsFlt.sys" => Could not move
"C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS" => Could not move
"C:\WINDOWS\system32\Drivers\360Hvm64.sys" => Could not move
"C:\WINDOWS\system32\Drivers\360Box64.sys" => Could not move
"C:\WINDOWS\system32\Drivers\360Camera64.sys" => Could not move
==== End of Fixlog 17:03:23 ====
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
SystemLook 30.07.11 by jpshortstuff
Log created at 17:14 on 28/01/2016 by Uživatel
Administrator - Elevation successful
========== filefind ==========
Searching for "SUPERAntiSpyware"
No files found.
Searching for "hitmanpro"
No files found.
Searching for "ad-aware"
No files found.
Searching for "avg"
No files found.
Searching for "seznam"
No files found.
Searching for "listicka"
No files found.
Searching for "Kaspersky"
No files found.
Searching for "360safe"
No files found.
Searching for "PC Tools"
No files found.
Searching for "ZhuDongFangYu"
No files found.
========== dir ==========
AVG PC TuneUp - Unable to find folder.
SUPERAntiSpyware - Unable to find folder.
hitmanpro - Unable to find folder.
ad-aware - Unable to find folder.
avg - Unable to find folder.
seznam - Unable to find folder.
listicka - Unable to find folder.
Kaspersky - Unable to find folder.
360safe - Unable to find folder.
PC Tools - Unable to find folder.
ZhuDongFangYu - Unable to find folder.
========== regfind ==========
Searching for "SUPERAntiSpyware"
No data found.
Searching for "hitmanpro"
[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro_x64.exe]
Searching for "ad-aware"
No data found.
Searching for "seznam"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\308]
"lastResult"="Požadovaný soubor neexistuje. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 404 Not Found
"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\318]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\322]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\443]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail\filipavel@seznam.cz]
[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@C:\WINDOWS\system32\unregmp2.exe,-9800"="Přida&t do seznamu programu Windows Media Player"
[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%systemroot%\system32\browser.dll,-101"="Udržuje aktualizovaný seznam počítačů v síti a poskytuje seznam počítačů kvalifikovaných jako prohlížeče. Po zastavení služby nebude tento seznam dále aktualizován ani udržován. Jestliže je tato služba zakázána, nezdaří se spuštění žádných služeb, které na této službě závisí."
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CRLFile]
@="Seznam odvolaných certifikátů"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Components\3EDE92CC2CB71D119A12000A9CE1A22A]
"1029\ImportCFL"="vUpAVKkm@$!!!!!MKKSkOutlookImportExportFilesIntl_1029<Import kanálů RSS ze seznamu obecných informačních kanálů;Importuje informace o kanálech RSS ze seznamu obecných informačních kanálů.;RESIDENT;11"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Components\5B5EF7AEDE9827842B7BD01C302B3B02]
"lookup.xlam"="vUpAVGkm@$!!!!!MKKSkExcelAddinLookupFilesIntl_1029<Průvodce vyhledáváním\Pomůže vytvořit vzorce sloužící k vyhledávání dat v seznamech."
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Components\5B5EF7AEDE9827842B7BD01C302B3B02]
"sumif.xlam"="vUpAVGkm@$!!!!!MKKSkExcelAddinSumIfFilesIntl_1029<Průvodce podmíněným součtem\Pomůže vytvořit vzorce sloužící k sečítání vybraných dat v seznamech."
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\STLFile]
@="Seznam důvěryhodných certifikátů"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety hlasování/s 82 Zápisy do
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žádné jiné vlákno.) Tento
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idle thread tha
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety hlasování/s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žádné jiné vlá
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety hlasování/s
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žádné jiné vlá
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idl
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žá
[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%SystemRoot%\system32\netprofmsvc.dll,-202"="Služba seznamu sítí"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\308]
"lastResult"="Požadovaný soubor neexistuje. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 404 Not Found
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\318]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\322]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\443]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail\filipavel@seznam.cz]
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@C:\WINDOWS\system32\unregmp2.exe,-9800"="Přida&t do seznamu programu Windows Media Player"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%systemroot%\system32\browser.dll,-101"="Udržuje aktualizovaný seznam počítačů v síti a poskytuje seznam počítačů kvalifikovaných jako prohlížeče. Po zastavení služby nebude tento seznam dále aktualizován ani udržován. Jestliže je tato služba zakázána, nezdaří se spuštění žádných služeb, které na této službě závisí."
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001_Classes\Local Settings\MuiCache\3af\C4BA942C]
"@C:\WINDOWS\system32\unregmp2.exe,-9800"="Přida&t do seznamu programu Windows Media Player"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001_Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%systemroot%\system32\browser.dll,-101"="Udržuje aktualizovaný seznam počítačů v síti a poskytuje seznam počítačů kvalifikovaných jako prohlížeče. Po zastavení služby nebude tento seznam dále aktualizován ani udržován. Jestliže je tato služba zakázána, nezdaří se spuštění žádných služeb, které na této službě závisí."
[HKEY_USERS\S-1-5-18\Software\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%SystemRoot%\system32\netprofmsvc.dll,-202"="Služba seznamu sítí"
Searching for "listicka"
No data found.
Searching for "Kaspersky"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"Host"="devbuilds.kaspersky-labs.com"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"Referer"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"owWPage"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"Url0"="http://devbuilds.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Host"="media.kaspersky.com"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Referer"="http://support.kaspersky.com/viruses/utility"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Cookie"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_vi=[CS]v1|2B4A859D853113E2-600001
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"owWPage"="http://support.kaspersky.com/viruses/utility"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"owWPCookies"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; KLMicroChannel=Referrer; s_cc=true; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmc=205612169; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; __utmt=1; __utmb=205612169.1.10.1452608264; ASP.NET_SessionId=24bz00qxaemxhdvuwqf115vt; ClientRouteNewSupport=5eb6451899f04416a515bb5531c904dc5e83e780b934d2c474c9b0d0f6cef324; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; __atuvc=1%7C2; __atuvs=56950b35da9ac6cc000; _ym_uid=14526083181009713708; _ym_isad=0; _ym_visorc_29743018=w; evar8=tddskiller.exe; s_vi=[CS]v1|2B4A859D853113E2-600001090017267A[CE]; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_nr=1452608328612-Repeat; s_sq=kasperskysupporten%3D%2526pid%253DS
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Url0"="http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"U0_c"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_vi=[CS]v1|2B4A859D853113E2-60000109
[HKEY_CURRENT_USER\SOFTWARE\KasperskyLab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\Client\Custom Actions]
"Kaspersky Anti-Spam"="4.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\mcouas.dll;1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookKLAsAddin.Addin]
"FriendlyName"="Kaspersky Outlook Anti-Spam Addin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\AVP15.0.0\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\AVP15.0.0\SavedData\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\UCPStorage\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC201F08-1B67-48A3-BDB9-9F4DAE9BC50B}]
"AppPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"Host"="devbuilds.kaspersky-labs.com"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"Referer"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"owWPage"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"Url0"="http://devbuilds.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Host"="media.kaspersky.com"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Referer"="http://support.kaspersky.com/viruses/utility"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Cookie"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F7
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"owWPage"="http://support.kaspersky.com/viruses/utility"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"owWPCookies"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; KLMicroChannel=Referrer; s_cc=true; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmc=205612169; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; __utmt=1; __utmb=205612169.1.10.1452608264; ASP.NET_SessionId=24bz00qxaemxhdvuwqf115vt; ClientRouteNewSupport=5eb6451899f04416a515bb5531c904dc5e83e780b934d2c474c9b0d0f6cef324; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; __atuvc=1%7C2; __atuvs=56950b35da9ac6cc000; _ym_uid=14526083181009713708; _ym_isad=0; _ym_visorc_29743018=w; evar8=tddskiller.exe; s_vi=[CS]v1|2B4A859D853113E2-600001090017267A[CE]; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_nr=1452608328612-Repeat; s
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Url0"="http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"U0_c"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F794
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\KasperskyLab]
Searching for "360safe"
[HKEY_CURRENT_USER\SOFTWARE\360safe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"61"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全卫士.lnk C:\Program Files (x86)\360\360safe\360Safe.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"62"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全防护中心.lnk C:\Program Files (x86)\360\360safe\safemon\360realpro.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"63"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360软件管家.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftManager.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"65"="C:\ProgramData\Microsoft\Windows\Start Menu\强力卸载电脑上的软件.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftupNotify.exe /RUNSOFTMGR"
[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\program files (x86)\360\360safe\mobilemgr\360mobilelink.exe.ApplicationCompany"="360.cn"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039219EC-5F9A-460E-8C72-86D5DC7B8683}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039219EC-5F9A-460E-8C72-86D5DC7B8683}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039219EC-5F9A-460E-8C72-86D5DC7B8683}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056A6FBD-8148-443A-AAB2-DB3C46B1F083}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056A6FBD-8148-443A-AAB2-DB3C46B1F083}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056A6FBD-8148-443A-AAB2-DB3C46B1F083}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06F2A2CA-E0E2-47D7-A3EC-29FD090E7F86}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06F2A2CA-E0E2-47D7-A3EC-29FD090E7F86}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06F2A2CA-E0E2-47D7-A3EC-29FD090E7F86}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12793398-A212-446F-BA1E-1F1B5ABDB89C}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12793398-A212-446F-BA1E-1F1B5ABDB89C}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12793398-A212-446F-BA1E-1F1B5ABDB89C}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26CD0715-0722-479B-A8C7-29A911171774}\InProcServer32]
@="C:\Program Files (x86)\360\360safe\Utils\shell360ext64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A650B6F-1548-4294-AB07-F17604108156}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A650B6F-1548-4294-AB07-F17604108156}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A650B6F-1548-4294-AB07-F17604108156}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47F57C45-E7A1-4414-A6F0-A0865F6E4CA6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47F57C45-E7A1-4414-A6F0-A0865F6E4CA6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47F57C45-E7A1-4414-A6F0-A0865F6E4CA6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D88ED58-E7F0-4EF2-AE06-5D5873AD19C6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D88ED58-E7F0-4EF2-AE06-5D5873AD19C6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D88ED58-E7F0-4EF2-AE06-5D5873AD19C6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55F9A4E2-52B3-4743-9EA7-2FEE413DABB6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55F9A4E2-52B3-4743-9EA7-2FEE413DABB6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55F9A4E2-52B3-4743-9EA7-2FEE413DABB6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E19C0CE-C02C-46c2-98C3-A2E12EDE0E17}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\SoftMgr\SoftMgrExt64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63A39D0C-0B63-49EE-BB21-D106ED548C51}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63A39D0C-0B63-49EE-BB21-D106ED548C51}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63A39D0C-0B63-49EE-BB21-D106ED548C51}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A377734-9D9D-44AE-A69C-06E81F6C8064}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A377734-9D9D-44AE-A69C-06E81F6C8064}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A377734-9D9D-44AE-A69C-06E81F6C8064}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78A1990F-7561-4CB9-A8BF-B6CCF8AAEB97}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A148181-CEB9-4F5E-B5F2-CDC5B68BD3A8}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A148181-CEB9-4F5E-B5F2-CDC5B68BD3A8}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A148181-CEB9-4F5E-B5F2-CDC5B68BD3A8}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C0F6D57-E799-4C8A-A319-8E2B4D724CF0}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\Utils\shell360ext64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826D8B56-A99E-4CD2-8F38-CFCE2A7B89C4}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826D8B56-A99E-4CD2-8F38-CFCE2A7B89C4}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826D8B56-A99E-4CD2-8F38-CFCE2A7B89C4}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86A06468-8A7C-4EFA-A61C-9C0E911194C9}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86A06468-8A7C-4EFA-A61C-9C0E911194C9}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86A06468-8A7C-4EFA-A61C-9C0E911194C9}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0AB8231-8E73-410D-8D1C-BE1027EA19A3}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0AB8231-8E73-410D-8D1C-BE1027EA19A3}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0AB8231-8E73-410D-8D1C-BE1027EA19A3}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A23CB8EB-C9C4-475D-88C0-CC51933F2D9E}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A23CB8EB-C9C4-475D-88C0-CC51933F2D9E}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A23CB8EB-C9C4-475D-88C0-CC51933F2D9E}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1859F5-DF30-4EEC-9404-E5F32FD260B7}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1859F5-DF30-4EEC-9404-E5F32FD260B7}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1859F5-DF30-4EEC-9404-E5F32FD260B7}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0B3184D-90C8-4F4D-B19A-42B6C659378B}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0B3184D-90C8-4F4D-B19A-42B6C659378B}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0B3184D-90C8-4F4D-B19A-42B6C659378B}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A94B6A-60FB-4A19-8BA3-4A2068F1026D}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A94B6A-60FB-4A19-8BA3-4A2068F1026D}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A94B6A-60FB-4A19-8BA3-4A2068F1026D}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC00F81D-5262-450A-B1FA-D6BEE3406263}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1FD8167-E560-4B08-9F4E-CA89F979BD84}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8A9DF39-075A-4C8C-B48B-8121C37FFDF0}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8A9DF39-075A-4C8C-B48B-8121C37FFDF0}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8A9DF39-075A-4C8C-B48B-8121C37FFDF0}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E431A037-AE60-4D57-99D7-B402223AE8A0}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E431A037-AE60-4D57-99D7-B402223AE8A0}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E431A037-AE60-4D57-99D7-B402223AE8A0}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E715FE74-087F-4F4C-BB0A-0245C8A897E2}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E715FE74-087F-4F4C-BB0A-0245C8A897E2}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E715FE74-087F-4F4C-BB0A-0245C8A897E2}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE3F69E2-3085-4C46-B050-A45F008827D6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE3F69E2-3085-4C46-B050-A45F008827D6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE3F69E2-3085-4C46-B050-A45F008827D6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE8C32E-C785-4B1F-A33B-FCD6942418BD}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE8C32E-C785-4B1F-A33B-FCD6942418BD}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE8C32E-C785-4B1F-A33B-FCD6942418BD}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6BC477E-2646-459A-9D6A-75902C24430D}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6BC477E-2646-459A-9D6A-75902C24430D}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6BC477E-2646-459A-9D6A-75902C24430D}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1B1706-967F-4834-8405-2343A38E4086}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1B1706-967F-4834-8405-2343A38E4086}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1B1706-967F-4834-8405-2343A38E4086}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD6A8A28-DB7F-478C-A358-C989EFE02096}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD6A8A28-DB7F-478C-A358-C989EFE02096}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD6A8A28-DB7F-478C-A358-C989EFE02096}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
"Path"="C:\Program Files (x86)\360\360safe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
@="C:\Program Files (x86)\360\360safe\360safe.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\360krnlsvc\softmgrs]
"ImagePath"="C:\Program Files (x86)\360\360safe\SoftMgr\360SoftMgrS.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\AdvTools]
"InstalledTools"="<?xml version="1.0" encoding="utf-16"?><Tools><Tool Ids="360wechatclean" Name="微信清理" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360wechatclean__10_52.png" SmallIcon="" File=""></Tool><Tool Ids="ruanjianguanjia" Name="软件管家" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_32.png" File=""></Tool><Tool Ids="360JiShi" Name="人工服务" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_32.png" File=""></Tool><Tool Ids="360MobileMgr" Name="手机助手" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_32.png" File=""></Tool><Tool Ids="360bsc" Name="主页防护" Ico
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\AdvTools]
"EntryTools"="<?xml version="1.0" encoding="utf-16"?><Tools><Tool Ids="ruanjianguanjia" Name="软件管家" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_32.png" File=""></Tool><Tool Ids="360JiShi" Name="人工服务" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_32.png" File=""></Tool><Tool Ids="360MobileMgr" Name="手机助手" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_32.png" File=""></Tool><Tool Ids="WangSuCeShiQi" Name="宽带测速器" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_NetSpeed_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTool
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360Ask]
"ImagePath"="C:\Program Files (x86)\360\360safe\netmon\360AskMsg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360Ask\360QandAExpert.exe]
@="C:\Program Files (x86)\360\360safe\netmon\360QandAExpert.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360GenRoad]
"ImagePath"="C:\Program Files (x86)\360\360safe\Utils\360GenRoadMsg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360PayInsure]
"ImagePath"="C:\Program Files (x86)\360\360safe\safemon\SomProxy.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\leak]
"SavePath"="C:\Program Files (x86)\360\360safe\hotfix"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\menuext\LiveUpdate360]
"Application"="C:\Program Files (x86)\360\360safe\LiveUpdate360.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\mobilemgr]
"360MobileSrv"="C:\Program Files (x86)\360\360safe\mobilemgr\360MobileSrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\tpi\360SafeCamera]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\tpi\360SafeCamera]
"ImagePath"="safemon\360SafeCamera.tpi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
"Path"="C:\Program Files (x86)\360\360safe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
@="C:\Program Files (x86)\360\360safe\360safe.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\360AntiHacker]
"DisplayName"="360Safe Anti Hacker Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\360Camera]
"DisplayName"="360Safe Camera Filter Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\360Hvm]
"DisplayName"="360Safe HVM"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360AntiHacker]
"DisplayName"="360Safe Anti Hacker Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360Camera]
"DisplayName"="360Safe Camera Filter Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360Hvm]
"DisplayName"="360Safe HVM"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
[HKEY_USERS\.DEFAULT\Software\360Safe]
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\360safe]
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"61"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全卫士.lnk C:\Program Files (x86)\360\360safe\360Safe.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"62"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全防护中心.lnk C:\Program Files (x86)\360\360safe\safemon\360realpro.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"63"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360软件管家.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftManager.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"65"="C:\ProgramData\Microsoft\Windows\Start Menu\强力卸载电脑上的软件.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftupNotify.exe /RUNSOFTMGR"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\program files (x86)\360\360safe\mobilemgr\360mobilelink.exe.ApplicationCompany"="360.cn"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\program files (x86)\360\360safe\mobilemgr\360mobilelink.exe.ApplicationCompany"="360.cn"
[HKEY_USERS\S-1-5-18\Software\360Safe]
Searching for "PC Tools"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a21e4614_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0883&subsys_1043829f&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\DownloadManager\Security]
"LastLangDownload"="C:\ProgramData\PC Tools\DownloadManager\SecurityLanguageFiles\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\DownloadManager\Security\7.0.0.0]
"LastScannerDownload"="C:\ProgramData\PC Tools\DownloadManager\SecurityScanner\9.1.0.2898-DMScannerSetup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\DownloadManager\Security\7.0.0.0]
"LastDBDownload"="C:\ProgramData\PC Tools\DownloadManager\SecurityDatabase\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\sdsetup.exe]
"Language Dir"="C:\Users\UIVATE~1\AppData\Local\Temp\PC Tools Download Manager\lang\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCTBD]
"DisplayName"="PC Tools Browser Defender Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCTBD]
"DisplayName"="PC Tools Browser Defender Driver"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a21e4614_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0883&subsys_1043829f&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe%b{00000000-0000-0000-0000-000000000000}"
Searching for "ZhuDongFangYu"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZhuDongFangYu]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZhuDongFangYu]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
========== folderfind ==========
Searching for "SUPERAntiSpyware"
No folders found.
Searching for "hitmanpro"
C:\ProgramData\HitmanPro d------ [03:44 03/01/2015]
C:\Users\All Users\HitmanPro d------ [03:44 03/01/2015]
Searching for "ad-aware"
No folders found.
Searching for "seznam"
No folders found.
Searching for "listicka"
No folders found.
Searching for "Kaspersky"
No folders found.
Searching for "360safe"
C:\FRST\Quarantine\C\Program Files (x86)\360\360safe d------ [15:59 28/01/2016]
C:\Program Files (x86)\360\360safe d------ [23:03 15/01/2016]
C:\Users\Default\AppData\Roaming\360safe d------ [13:30 19/01/2016]
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\360safe d------ [15:59 27/01/2016]
Searching for "PC Tools"
C:\ProgramData\PC Tools d------ [11:13 19/01/2016]
C:\Users\All Users\PC Tools d------ [11:13 19/01/2016]
Searching for "ZhuDongFangYu"
No folders found.
========== process ==========
SUPERAntiSpyware - Unable to open process handle.
hitmanpro - Unable to open process handle.
ad-aware - Unable to open process handle.
avg - Unable to open process handle.
seznam - Unable to open process handle.
listicka - Unable to open process handle.
Kaspersky - Unable to open process handle.
360safe - Unable to open process handle.
PC Tools - Unable to open process handle.
ZhuDongFangYu - Unable to open process handle.
-= EOF =-
Log created at 17:14 on 28/01/2016 by Uživatel
Administrator - Elevation successful
========== filefind ==========
Searching for "SUPERAntiSpyware"
No files found.
Searching for "hitmanpro"
No files found.
Searching for "ad-aware"
No files found.
Searching for "avg"
No files found.
Searching for "seznam"
No files found.
Searching for "listicka"
No files found.
Searching for "Kaspersky"
No files found.
Searching for "360safe"
No files found.
Searching for "PC Tools"
No files found.
Searching for "ZhuDongFangYu"
No files found.
========== dir ==========
AVG PC TuneUp - Unable to find folder.
SUPERAntiSpyware - Unable to find folder.
hitmanpro - Unable to find folder.
ad-aware - Unable to find folder.
avg - Unable to find folder.
seznam - Unable to find folder.
listicka - Unable to find folder.
Kaspersky - Unable to find folder.
360safe - Unable to find folder.
PC Tools - Unable to find folder.
ZhuDongFangYu - Unable to find folder.
========== regfind ==========
Searching for "SUPERAntiSpyware"
No data found.
Searching for "hitmanpro"
[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro_x64.exe]
Searching for "ad-aware"
No data found.
Searching for "seznam"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\308]
"lastResult"="Požadovaný soubor neexistuje. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 404 Not Found
"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\318]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\322]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\443]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail\filipavel@seznam.cz]
[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@C:\WINDOWS\system32\unregmp2.exe,-9800"="Přida&t do seznamu programu Windows Media Player"
[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%systemroot%\system32\browser.dll,-101"="Udržuje aktualizovaný seznam počítačů v síti a poskytuje seznam počítačů kvalifikovaných jako prohlížeče. Po zastavení služby nebude tento seznam dále aktualizován ani udržován. Jestliže je tato služba zakázána, nezdaří se spuštění žádných služeb, které na této službě závisí."
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CRLFile]
@="Seznam odvolaných certifikátů"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Components\3EDE92CC2CB71D119A12000A9CE1A22A]
"1029\ImportCFL"="vUpAVKkm@$!!!!!MKKSkOutlookImportExportFilesIntl_1029<Import kanálů RSS ze seznamu obecných informačních kanálů;Importuje informace o kanálech RSS ze seznamu obecných informačních kanálů.;RESIDENT;11"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Components\5B5EF7AEDE9827842B7BD01C302B3B02]
"lookup.xlam"="vUpAVGkm@$!!!!!MKKSkExcelAddinLookupFilesIntl_1029<Průvodce vyhledáváním\Pomůže vytvořit vzorce sloužící k vyhledávání dat v seznamech."
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Components\5B5EF7AEDE9827842B7BD01C302B3B02]
"sumif.xlam"="vUpAVGkm@$!!!!!MKKSkExcelAddinSumIfFilesIntl_1029<Průvodce podmíněným součtem\Pomůže vytvořit vzorce sloužící k sečítání vybraných dat v seznamech."
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\STLFile]
@="Seznam důvěryhodných certifikátů"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety hlasování/s 82 Zápisy do
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žádné jiné vlákno.) Tento
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idle thread tha
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety hlasování/s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žádné jiné vlá
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety hlasování/s
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\005]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žádné jiné vlá
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idl
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Counter"="1 1847 2 Systém 4 Paměť 6 % času procesoru 10 Operace čtení souborů/s 12 Operace zápisu souborů/s 14 Řídicí souborové operace/s 16 Bajty čtení souborů/s 18 Bajty zápisu souborů/s 20 Bajty ovládání souborů/s 24 Bajty k dispozici 26 Potvrzené bajty 28 Chyby stránkování/s 30 Mez potvrzení 32 Zápisy kopií/s 34 Chyby převodu stavu/s 36 Chyby mezipaměti/s 38 Chyby nulových požadavků/s 40 Stránky/s 42 Čtení stránek/s 44 Délka fronty procesoru 46 Stav vlákna 48 Výstup stránek/s 50 Zápisy stránek/s 52 Prohlížeč 54 Ohlášení serverů/s 56 Bajty stránkovaného fondu 58 Bajty nestránkovaného fondu 60 Vyhrazení stránkovaného fondu 64 Vyhrazení nestránkovaného fondu 66 Rezidentní bajty stránkovaného fondu 68 Celkem bajtů kódu systému 70 Rezidentní bajty kódu systému 72 Celkem bajtů systémových ovladačů 74 Rezidentní bajty systémových ovladačů 76 Rezidentní bajty systémové mezipaměti 78 Ohlášení domény/s 80 Pakety
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage]
"Help"="3 Objekt Sledování výkonu systému obsahuje čítače, které lze použít pro několik instancí jednotlivých procesorů v počítači. 5 Objekt sledování výkonu paměti obsahuje čítače, které popisují chování fyzické i virtuální paměti počítače. Fyzická paměť je velikost paměti s náhodným přístupem v počítači. Virtuální paměť se skládá z místa ve fyzické paměti a na disku. Řada čítačů paměti sleduje stránkování, což je přesun stránek obsahujících kód a data mezi diskem a fyzickou pamětí. Nadměrné stránkování, které naznačuje nedostatek paměti, pravděpodobně způsobí opoždění, které ovlivní všechny systémové procesy. 7 Čítač % času procesoru je procento doby, během které procesor zpracovává vlákno, které není nečinné. Hodnota je vypočítána odečtením procenta doby, během které procesor zpracovává nečinné vlákno, od hodnoty 100 %. (Každý procesor má nečinné vlákno, které je prováděno v případě, že není připraveno žá
[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%SystemRoot%\system32\netprofmsvc.dll,-202"="Služba seznamu sítí"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\308]
"lastResult"="Požadovaný soubor neexistuje. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 404 Not Found
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\318]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\322]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\443]
"lastResult"="Odpovědi serverů, od kterých nemáte povolení pro stahování tohoto souboru. Je možné, že adresa souboru je neplatná nebo má tato relace prošlou lhůtu platnosti.
Zkuste stahovanou relaci obnovit a získat novou adresu kliknutím pravého tlačítka v seznamu souborů IDM a výběrem položky "Obnovit adresu stahování".
Případně toto stahování smažte, spusťte ho v prohlížeči znovu a zkuste jej pomocí IDM stáhnout od začátku.
Podrobnosti:
HTTP/1.1 403 Forbidden
"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail\filipavel@seznam.cz]
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@C:\WINDOWS\system32\unregmp2.exe,-9800"="Přida&t do seznamu programu Windows Media Player"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%systemroot%\system32\browser.dll,-101"="Udržuje aktualizovaný seznam počítačů v síti a poskytuje seznam počítačů kvalifikovaných jako prohlížeče. Po zastavení služby nebude tento seznam dále aktualizován ani udržován. Jestliže je tato služba zakázána, nezdaří se spuštění žádných služeb, které na této službě závisí."
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001_Classes\Local Settings\MuiCache\3af\C4BA942C]
"@C:\WINDOWS\system32\unregmp2.exe,-9800"="Přida&t do seznamu programu Windows Media Player"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001_Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%systemroot%\system32\browser.dll,-101"="Udržuje aktualizovaný seznam počítačů v síti a poskytuje seznam počítačů kvalifikovaných jako prohlížeče. Po zastavení služby nebude tento seznam dále aktualizován ani udržován. Jestliže je tato služba zakázána, nezdaří se spuštění žádných služeb, které na této službě závisí."
[HKEY_USERS\S-1-5-18\Software\Classes\Local Settings\MuiCache\3af\C4BA942C]
"@%SystemRoot%\system32\netprofmsvc.dll,-202"="Služba seznamu sítí"
Searching for "listicka"
No data found.
Searching for "Kaspersky"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"Host"="devbuilds.kaspersky-labs.com"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"Referer"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"owWPage"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
"Url0"="http://devbuilds.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Host"="media.kaspersky.com"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Referer"="http://support.kaspersky.com/viruses/utility"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Cookie"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_vi=[CS]v1|2B4A859D853113E2-600001
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"owWPage"="http://support.kaspersky.com/viruses/utility"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"owWPCookies"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; KLMicroChannel=Referrer; s_cc=true; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmc=205612169; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; __utmt=1; __utmb=205612169.1.10.1452608264; ASP.NET_SessionId=24bz00qxaemxhdvuwqf115vt; ClientRouteNewSupport=5eb6451899f04416a515bb5531c904dc5e83e780b934d2c474c9b0d0f6cef324; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; __atuvc=1%7C2; __atuvs=56950b35da9ac6cc000; _ym_uid=14526083181009713708; _ym_isad=0; _ym_visorc_29743018=w; evar8=tddskiller.exe; s_vi=[CS]v1|2B4A859D853113E2-600001090017267A[CE]; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_nr=1452608328612-Repeat; s_sq=kasperskysupporten%3D%2526pid%253DS
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"Url0"="http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe"
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
"U0_c"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_vi=[CS]v1|2B4A859D853113E2-60000109
[HKEY_CURRENT_USER\SOFTWARE\KasperskyLab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\Client\Custom Actions]
"Kaspersky Anti-Spam"="4.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\mcouas.dll;1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookKLAsAddin.Addin]
"FriendlyName"="Kaspersky Outlook Anti-Spam Addin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\AVP15.0.0\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\AVP15.0.0\SavedData\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\Kaspersky Lab\UCPStorage\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KasperskyLab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC201F08-1B67-48A3-BDB9-9F4DAE9BC50B}]
"AppPath"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"Host"="devbuilds.kaspersky-labs.com"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"Referer"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"owWPage"="http://www.kaspersky.com/antivirus-removal-tool?form=1"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\379]
"Url0"="http://devbuilds.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Host"="media.kaspersky.com"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Referer"="http://support.kaspersky.com/viruses/utility"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Cookie"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F7
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"owWPage"="http://support.kaspersky.com/viruses/utility"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"owWPCookies"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; KLMicroChannel=Referrer; s_cc=true; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmc=205612169; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; __utmt=1; __utmb=205612169.1.10.1452608264; ASP.NET_SessionId=24bz00qxaemxhdvuwqf115vt; ClientRouteNewSupport=5eb6451899f04416a515bb5531c904dc5e83e780b934d2c474c9b0d0f6cef324; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; __atuvc=1%7C2; __atuvs=56950b35da9ac6cc000; _ym_uid=14526083181009713708; _ym_isad=0; _ym_visorc_29743018=w; evar8=tddskiller.exe; s_vi=[CS]v1|2B4A859D853113E2-600001090017267A[CE]; s_fid=2BE26505CD1B69CE-368AB27FEB06F794; s_nr=1452608328612-Repeat; s
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"Url0"="http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\DownloadManager\380]
"U0_c"="AMCV_983502BE532960BE0A490D4C%40AdobeOrg=-1785323188%7CMCIDTS%7C16813%7CMCMID%7C48919161870474888330628264293527093617%7CMCAAMLH-1453210179%7C6%7CMCAAMB-1453210179%7CcIBAx_aQzFEHcPoEv0GwcQ%7CMCAID%7CNONE; __utma=205612169.1424935212.1452605380.1452605380.1452608264.2; __utmz=205612169.1452608264.2.2.utmcsr=forum.viry.cz|utmccn=(referral)|utmcmd=referral|utmcct=/viewtopic.php; KLMicroChannel=Referrer; s_nr=1452608326174-Repeat; __utmc=205612169; s_cc=true; __utmb=205612169.1.10.1452608264; __utmt=1; s_sq=kasperskycomdev%252Ckaspersky-global%3D%2526pid%253DDownloads%252520%25253E%252520Free%252520Virus%252520Scan%252520%25253E%252520Download%252520Kaspersky%252520Virus%252520Removal%252520Tool%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fwww.kaspersky.com%25252Fdownloads%25252Ffree-antivirus-tools%2526ot%253DA; _ga=GA1.2.1424935212.1452605380; _gat=1; _gat_newTracker=1; s_fid=2BE26505CD1B69CE-368AB27FEB06F794
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\KasperskyLab]
Searching for "360safe"
[HKEY_CURRENT_USER\SOFTWARE\360safe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"61"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全卫士.lnk C:\Program Files (x86)\360\360safe\360Safe.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"62"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全防护中心.lnk C:\Program Files (x86)\360\360safe\safemon\360realpro.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"63"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360软件管家.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftManager.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"65"="C:\ProgramData\Microsoft\Windows\Start Menu\强力卸载电脑上的软件.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftupNotify.exe /RUNSOFTMGR"
[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\program files (x86)\360\360safe\mobilemgr\360mobilelink.exe.ApplicationCompany"="360.cn"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039219EC-5F9A-460E-8C72-86D5DC7B8683}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039219EC-5F9A-460E-8C72-86D5DC7B8683}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{039219EC-5F9A-460E-8C72-86D5DC7B8683}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056A6FBD-8148-443A-AAB2-DB3C46B1F083}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056A6FBD-8148-443A-AAB2-DB3C46B1F083}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056A6FBD-8148-443A-AAB2-DB3C46B1F083}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06F2A2CA-E0E2-47D7-A3EC-29FD090E7F86}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06F2A2CA-E0E2-47D7-A3EC-29FD090E7F86}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06F2A2CA-E0E2-47D7-A3EC-29FD090E7F86}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12793398-A212-446F-BA1E-1F1B5ABDB89C}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12793398-A212-446F-BA1E-1F1B5ABDB89C}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12793398-A212-446F-BA1E-1F1B5ABDB89C}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26CD0715-0722-479B-A8C7-29A911171774}\InProcServer32]
@="C:\Program Files (x86)\360\360safe\Utils\shell360ext64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A650B6F-1548-4294-AB07-F17604108156}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A650B6F-1548-4294-AB07-F17604108156}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A650B6F-1548-4294-AB07-F17604108156}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47F57C45-E7A1-4414-A6F0-A0865F6E4CA6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47F57C45-E7A1-4414-A6F0-A0865F6E4CA6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47F57C45-E7A1-4414-A6F0-A0865F6E4CA6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D88ED58-E7F0-4EF2-AE06-5D5873AD19C6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D88ED58-E7F0-4EF2-AE06-5D5873AD19C6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D88ED58-E7F0-4EF2-AE06-5D5873AD19C6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55F9A4E2-52B3-4743-9EA7-2FEE413DABB6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55F9A4E2-52B3-4743-9EA7-2FEE413DABB6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55F9A4E2-52B3-4743-9EA7-2FEE413DABB6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E19C0CE-C02C-46c2-98C3-A2E12EDE0E17}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\SoftMgr\SoftMgrExt64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63A39D0C-0B63-49EE-BB21-D106ED548C51}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63A39D0C-0B63-49EE-BB21-D106ED548C51}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63A39D0C-0B63-49EE-BB21-D106ED548C51}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A377734-9D9D-44AE-A69C-06E81F6C8064}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A377734-9D9D-44AE-A69C-06E81F6C8064}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A377734-9D9D-44AE-A69C-06E81F6C8064}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78A1990F-7561-4CB9-A8BF-B6CCF8AAEB97}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A148181-CEB9-4F5E-B5F2-CDC5B68BD3A8}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A148181-CEB9-4F5E-B5F2-CDC5B68BD3A8}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A148181-CEB9-4F5E-B5F2-CDC5B68BD3A8}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C0F6D57-E799-4C8A-A319-8E2B4D724CF0}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\Utils\shell360ext64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826D8B56-A99E-4CD2-8F38-CFCE2A7B89C4}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826D8B56-A99E-4CD2-8F38-CFCE2A7B89C4}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826D8B56-A99E-4CD2-8F38-CFCE2A7B89C4}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86A06468-8A7C-4EFA-A61C-9C0E911194C9}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86A06468-8A7C-4EFA-A61C-9C0E911194C9}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86A06468-8A7C-4EFA-A61C-9C0E911194C9}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0AB8231-8E73-410D-8D1C-BE1027EA19A3}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0AB8231-8E73-410D-8D1C-BE1027EA19A3}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0AB8231-8E73-410D-8D1C-BE1027EA19A3}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A23CB8EB-C9C4-475D-88C0-CC51933F2D9E}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A23CB8EB-C9C4-475D-88C0-CC51933F2D9E}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A23CB8EB-C9C4-475D-88C0-CC51933F2D9E}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1859F5-DF30-4EEC-9404-E5F32FD260B7}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1859F5-DF30-4EEC-9404-E5F32FD260B7}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1859F5-DF30-4EEC-9404-E5F32FD260B7}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0B3184D-90C8-4F4D-B19A-42B6C659378B}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0B3184D-90C8-4F4D-B19A-42B6C659378B}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0B3184D-90C8-4F4D-B19A-42B6C659378B}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A94B6A-60FB-4A19-8BA3-4A2068F1026D}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A94B6A-60FB-4A19-8BA3-4A2068F1026D}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A94B6A-60FB-4A19-8BA3-4A2068F1026D}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC00F81D-5262-450A-B1FA-D6BEE3406263}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1FD8167-E560-4B08-9F4E-CA89F979BD84}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8A9DF39-075A-4C8C-B48B-8121C37FFDF0}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8A9DF39-075A-4C8C-B48B-8121C37FFDF0}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8A9DF39-075A-4C8C-B48B-8121C37FFDF0}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E431A037-AE60-4D57-99D7-B402223AE8A0}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E431A037-AE60-4D57-99D7-B402223AE8A0}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E431A037-AE60-4D57-99D7-B402223AE8A0}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E715FE74-087F-4F4C-BB0A-0245C8A897E2}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E715FE74-087F-4F4C-BB0A-0245C8A897E2}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E715FE74-087F-4F4C-BB0A-0245C8A897E2}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE3F69E2-3085-4C46-B050-A45F008827D6}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE3F69E2-3085-4C46-B050-A45F008827D6}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE3F69E2-3085-4C46-B050-A45F008827D6}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE8C32E-C785-4B1F-A33B-FCD6942418BD}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE8C32E-C785-4B1F-A33B-FCD6942418BD}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE8C32E-C785-4B1F-A33B-FCD6942418BD}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6BC477E-2646-459A-9D6A-75902C24430D}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6BC477E-2646-459A-9D6A-75902C24430D}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F6BC477E-2646-459A-9D6A-75902C24430D}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1B1706-967F-4834-8405-2343A38E4086}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1B1706-967F-4834-8405-2343A38E4086}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1B1706-967F-4834-8405-2343A38E4086}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD6A8A28-DB7F-478C-A358-C989EFE02096}\DefaultIcon]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD6A8A28-DB7F-478C-A358-C989EFE02096}\InprocServer32]
@="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD6A8A28-DB7F-478C-A358-C989EFE02096}\Shell\Open]
"Icon"="C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
"Path"="C:\Program Files (x86)\360\360safe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
@="C:\Program Files (x86)\360\360safe\360safe.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\360krnlsvc\softmgrs]
"ImagePath"="C:\Program Files (x86)\360\360safe\SoftMgr\360SoftMgrS.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\AdvTools]
"InstalledTools"="<?xml version="1.0" encoding="utf-16"?><Tools><Tool Ids="360wechatclean" Name="微信清理" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360wechatclean__10_52.png" SmallIcon="" File=""></Tool><Tool Ids="ruanjianguanjia" Name="软件管家" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_32.png" File=""></Tool><Tool Ids="360JiShi" Name="人工服务" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_32.png" File=""></Tool><Tool Ids="360MobileMgr" Name="手机助手" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_32.png" File=""></Tool><Tool Ids="360bsc" Name="主页防护" Ico
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\AdvTools]
"EntryTools"="<?xml version="1.0" encoding="utf-16"?><Tools><Tool Ids="ruanjianguanjia" Name="软件管家" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360SoftManger_10_32.png" File=""></Tool><Tool Ids="360JiShi" Name="人工服务" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\360JiShi_10_32.png" File=""></Tool><Tool Ids="360MobileMgr" Name="手机助手" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_360MobileMgr_10_32.png" File=""></Tool><Tool Ids="WangSuCeShiQi" Name="宽带测速器" Icon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTools_NetSpeed_10_52.png" SmallIcon="C:\Program Files (x86)\360\360safe\Config\advtools\AdvanceTool
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360Ask]
"ImagePath"="C:\Program Files (x86)\360\360safe\netmon\360AskMsg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360Ask\360QandAExpert.exe]
@="C:\Program Files (x86)\360\360safe\netmon\360QandAExpert.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360GenRoad]
"ImagePath"="C:\Program Files (x86)\360\360safe\Utils\360GenRoadMsg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\KeepAlive\360PayInsure]
"ImagePath"="C:\Program Files (x86)\360\360safe\safemon\SomProxy.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\leak]
"SavePath"="C:\Program Files (x86)\360\360safe\hotfix"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\menuext\LiveUpdate360]
"Application"="C:\Program Files (x86)\360\360safe\LiveUpdate360.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\mobilemgr]
"360MobileSrv"="C:\Program Files (x86)\360\360safe\mobilemgr\360MobileSrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\tpi\360SafeCamera]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe\tpi\360SafeCamera]
"ImagePath"="safemon\360SafeCamera.tpi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
"Path"="C:\Program Files (x86)\360\360safe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\360safe.exe]
@="C:\Program Files (x86)\360\360safe\360safe.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\360AntiHacker]
"DisplayName"="360Safe Anti Hacker Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\360Camera]
"DisplayName"="360Safe Camera Filter Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\360Hvm]
"DisplayName"="360Safe HVM"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360AntiHacker]
"DisplayName"="360Safe Anti Hacker Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360Camera]
"DisplayName"="360Safe Camera Filter Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360Hvm]
"DisplayName"="360Safe HVM"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
[HKEY_USERS\.DEFAULT\Software\360Safe]
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\360safe]
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"61"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全卫士.lnk C:\Program Files (x86)\360\360safe\360Safe.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"62"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360安全防护中心.lnk C:\Program Files (x86)\360\360safe\safemon\360realpro.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"63"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360安全中心\360安全卫士\360软件管家.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftManager.exe"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"65"="C:\ProgramData\Microsoft\Windows\Start Menu\强力卸载电脑上的软件.lnk C:\Program Files (x86)\360\360safe\SoftMgr\SoftupNotify.exe /RUNSOFTMGR"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\program files (x86)\360\360safe\mobilemgr\360mobilelink.exe.ApplicationCompany"="360.cn"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\program files (x86)\360\360safe\mobilemgr\360mobilelink.exe.ApplicationCompany"="360.cn"
[HKEY_USERS\S-1-5-18\Software\360Safe]
Searching for "PC Tools"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a21e4614_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0883&subsys_1043829f&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\DownloadManager\Security]
"LastLangDownload"="C:\ProgramData\PC Tools\DownloadManager\SecurityLanguageFiles\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\DownloadManager\Security\7.0.0.0]
"LastScannerDownload"="C:\ProgramData\PC Tools\DownloadManager\SecurityScanner\9.1.0.2898-DMScannerSetup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\DownloadManager\Security\7.0.0.0]
"LastDBDownload"="C:\ProgramData\PC Tools\DownloadManager\SecurityDatabase\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PCTools\sdsetup.exe]
"Language Dir"="C:\Users\UIVATE~1\AppData\Local\Temp\PC Tools Download Manager\lang\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCTBD]
"DisplayName"="PC Tools Browser Defender Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCTBD]
"DisplayName"="PC Tools Browser Defender Driver"
[HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a21e4614_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0883&subsys_1043829f&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe%b{00000000-0000-0000-0000-000000000000}"
Searching for "ZhuDongFangYu"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZhuDongFangYu]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZhuDongFangYu]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZhuDongFangYu]
"ImagePath"=""C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe""
========== folderfind ==========
Searching for "SUPERAntiSpyware"
No folders found.
Searching for "hitmanpro"
C:\ProgramData\HitmanPro d------ [03:44 03/01/2015]
C:\Users\All Users\HitmanPro d------ [03:44 03/01/2015]
Searching for "ad-aware"
No folders found.
Searching for "seznam"
No folders found.
Searching for "listicka"
No folders found.
Searching for "Kaspersky"
No folders found.
Searching for "360safe"
C:\FRST\Quarantine\C\Program Files (x86)\360\360safe d------ [15:59 28/01/2016]
C:\Program Files (x86)\360\360safe d------ [23:03 15/01/2016]
C:\Users\Default\AppData\Roaming\360safe d------ [13:30 19/01/2016]
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\360safe d------ [15:59 27/01/2016]
Searching for "PC Tools"
C:\ProgramData\PC Tools d------ [11:13 19/01/2016]
C:\Users\All Users\PC Tools d------ [11:13 19/01/2016]
Searching for "ZhuDongFangYu"
No folders found.
========== process ==========
SUPERAntiSpyware - Unable to open process handle.
hitmanpro - Unable to open process handle.
ad-aware - Unable to open process handle.
avg - Unable to open process handle.
seznam - Unable to open process handle.
listicka - Unable to open process handle.
Kaspersky - Unable to open process handle.
360safe - Unable to open process handle.
PC Tools - Unable to open process handle.
ZhuDongFangYu - Unable to open process handle.
-= EOF =-
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro_x64.exe]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\360safe]
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Uživatel (2016-01-29 09:51:09) Run:2
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel & andro & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro_x64.exe]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\360safe]
EmptyTemp:
End
*****************
Processes closed successfully.
[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro] => Error: No automatic fix found for this entry.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro.exe] => Error: No automatic fix found for this entry.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro_x64.exe] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\360safe] => Error: No automatic fix found for this entry.
EmptyTemp: => 363.3 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 09:51:55 ====
Ran by Uživatel (2016-01-29 09:51:09) Run:2
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel & andro & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro_x64.exe]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380]
[HKEY_CURRENT_USER\SOFTWARE\360safe]
EmptyTemp:
End
*****************
Processes closed successfully.
[HKEY_LOCAL_MACHINE\SOFTWARE\HitmanPro] => Error: No automatic fix found for this entry.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro.exe] => Error: No automatic fix found for this entry.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\HitmanPro_x64.exe] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\379] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\DownloadManager\380] => Error: No automatic fix found for this entry.
[HKEY_CURRENT_USER\SOFTWARE\360safe] => Error: No automatic fix found for this entry.
EmptyTemp: => 363.3 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 09:51:55 ====
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
Jak to vypadá teď?
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
System jako takovej a rychlost zdá se OK ale co se týká vyhledávačů pořa´d stejný .Beze změn.
Jinak ta složka 360safe je tam pořád .Nejsde odstranit.
Jinak ta složka 360safe je tam pořád .Nejsde odstranit.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
OTL logfile created on: 29.1.2016 17:01:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Uživatel\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
6,00 Gb Total Physical Memory | 4,24 Gb Available Physical Memory | 70,62% Memory free
7,25 Gb Paging File | 5,59 Gb Available in Paging File | 77,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,35 Gb Total Space | 66,94 Gb Free Space | 28,81% Space Free | Partition Type: NTFS
Computer Name: UZIVATEL_PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Uživatel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe (ZONER software)
PRC - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.)
PRC - C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._windows_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._misc_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._wizard.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._html2.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._core_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._controls_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._gdi_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32security.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._animate.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32ts.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32profile.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32com.shell.shell.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32gui.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32file.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32inet.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32process.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32pdh.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32pipe.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32event.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32crypt.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\unicodedata.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32api.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\usb_ext.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\thumbnails_ext.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pythoncom27.dll ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pyexpat.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\select.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\common.time34.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\hashobjs_ext.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_ssl.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_hashlib.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_elementtree.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_socket.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_psutil_windows.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_multiprocessing.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_yappi.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pywintypes27.dll ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\fastpath.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\enterprisedataadapter.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\librsync.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32service.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32ts.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32security.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32process.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32profile.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32gui.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32file.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32event.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32api.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\sip.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\select.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll ()
MOD - C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ZhuDongFangYu) -- C:\Program Files (x86)\360\360safe\deepscan\ZhuDongFangYu.exe (360.cn)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
SRV - (dbupdatem) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (dbupdate) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\lfsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ss_conn_service) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (UPnPService) -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
========== Driver Services (SafeList) ==========
DRV:64bit: - (360AntiHacker) -- C:\Windows\SysNative\drivers\360AntiHacker64.sys (360.cn)
DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.)
DRV:64bit: - (360FsFlt) -- C:\Windows\SysNative\drivers\360FsFlt.sys (360.cn)
DRV:64bit: - (BAPIDRV) -- C:\Windows\SysNative\drivers\BAPIDRV64.SYS (360.cn)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (360Hvm) -- C:\Windows\SysNative\drivers\360Hvm64.sys (360安全中心)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (360Box64) -- C:\Windows\SysNative\drivers\360Box64.sys (360.cn)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (IoQos) -- C:\Windows\SysNative\drivers\ioqos.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys ()
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (LSI Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (fcvsc) -- C:\Windows\SysNative\drivers\fcvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (DsArk) -- C:\Windows\SysNative\drivers\DsArk64.sys (360.cn)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (EUFDDISK) -- C:\Windows\SysNative\drivers\EuFdDisk.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV:64bit: - (EUBAKUP) -- C:\Windows\SysNative\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV:64bit: - (EUBKMON) -- C:\Windows\SysNative\drivers\EUBKMON.sys ()
DRV:64bit: - (EUDSKACS) -- C:\Windows\SysNative\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV:64bit: - (360Camera) -- C:\Windows\SysNative\drivers\360Camera64.sys (360.cn)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys ()
DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys ()
DRV:64bit: - (PCTBD) -- C:\Windows\SysNative\drivers\PCTBD64.sys (PC Tools)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (AtcL001) -- C:\Windows\SysNative\drivers\l160x64.sys (Atheros Communications, Inc.)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AVND_csCZ563
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: mozilla_cc2%40internetdownloadmanager.com:6.23.22
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.4
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\SkypePlugin: C:\Users\Uživatel\AppData\Local\SkypePlugin\7.10.0.93\npGatewayNpapi.dll File not found
FF - HKCU\Software\MozillaPlugins\SkypePlugin64: C:\Users\Uživatel\AppData\Local\SkypePlugin\7.10.0.93\npGatewayNpapi-x64.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.01.16 00:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015.09.23 10:20:36 | 000,029,743 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.01.16 00:03:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.5.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.5.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015.09.23 10:20:36 | 000,029,743 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 [2016.01.29 09:56:20 | 000,000,000 | ---D | M]
[2013.11.21 15:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions
[2016.01.28 16:59:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\extensions
[2016.01.25 16:09:50 | 000,074,654 | ---- | M] () (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\firefox\profiles\pw77fm83.default-1453721257506\extensions\translator@zoli.bod.xpi
[2016.01.16 00:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016.01.07 17:14:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.09.23 10:20:36 | 000,029,743 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IDMMZCC2.XPI
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PW77FM83.DEFAULT-1453721257506\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Uživatel\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
6,00 Gb Total Physical Memory | 4,24 Gb Available Physical Memory | 70,62% Memory free
7,25 Gb Paging File | 5,59 Gb Available in Paging File | 77,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,35 Gb Total Space | 66,94 Gb Free Space | 28,81% Space Free | Partition Type: NTFS
Computer Name: UZIVATEL_PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Uživatel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe (ZONER software)
PRC - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.)
PRC - C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._windows_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._misc_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._wizard.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._html2.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._core_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._controls_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._gdi_.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32security.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\wx._animate.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32ts.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32profile.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32com.shell.shell.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32gui.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32file.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32inet.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32process.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32pdh.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32pipe.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32event.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32crypt.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\unicodedata.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\win32api.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\usb_ext.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\thumbnails_ext.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pythoncom27.dll ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pyexpat.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\select.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\common.time34.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\hashobjs_ext.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_ssl.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_hashlib.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_elementtree.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_socket.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_psutil_windows.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_multiprocessing.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_yappi.pyd ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\pywintypes27.dll ()
MOD - C:\Users\UIVATE~1\AppData\Local\Temp\_MEI20602\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\fastpath.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\enterprisedataadapter.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\librsync.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32service.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32ts.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32security.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32process.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32profile.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32gui.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32file.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32event.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32api.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\sip.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\select.pyd ()
MOD - C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll ()
MOD - C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll ()
MOD - C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ZhuDongFangYu) -- C:\Program Files (x86)\360\360safe\deepscan\ZhuDongFangYu.exe (360.cn)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
SRV - (dbupdatem) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (dbupdate) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\lfsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ss_conn_service) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (UPnPService) -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
========== Driver Services (SafeList) ==========
DRV:64bit: - (360AntiHacker) -- C:\Windows\SysNative\drivers\360AntiHacker64.sys (360.cn)
DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.)
DRV:64bit: - (360FsFlt) -- C:\Windows\SysNative\drivers\360FsFlt.sys (360.cn)
DRV:64bit: - (BAPIDRV) -- C:\Windows\SysNative\drivers\BAPIDRV64.SYS (360.cn)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (360Hvm) -- C:\Windows\SysNative\drivers\360Hvm64.sys (360安全中心)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (360Box64) -- C:\Windows\SysNative\drivers\360Box64.sys (360.cn)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (IoQos) -- C:\Windows\SysNative\drivers\ioqos.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys ()
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (LSI Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (fcvsc) -- C:\Windows\SysNative\drivers\fcvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (DsArk) -- C:\Windows\SysNative\drivers\DsArk64.sys (360.cn)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (EUFDDISK) -- C:\Windows\SysNative\drivers\EuFdDisk.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV:64bit: - (EUBAKUP) -- C:\Windows\SysNative\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV:64bit: - (EUBKMON) -- C:\Windows\SysNative\drivers\EUBKMON.sys ()
DRV:64bit: - (EUDSKACS) -- C:\Windows\SysNative\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV:64bit: - (360Camera) -- C:\Windows\SysNative\drivers\360Camera64.sys (360.cn)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys ()
DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys ()
DRV:64bit: - (PCTBD) -- C:\Windows\SysNative\drivers\PCTBD64.sys (PC Tools)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (AtcL001) -- C:\Windows\SysNative\drivers\l160x64.sys (Atheros Communications, Inc.)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AVND_csCZ563
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: mozilla_cc2%40internetdownloadmanager.com:6.23.22
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.4
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\SkypePlugin: C:\Users\Uživatel\AppData\Local\SkypePlugin\7.10.0.93\npGatewayNpapi.dll File not found
FF - HKCU\Software\MozillaPlugins\SkypePlugin64: C:\Users\Uživatel\AppData\Local\SkypePlugin\7.10.0.93\npGatewayNpapi-x64.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.01.16 00:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015.09.23 10:20:36 | 000,029,743 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 43.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.01.16 00:03:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.5.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.5.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015.09.23 10:20:36 | 000,029,743 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 [2016.01.29 09:56:20 | 000,000,000 | ---D | M]
[2013.11.21 15:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions
[2016.01.28 16:59:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\extensions
[2016.01.25 16:09:50 | 000,074,654 | ---- | M] () (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\firefox\profiles\pw77fm83.default-1453721257506\extensions\translator@zoli.bod.xpi
[2016.01.16 00:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016.01.07 17:14:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.09.23 10:20:36 | 000,029,743 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\INTERNET DOWNLOAD MANAGER\IDMMZCC2.XPI
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PW77FM83.DEFAULT-1453721257506\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjjpjlfhblplbkoageianfkfbkghphj\1.2_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2016.01.27 19:04:45 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [OneDrive] C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE (ZONER software)
O4 - Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Degoo .lnk = C:\Users\Uživatel\AppData\Local\Degoo\Degoo.exe (Degoo Backup AB)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11d222f1-9a0c-4d7e-b2bd-20aa0ccaeea3}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.09.09 16:38:55 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4419ee4d-522f-11e4-b4c8-74ea3a83a929}\Shell - "" = AutoRun
O33 - MountPoints2\{4419ee4d-522f-11e4-b4c8-74ea3a83a929}\Shell\AutoRun\command - "" = "E:\iStudio.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016.01.29 16:50:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Uživatel\Desktop\OTL.exe
[2016.01.29 09:18:59 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2016.01.28 17:01:23 | 000,000,000 | RHSD | C] -- C:\360SANDBOX
[2016.01.28 12:58:41 | 000,000,000 | ---D | C] -- C:\FRST
[2016.01.28 12:57:34 | 002,370,560 | ---- | C] (Farbar) -- C:\Users\Uživatel\Desktop\FRST64_2.exe
[2016.01.28 12:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2016.01.28 12:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2016.01.28 12:50:30 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\Uživatel\Desktop\aswmbr.exe
[2016.01.28 12:33:05 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\backups
[2016.01.28 11:53:41 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Avg
[2016.01.28 11:53:18 | 000,000,000 | ---D | C] -- C:\AVG_Remover
[2016.01.28 11:34:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Microsoft
[2016.01.27 20:19:14 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\VS Revo Group
[2016.01.27 19:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2016.01.27 19:54:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.01.27 19:42:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2016.01.27 19:42:33 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Temp
[2016.01.27 18:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016.01.27 17:18:16 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\Nová složka
[2016.01.27 17:00:07 | 000,077,904 | ---- | C] (360.cn) -- C:\WINDOWS\SysWow64\drivers\360AvFlt.sys
[2016.01.26 07:02:48 | 000,079,064 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\hxmrkdcb.sys
[2016.01.25 19:53:33 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Degoo
[2016.01.25 19:50:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\.swt
[2016.01.25 19:49:53 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Degoo
[2016.01.25 19:49:42 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Degoo
[2016.01.25 12:27:44 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\Původní data aplikace Firefox
[2016.01.25 09:11:41 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\SysNative\bootdelete.exe
[2016.01.24 20:03:27 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\Fleška
[2016.01.24 19:07:25 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\360CloudUI
[2016.01.21 16:46:12 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Doctor Web
[2016.01.19 15:13:16 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Documents\Inbox Storage
[2016.01.19 14:15:43 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2016.01.19 14:15:43 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2016.01.19 14:15:43 | 000,150,648 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2016.01.19 14:15:43 | 000,077,144 | ---- | C] (PC Tools) -- C:\WINDOWS\SysNative\drivers\PCTBD64.sys
[2016.01.19 12:14:09 | 000,253,256 | ---- | C] (PC Tools) -- C:\WINDOWS\SysNative\drivers\PCTSD64.sys
[2016.01.19 12:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2016.01.19 12:13:30 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\TestApp
[2016.01.17 18:43:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2016.01.16 20:06:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ariva Editor_SATELIT
[2016.01.16 19:26:43 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Homepager
[2016.01.16 00:16:31 | 000,136,272 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\DsArk64.sys
[2016.01.16 00:03:42 | 000,375,376 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360FsFlt.sys
[2016.01.16 00:03:42 | 000,181,328 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\BAPIDRV64.SYS
[2016.01.16 00:03:40 | 000,191,568 | ---- | C] (360安全中心) -- C:\WINDOWS\SysNative\drivers\360Hvm64.sys
[2016.01.16 00:03:40 | 000,137,808 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360AntiHacker64.sys
[2016.01.16 00:03:40 | 000,040,520 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360Camera64.sys
[2016.01.16 00:03:39 | 000,321,616 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360Box64.sys
[2016.01.13 16:35:23 | 021,873,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016.01.13 16:35:19 | 018,802,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016.01.13 16:35:11 | 000,695,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOD.DLL
[2016.01.13 16:35:11 | 000,368,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL
[2016.01.13 16:35:11 | 000,305,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSDECD.DLL
[2016.01.13 16:35:11 | 000,188,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2016.01.13 16:35:11 | 000,083,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfvdsp.dll
[2016.01.13 16:35:10 | 002,641,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2016.01.13 16:35:10 | 002,459,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2016.01.13 16:35:10 | 000,787,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOD.DLL
[2016.01.13 16:35:10 | 000,377,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL
[2016.01.13 16:35:10 | 000,345,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSDECD.DLL
[2016.01.13 16:35:10 | 000,205,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2016.01.13 16:35:10 | 000,115,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2016.01.13 16:35:09 | 002,162,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVENCOD.DLL
[2016.01.13 16:35:09 | 001,991,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVENCOD.DLL
[2016.01.13 16:35:09 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2016.01.13 16:35:09 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2016.01.13 16:35:09 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSENCD.DLL
[2016.01.13 16:35:09 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSENCD.DLL
[2016.01.13 16:35:09 | 000,107,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2016.01.13 16:35:09 | 000,072,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfvdsp.dll
[2016.01.13 16:35:08 | 001,672,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2016.01.13 16:35:08 | 001,541,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2016.01.13 16:35:08 | 001,063,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2016.01.13 16:35:08 | 000,882,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2016.01.13 16:35:08 | 000,862,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2016.01.13 16:35:08 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qdvd.dll
[2016.01.13 16:35:07 | 001,270,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2016.01.13 16:35:07 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOE.DLL
[2016.01.13 16:35:07 | 001,070,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
[2016.01.13 16:35:07 | 000,751,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOE.DLL
[2016.01.13 16:35:07 | 000,696,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOE.DLL
[2016.01.13 16:35:06 | 001,150,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016.01.13 16:35:06 | 001,106,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2016.01.13 16:35:06 | 001,009,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOD.DLL
[2016.01.13 16:35:06 | 000,890,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
[2016.01.13 16:35:06 | 000,714,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2016.01.13 16:35:06 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2016.01.13 16:35:05 | 000,931,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2016.01.13 16:35:05 | 000,871,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2016.01.13 16:35:05 | 000,779,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2016.01.13 16:35:05 | 000,667,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2016.01.13 16:35:04 | 002,824,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2016.01.13 16:35:04 | 000,678,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2016.01.13 16:35:04 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2016.01.13 16:35:04 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFWMAAEC.DLL
[2016.01.13 16:35:04 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFWMAAEC.DLL
[2016.01.13 16:35:03 | 008,022,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016.01.13 16:35:03 | 002,463,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016.01.13 16:35:03 | 000,233,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2016.01.13 16:35:03 | 000,090,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devenum.dll
[2016.01.13 16:35:03 | 000,082,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\devenum.dll
[2016.01.13 16:35:02 | 007,523,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016.01.13 16:35:02 | 000,772,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016.01.13 16:35:02 | 000,635,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2016.01.13 16:35:01 | 000,723,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2016.01.13 16:35:01 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2016.01.13 16:35:01 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2016.01.13 16:35:01 | 000,441,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016.01.13 16:35:01 | 000,208,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2016.01.13 16:35:00 | 002,152,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016.01.13 16:35:00 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qdvd.dll
[2016.01.13 16:35:00 | 000,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksproxy.ax
[2016.01.13 16:35:00 | 000,249,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2016.01.13 16:35:00 | 000,232,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2016.01.13 16:34:59 | 005,454,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016.01.13 16:34:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksproxy.ax
[2016.01.13 16:34:41 | 000,278,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP43DECD.DLL
[2016.01.13 16:34:37 | 000,277,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MPG4DECD.DLL
[2016.01.13 16:34:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgrcli.dll
[2016.01.13 16:34:17 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2016.01.13 16:34:16 | 002,445,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2016.01.13 16:34:16 | 000,784,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016.01.13 16:34:16 | 000,781,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2016.01.13 16:34:16 | 000,251,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP43DECD.DLL
[2016.01.13 16:34:16 | 000,250,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MPG4DECD.DLL
[2016.01.13 16:34:16 | 000,119,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2016.01.13 16:34:16 | 000,100,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2016.01.13 16:34:15 | 001,591,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2016.01.13 16:34:15 | 000,658,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2016.01.13 16:34:15 | 000,645,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016.01.13 16:34:15 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016.01.13 16:34:14 | 001,817,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2016.01.13 16:34:13 | 001,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016.01.13 16:34:13 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2016.01.13 16:34:13 | 000,243,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2016.01.13 16:34:13 | 000,116,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2016.01.13 16:34:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usermgrcli.dll
[2016.01.13 16:34:12 | 001,234,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016.01.13 16:34:12 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2016.01.13 16:34:12 | 000,771,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016.01.13 16:34:12 | 000,650,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2016.01.13 16:34:12 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2016.01.13 16:34:12 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2016.01.12 13:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
[2016.01.10 12:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\MiniTool Partition Wizard Free 9.1
[2016.01.10 11:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Remo Repair AVI 2.0
[2016.01.10 10:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\VIRTUALDUB
[2016.01.09 20:08:53 | 000,000,000 | ---D | C] -- C:\Brother's Keeper 7
[2016.01.09 20:07:12 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox10.ocx
[2016.01.09 20:07:12 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unicows.dll
[2016.01.09 20:07:12 | 000,170,496 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPNG12N.DLL
[2016.01.09 20:07:12 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\temp.000
[2016.01.09 20:07:12 | 000,121,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFMPG12N.DLL
[2016.01.09 20:07:12 | 000,056,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPSD12N.DLL
[2016.01.09 20:07:12 | 000,042,496 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFGIF12N.DLL
[2016.01.09 20:07:12 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFLMA12N.DLL
[2016.01.09 20:07:12 | 000,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPCX12N.DLL
[2016.01.09 20:07:12 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFLMB12N.DLL
[2016.01.09 20:07:12 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFEPS12N.DLL
[2016.01.09 20:07:12 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFWPG12N.DLL
[2016.01.09 20:07:12 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFIMG12N.DLL
[2016.01.09 20:07:12 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPCD12N.DLL
[2016.01.09 20:07:12 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFMSP12N.DLL
[2016.01.09 20:07:12 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brother's Keeper 7
[2016.01.09 20:07:11 | 000,751,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LTANN12N.DLL
[2016.01.09 20:07:11 | 000,227,328 | ---- | C] (MicroHelp, Inc.) -- C:\WINDOWS\SysWow64\comppl32.dll
[2016.01.09 20:07:11 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ComCt232.ocx
[2016.01.09 20:07:11 | 000,122,880 | ---- | C] (Crescent Division of Progress Software Corporation) -- C:\WINDOWS\SysWow64\qpro32.dll
[2016.01.09 20:07:11 | 000,103,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSComm32.ocx
[2016.01.09 20:07:11 | 000,062,464 | ---- | C] (Btrieve Technologies, Inc.) -- C:\WINDOWS\SysWow64\wbtrv32.dll
[2016.01.09 20:07:11 | 000,039,936 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LTTWN12N.DLL
[2016.01.09 20:07:11 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFAVI12N.DLL
[2016.01.09 20:07:09 | 001,011,712 | ---- | C] (Janus Systems SA de CV) -- C:\WINDOWS\SysWow64\Gridex16.ocx
[2016.01.09 20:07:09 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TABCTL32.OCX
[2016.01.09 20:07:09 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RichTx32.ocx
[2016.01.09 20:07:09 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SysInfo.ocx
[2016.01.09 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2016.01.07 17:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016.01.06 08:42:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Documents\MyHeritage
[2016.01.06 08:42:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\MyHeritage
[2016.01.06 08:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MyHeritage
[2016.01.06 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
[2016.01.06 08:41:40 | 002,029,056 | ---- | C] (Bytescout) -- C:\WINDOWS\SysWow64\PDFDocScout.DLL
[2016.01.06 08:41:40 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comctl32.ocx
[2016.01.06 08:41:40 | 000,606,208 | ---- | C] (Lorenzi Davide) -- C:\WINDOWS\SysWow64\HexUniRTFBox.ocx
[2016.01.06 08:41:40 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\ijl15.dll
[2016.01.06 08:41:40 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmapi32.ocx
[2016.01.06 08:41:39 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2016.01.06 08:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyHeritage
[2016.01.05 19:43:18 | 000,826,872 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2016.01.05 19:43:18 | 000,176,632 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2016.01.01 20:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2016.01.01 20:18:30 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Notepad++
[2016.01.01 20:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2015.03.29 10:19:53 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Uživatel\AppData\Roaming\pcouffin.sys
[8 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjjpjlfhblplbkoageianfkfbkghphj\1.2_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2016.01.27 19:04:45 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [OneDrive] C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE (ZONER software)
O4 - Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Degoo .lnk = C:\Users\Uživatel\AppData\Local\Degoo\Degoo.exe (Degoo Backup AB)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11d222f1-9a0c-4d7e-b2bd-20aa0ccaeea3}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.09.09 16:38:55 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4419ee4d-522f-11e4-b4c8-74ea3a83a929}\Shell - "" = AutoRun
O33 - MountPoints2\{4419ee4d-522f-11e4-b4c8-74ea3a83a929}\Shell\AutoRun\command - "" = "E:\iStudio.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016.01.29 16:50:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Uživatel\Desktop\OTL.exe
[2016.01.29 09:18:59 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2016.01.28 17:01:23 | 000,000,000 | RHSD | C] -- C:\360SANDBOX
[2016.01.28 12:58:41 | 000,000,000 | ---D | C] -- C:\FRST
[2016.01.28 12:57:34 | 002,370,560 | ---- | C] (Farbar) -- C:\Users\Uživatel\Desktop\FRST64_2.exe
[2016.01.28 12:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2016.01.28 12:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2016.01.28 12:50:30 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\Uživatel\Desktop\aswmbr.exe
[2016.01.28 12:33:05 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\backups
[2016.01.28 11:53:41 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Avg
[2016.01.28 11:53:18 | 000,000,000 | ---D | C] -- C:\AVG_Remover
[2016.01.28 11:34:47 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Microsoft
[2016.01.27 20:19:14 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\VS Revo Group
[2016.01.27 19:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2016.01.27 19:54:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.01.27 19:42:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2016.01.27 19:42:33 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Temp
[2016.01.27 18:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016.01.27 17:18:16 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\Nová složka
[2016.01.27 17:00:07 | 000,077,904 | ---- | C] (360.cn) -- C:\WINDOWS\SysWow64\drivers\360AvFlt.sys
[2016.01.26 07:02:48 | 000,079,064 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\hxmrkdcb.sys
[2016.01.25 19:53:33 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Degoo
[2016.01.25 19:50:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\.swt
[2016.01.25 19:49:53 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Degoo
[2016.01.25 19:49:42 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Degoo
[2016.01.25 12:27:44 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\Původní data aplikace Firefox
[2016.01.25 09:11:41 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\SysNative\bootdelete.exe
[2016.01.24 20:03:27 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\Fleška
[2016.01.24 19:07:25 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\360CloudUI
[2016.01.21 16:46:12 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Doctor Web
[2016.01.19 15:13:16 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Documents\Inbox Storage
[2016.01.19 14:15:43 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2016.01.19 14:15:43 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2016.01.19 14:15:43 | 000,150,648 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2016.01.19 14:15:43 | 000,077,144 | ---- | C] (PC Tools) -- C:\WINDOWS\SysNative\drivers\PCTBD64.sys
[2016.01.19 12:14:09 | 000,253,256 | ---- | C] (PC Tools) -- C:\WINDOWS\SysNative\drivers\PCTSD64.sys
[2016.01.19 12:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2016.01.19 12:13:30 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\TestApp
[2016.01.17 18:43:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2016.01.16 20:06:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ariva Editor_SATELIT
[2016.01.16 19:26:43 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Homepager
[2016.01.16 00:16:31 | 000,136,272 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\DsArk64.sys
[2016.01.16 00:03:42 | 000,375,376 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360FsFlt.sys
[2016.01.16 00:03:42 | 000,181,328 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\BAPIDRV64.SYS
[2016.01.16 00:03:40 | 000,191,568 | ---- | C] (360安全中心) -- C:\WINDOWS\SysNative\drivers\360Hvm64.sys
[2016.01.16 00:03:40 | 000,137,808 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360AntiHacker64.sys
[2016.01.16 00:03:40 | 000,040,520 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360Camera64.sys
[2016.01.16 00:03:39 | 000,321,616 | ---- | C] (360.cn) -- C:\WINDOWS\SysNative\drivers\360Box64.sys
[2016.01.13 16:35:23 | 021,873,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016.01.13 16:35:19 | 018,802,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016.01.13 16:35:11 | 000,695,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOD.DLL
[2016.01.13 16:35:11 | 000,368,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL
[2016.01.13 16:35:11 | 000,305,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSDECD.DLL
[2016.01.13 16:35:11 | 000,188,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2016.01.13 16:35:11 | 000,083,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfvdsp.dll
[2016.01.13 16:35:10 | 002,641,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2016.01.13 16:35:10 | 002,459,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2016.01.13 16:35:10 | 000,787,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOD.DLL
[2016.01.13 16:35:10 | 000,377,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL
[2016.01.13 16:35:10 | 000,345,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSDECD.DLL
[2016.01.13 16:35:10 | 000,205,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2016.01.13 16:35:10 | 000,115,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2016.01.13 16:35:09 | 002,162,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVENCOD.DLL
[2016.01.13 16:35:09 | 001,991,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVENCOD.DLL
[2016.01.13 16:35:09 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2016.01.13 16:35:09 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2016.01.13 16:35:09 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSENCD.DLL
[2016.01.13 16:35:09 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSENCD.DLL
[2016.01.13 16:35:09 | 000,107,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2016.01.13 16:35:09 | 000,072,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfvdsp.dll
[2016.01.13 16:35:08 | 001,672,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2016.01.13 16:35:08 | 001,541,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2016.01.13 16:35:08 | 001,063,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2adec.dll
[2016.01.13 16:35:08 | 000,882,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2adec.dll
[2016.01.13 16:35:08 | 000,862,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2016.01.13 16:35:08 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qdvd.dll
[2016.01.13 16:35:07 | 001,270,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2016.01.13 16:35:07 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOE.DLL
[2016.01.13 16:35:07 | 001,070,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
[2016.01.13 16:35:07 | 000,751,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMADMOE.DLL
[2016.01.13 16:35:07 | 000,696,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMADMOE.DLL
[2016.01.13 16:35:06 | 001,150,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016.01.13 16:35:06 | 001,106,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2016.01.13 16:35:06 | 001,009,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMSPDMOD.DLL
[2016.01.13 16:35:06 | 000,890,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
[2016.01.13 16:35:06 | 000,714,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2016.01.13 16:35:06 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2016.01.13 16:35:05 | 000,931,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2016.01.13 16:35:05 | 000,871,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
[2016.01.13 16:35:05 | 000,779,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2016.01.13 16:35:05 | 000,667,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2016.01.13 16:35:04 | 002,824,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2016.01.13 16:35:04 | 000,678,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2016.01.13 16:35:04 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2016.01.13 16:35:04 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFWMAAEC.DLL
[2016.01.13 16:35:04 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFWMAAEC.DLL
[2016.01.13 16:35:03 | 008,022,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016.01.13 16:35:03 | 002,463,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016.01.13 16:35:03 | 000,233,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2016.01.13 16:35:03 | 000,090,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devenum.dll
[2016.01.13 16:35:03 | 000,082,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\devenum.dll
[2016.01.13 16:35:02 | 007,523,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016.01.13 16:35:02 | 000,772,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016.01.13 16:35:02 | 000,635,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2016.01.13 16:35:01 | 000,723,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2016.01.13 16:35:01 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2016.01.13 16:35:01 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2016.01.13 16:35:01 | 000,441,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016.01.13 16:35:01 | 000,208,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2016.01.13 16:35:00 | 002,152,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016.01.13 16:35:00 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qdvd.dll
[2016.01.13 16:35:00 | 000,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ksproxy.ax
[2016.01.13 16:35:00 | 000,249,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RESAMPLEDMO.DLL
[2016.01.13 16:35:00 | 000,232,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
[2016.01.13 16:34:59 | 005,454,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016.01.13 16:34:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ksproxy.ax
[2016.01.13 16:34:41 | 000,278,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP43DECD.DLL
[2016.01.13 16:34:37 | 000,277,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MPG4DECD.DLL
[2016.01.13 16:34:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgrcli.dll
[2016.01.13 16:34:17 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2016.01.13 16:34:16 | 002,445,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2016.01.13 16:34:16 | 000,784,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016.01.13 16:34:16 | 000,781,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2016.01.13 16:34:16 | 000,251,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP43DECD.DLL
[2016.01.13 16:34:16 | 000,250,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MPG4DECD.DLL
[2016.01.13 16:34:16 | 000,119,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP3DMOD.DLL
[2016.01.13 16:34:16 | 000,100,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP3DMOD.DLL
[2016.01.13 16:34:15 | 001,591,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2016.01.13 16:34:15 | 000,658,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2016.01.13 16:34:15 | 000,645,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016.01.13 16:34:15 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016.01.13 16:34:14 | 001,817,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2016.01.13 16:34:13 | 001,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016.01.13 16:34:13 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2016.01.13 16:34:13 | 000,243,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2016.01.13 16:34:13 | 000,116,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2016.01.13 16:34:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usermgrcli.dll
[2016.01.13 16:34:12 | 001,234,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016.01.13 16:34:12 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2016.01.13 16:34:12 | 000,771,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016.01.13 16:34:12 | 000,650,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2016.01.13 16:34:12 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2016.01.13 16:34:12 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2016.01.12 13:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
[2016.01.10 12:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\MiniTool Partition Wizard Free 9.1
[2016.01.10 11:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Remo Repair AVI 2.0
[2016.01.10 10:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\VIRTUALDUB
[2016.01.09 20:08:53 | 000,000,000 | ---D | C] -- C:\Brother's Keeper 7
[2016.01.09 20:07:12 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox10.ocx
[2016.01.09 20:07:12 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unicows.dll
[2016.01.09 20:07:12 | 000,170,496 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPNG12N.DLL
[2016.01.09 20:07:12 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\temp.000
[2016.01.09 20:07:12 | 000,121,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFMPG12N.DLL
[2016.01.09 20:07:12 | 000,056,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPSD12N.DLL
[2016.01.09 20:07:12 | 000,042,496 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFGIF12N.DLL
[2016.01.09 20:07:12 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFLMA12N.DLL
[2016.01.09 20:07:12 | 000,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPCX12N.DLL
[2016.01.09 20:07:12 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFLMB12N.DLL
[2016.01.09 20:07:12 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFEPS12N.DLL
[2016.01.09 20:07:12 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFWPG12N.DLL
[2016.01.09 20:07:12 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFIMG12N.DLL
[2016.01.09 20:07:12 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFPCD12N.DLL
[2016.01.09 20:07:12 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFMSP12N.DLL
[2016.01.09 20:07:12 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brother's Keeper 7
[2016.01.09 20:07:11 | 000,751,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LTANN12N.DLL
[2016.01.09 20:07:11 | 000,227,328 | ---- | C] (MicroHelp, Inc.) -- C:\WINDOWS\SysWow64\comppl32.dll
[2016.01.09 20:07:11 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ComCt232.ocx
[2016.01.09 20:07:11 | 000,122,880 | ---- | C] (Crescent Division of Progress Software Corporation) -- C:\WINDOWS\SysWow64\qpro32.dll
[2016.01.09 20:07:11 | 000,103,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSComm32.ocx
[2016.01.09 20:07:11 | 000,062,464 | ---- | C] (Btrieve Technologies, Inc.) -- C:\WINDOWS\SysWow64\wbtrv32.dll
[2016.01.09 20:07:11 | 000,039,936 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LTTWN12N.DLL
[2016.01.09 20:07:11 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\SysWow64\LFAVI12N.DLL
[2016.01.09 20:07:09 | 001,011,712 | ---- | C] (Janus Systems SA de CV) -- C:\WINDOWS\SysWow64\Gridex16.ocx
[2016.01.09 20:07:09 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TABCTL32.OCX
[2016.01.09 20:07:09 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RichTx32.ocx
[2016.01.09 20:07:09 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SysInfo.ocx
[2016.01.09 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2016.01.07 17:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016.01.06 08:42:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Documents\MyHeritage
[2016.01.06 08:42:03 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\MyHeritage
[2016.01.06 08:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MyHeritage
[2016.01.06 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
[2016.01.06 08:41:40 | 002,029,056 | ---- | C] (Bytescout) -- C:\WINDOWS\SysWow64\PDFDocScout.DLL
[2016.01.06 08:41:40 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comctl32.ocx
[2016.01.06 08:41:40 | 000,606,208 | ---- | C] (Lorenzi Davide) -- C:\WINDOWS\SysWow64\HexUniRTFBox.ocx
[2016.01.06 08:41:40 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysWow64\ijl15.dll
[2016.01.06 08:41:40 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmapi32.ocx
[2016.01.06 08:41:39 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2016.01.06 08:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyHeritage
[2016.01.05 19:43:18 | 000,826,872 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2016.01.05 19:43:18 | 000,176,632 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2016.01.01 20:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2016.01.01 20:18:30 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Notepad++
[2016.01.01 20:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2015.03.29 10:19:53 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Uživatel\AppData\Roaming\pcouffin.sys
[8 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 7 hostů