HiJackThis - problematická klávesnice Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 12 říj 2020 16:07

Dobrý den,

mám delší dobu problémy s psaním na klávesnici, na některých stránkách či ve hrách občas některé znaky prokliknou dvakrát, přitom když testuji v notepadu tak se to nikdy neděje. A také mám problém kombinovat některá písmena s háčkem, dost často například kombinováním N + ˇ nenapíšu Ň ale jen N. Dočetl jsem se, že by za tím mohl být keylogger. Mohu poprosit o check?

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Home), 10.0.19041.508 (ReleaseId: 2004), Service Pack: 0
Time: 12.10.2020 - 15:56 (UTC+02:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: Horic (group: Administrator) on HORIC-PC, FirstRun: yes

Chrome: 86.0.4240.75
Firefox: 44.0.0.5866
Edge: 11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Internet Explorer)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
3 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
1 C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
1 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
2 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
46 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
1 C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
1 C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
1 C:\Program Files\WinRAR\WinRAR.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2010.1001.9.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
1 C:\Riot Games\LolScreenSaver\assistant\LeagueDisplaysAssistant.exe
2 C:\Users\Horic\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
1 C:\Users\Horic\Desktop\HiJackThis\HiJackThis.exe
2 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
1 C:\Windows\SysWOW64\PnkBstrB.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
1 C:\Windows\System32\PnkBstrA.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\mqsvc.exe
1 C:\Windows\System32\mspaint.exe
1 C:\Windows\System32\notepad.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
92 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2 C:\Windows\explorer.exe
1 D:\Adobe\Adobe Photoshop 2020\Photoshop.exe
3 D:\Adobe\Adobe Photoshop 2020\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
1 D:\Adobe\Adobe Photoshop 2020\Required\DynamicLinkMediaServer\dynamiclinkmanager.exe
3 D:\Adobe\Adobe Photoshop 2020\Required\Plug-ins\Spaces\Adobe Spaces Helper.exe
1 D:\Origin\OriginWebHelperService.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0389E7FC-C1BC-4FF9-B9F0-2BEDFA4E5E98}: [URL] = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_9973 - Novinky.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [SuggestionsURL] = https://api.bing.com/qsml.aspx?query={searchTerms}&market={language}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&pc=UE15 - Bing
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL] = https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15 - Bing
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42bb369b-d0a3-46a3-94ba-61aedb1db9a6}: [SuggestionsURL_JSON] = http://www.zbozi.cz/suggest/zbozi?phrase={searchTerms}&result=firefox - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42bb369b-d0a3-46a3-94ba-61aedb1db9a6}: [URL] = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_9973 - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{47D5138B-9511-4985-8C3A-AE7D0731D16C}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/en_cz?phrase={searchTerms}&result=firefox - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{47D5138B-9511-4985-8C3A-AE7D0731D16C}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_9973 - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4dced34f-ee99-4ff1-9290-06db1543ff70}: [URL] = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_9973 - Firmy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5581A53C-3D86-4485-A472-2D77C53F1DBE}: [URL] = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_9973 - Encyklopedie Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6a663b2f-1b29-4f32-925c-4daaf0e5b082}: [URL] = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_9973 - Mapy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [SuggestionsURL_JSON] = https://toolbar.avg.com/acp?q={searchTerms}&o=1 - AVG Secure Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [URL] = https://mysearch.avg.com/search?cid={9448D983-7838-4099-9333-DE7B2195E8B8}&mid=1aaa7781b73147d28a6005743811c8cf-6c36a3a8788b04fd4acc111858ab6f4d57729044&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-26 11:59:36&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms} - AVG Secure Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB657B2-2172-43CF-9386-339F811D05E8}: [URL] = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_9973 - Seznam TV Program
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC2394E2-6FE8-4100-A2AB-57E13A91A0A5}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/cz_en?phrase={searchTerms}&result=firefox - Slovník CZ/EN
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC2394E2-6FE8-4100-A2AB-57E13A91A0A5}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_9973 - Slovník CZ/EN
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{dfcefc1e-9b8a-4a04-8137-783116adb164}: [SuggestionsURL_JSON] = http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms} - Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{dfcefc1e-9b8a-4a04-8137-783116adb164}: [URL] = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_9973 - Seznam
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
O2 - HKLM\..\BHO: (no name) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - (no file)
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll
O2-32 - HKLM\..\BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\Run: [Dropbox Update] = C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E2740AFF44D7E4976F45E8C429DA17AC] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Opera Browser Assistant] = C:\Users\Horic\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] = C:\Users\Horic\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\Control Panel\Desktop: [SCRNSAVE.EXE] = C:\Windows\SysWOW64\launcher.scr
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4-32 - HKLM\..\Run: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
O4-32 - HKLM\..\Run: [KeePass 2 PreLoad] = C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe --preload
O4-32 - HKLM\..\Run: [LeagueDisplays] = C:\Riot Games\LolScreenSaver\assistant\LeagueDisplaysAssistant.exe /onWindowsStart
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Otevřít programem PDF Viewer Plus: (default) = C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\Otevřít programem PDF Viewer Plus: (default) = C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O9-32 - Button: HKLM\..\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}: Nastavení Lištičky ... - (no file)
O9-32 - Button: HKLM\..\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}: Zvýrazňovač slov Lištičky - (no file)
O9-32 - Tools menu item: HKLM\..\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}: Nastavení Lištičky ... - (no file)
O9-32 - Tools menu item: HKLM\..\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}: Zvýrazňovač slov Lištičky - (no file)
O15 - Trusted Zone: https://czuvpraze-files.sharepoint.com
O15 - Trusted Zone: https://czuvpraze-myfiles.sharepoint.com
O15 - Trusted Zone: https://vospcz-files.sharepoint.com
O15 - Trusted Zone: https://vospcz-myfiles.sharepoint.com
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0018-0000-0073-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
O17 - DHCP DNS 1: 192.168.101.1
O17 - DHCP DNS 2: 192.168.102.1
O17 - DHCP DNS 3: 212.24.128.8
O17 - DHCP DNS 4: 212.24.132.132
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt1": DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt2": DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt3": DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt4": DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt5": DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt6": DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt7": DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt8": DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O22 - Task (.job): (Ready) DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002Core.job - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (Ready) DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002UA.job - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task (.job): (disabled) 0615avUpdateInfo.job - C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0615av /INFORETRY=3
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Media Center\PeriodicScanRetry - C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (file missing)
O22 - Task: (disabled) \Microsoft\Windows\Media Center\RecordingRestart - C:\WINDOWS\ehome\ehrec /RestartRecording (file missing)
O22 - Task: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40b4-8963-D3C761B18371} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\WindowsParentalControls - {DFA14C43-F385-4170-99CC-1B7765FA0E4A} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\WindowsParentalControlsMigration - {343D770D-7788-47c2-B62A-B7C4CED925CB} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDfE067B1} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: 0615avUpdateInfo - C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0615av /INFORETRY=3
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe -check plugin
O22 - Task: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe -check pepperplugin
O22 - Task: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: AdobeAAMUpdater-1.0-Horic-PC-Horic - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
O22 - Task: AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002Core - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task: DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002UA - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: EMPTY - C:\Program Files\ESL\EmptyStandbyList.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Java Update Scheduler - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: Opera scheduled Autoupdate 1551573995 - C:\Users\Horic\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Opera scheduled assistant Autoupdate 1582797711 - C:\Users\Horic\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Horic\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Task: ROCCAT DEVICE SERVICE - H:/Roccat/ROCCAT Swarm/ROCCAT_dev_service.exe
O22 - Task: Red Giant Link - C:\Program Files\Red Giant Link\Red Giant Link.exe --silent (file missing)
O22 - Task: SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget (file missing)
O22 - Task: Trojan Killer - C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe -startupscan (file missing)
O22 - Task: UnHackMe Task Scheduler - C:\Program Files (x86)\UnHackMe\hackmon.exe $(Arg0) (file missing)
O22 - Task: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (file missing)
O22 - Task: \Microsoft\VisualStudio\VSIX Auto Update 14 - C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe (file missing)
O22 - Task: \Microsoft\Windows\End Of Support\Notify1 - C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (file missing)
O22 - Task: \Microsoft\Windows\End Of Support\Notify2 - C:\WINDOWS\system32\sipnotify.exe -Daily (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Task: \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Task: \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (file missing)
O22 - Task: \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Task: \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\StartRecording - C:\WINDOWS\ehome\ehrec /StartRecording (file missing)
O22 - Task: \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Task: \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43da-BFD7-FBEEA2180A1E} - (no file)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4f47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Task: \Microsoft\Windows\Tcpip\IpAddressConflict1 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem (Microsoft)
O22 - Task: \Microsoft\Windows\Tcpip\IpAddressConflict2 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem (Microsoft)
O22 - Task: {08222A88-7FEF-41C5-A1D5-95D7D5ECB7A0} - C:\Windows\system32\pcalua.exe -a "D:\Games\asdas\Call of duty 4 Multiplayer.exe" -d D:\Games\asdas
O22 - Task: {5BA478B6-119F-410C-B232-36E339FFE296} - C:\Windows\system32\pcalua.exe -a H:\XboxInstaller.exe -d H:\
O22 - Task: {66B1ADDB-E42D-47B9-B760-DCFBA258EBB6} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Razer\Synapse\RzAIOInstallManager.exe" -d "C:\Program Files (x86)\Razer\Synapse"
O22 - Task: {6B33BA92-5BF7-4252-9FBF-0345ED386CBE} - C:\Windows\system32\pcalua.exe -a H:\Games\GTA\Redistributables\VCRed\vcredist_x86.exe -d "H:\Games\GTA V\Launcher" -c /q
O22 - Task: {6D610788-9DDF-4528-B4D2-6F86D176C4FA} - C:\Windows\system32\pcalua.exe -a "H:\Games\L.A. Noire Complete Edition\Redistributables\VCRed\vcredist_x86.exe" -d "H:\Games\GTA V\Launcher" -c /q
O22 - Task: {80A74D71-D319-4D76-86AC-C6B1C2EDCFB5} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
O22 - Task: {81C6BE5E-5733-476D-9247-0EDAF04D5EF4} - C:\Windows\system32\pcalua.exe -a G:\INSTALL.EXE -d G:\
O22 - Task: {89B547A8-FF87-4CAD-96D3-C2E841539B4A} - C:\Windows\system32\pcalua.exe -a "H:\Games\Riot Games\Riot Client\RiotClientServices.exe" -c --uninstall-product=valorant --uninstall-patchline=live
O22 - Task: {E9162CCD-A2CD-4361-9EC3-884A80143588} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\TeamSpeak 3 Client\package_inst.exe" -d H:\ -c "H:\rp_soundboard_1810.ts3_plugin"
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Hi-Rez Studios Authenticate and Update Service - (HiPatchService) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Smart Connect Technology Agent - (ISCTAgent) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service R2: MSI_Trigger_Service - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: Origin Web Helper Service - D:\Origin\OriginWebHelperService.exe
O23 - Service R2: PDFProFiltSrvPP - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe
O23 - Service R2: PnkBstrB - C:\WINDOWS\SysWOW64\PnkBstrB.exe
O23 - Service R2: Razer Game Scanner - (Razer Game Scanner Service) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service R2: WtuSystemSupport - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
O23 - Service R2: vToolbarUpdater40.3.8 - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
O23 - Service R3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service S2: Služba Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Adobe SwitchBoard - (SwitchBoard) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: BitRaider Mini-Support Service Stub Loader - (BRSptStub) - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Origin Client Service - D:\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - H:\Games\GTA V\Launcher\RockstarService.exe
O23 - Service S3: Služba Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 19.1 sec. - 79566 bytes, CRC32: FFFFFFFF. Sign: 弛퇃


:horse:

Reklama
Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 12 říj 2020 16:17

Ups, pardon. Asi bylo vhodnější udělat HJT a nemít tu pootevírané vše možné. Přikládám ještě jednu verzi:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Home), 10.0.19041.508 (ReleaseId: 2004), Service Pack: 0
Time: 12.10.2020 - 16:16 (UTC+02:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: Horic (group: Administrator) on HORIC-PC, FirstRun: no

Chrome: 86.0.4240.75
Firefox: 44.0.0.5866
Edge: 11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Internet Explorer)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
1 C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
1 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
2 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
1 C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
1 C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2010.1001.9.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
1 C:\Riot Games\LolScreenSaver\assistant\LeagueDisplaysAssistant.exe
2 C:\Users\Horic\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
1 C:\Users\Horic\Desktop\HiJackThis\HiJackThis.exe
2 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
1 C:\Windows\SysWOW64\PnkBstrB.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
1 C:\Windows\System32\PnkBstrA.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\mqsvc.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
88 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2 C:\Windows\explorer.exe
1 D:\Origin\OriginWebHelperService.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0389E7FC-C1BC-4FF9-B9F0-2BEDFA4E5E98}: [URL] = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_9973 - Novinky.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [SuggestionsURL] = https://api.bing.com/qsml.aspx?query={searchTerms}&market={language}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&pc=UE15 - Bing
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL] = https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15 - Bing
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42bb369b-d0a3-46a3-94ba-61aedb1db9a6}: [SuggestionsURL_JSON] = http://www.zbozi.cz/suggest/zbozi?phrase={searchTerms}&result=firefox - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{42bb369b-d0a3-46a3-94ba-61aedb1db9a6}: [URL] = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_9973 - Zboží.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{47D5138B-9511-4985-8C3A-AE7D0731D16C}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/en_cz?phrase={searchTerms}&result=firefox - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{47D5138B-9511-4985-8C3A-AE7D0731D16C}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_9973 - Slovník EN/CZ
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4dced34f-ee99-4ff1-9290-06db1543ff70}: [URL] = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_9973 - Firmy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5581A53C-3D86-4485-A472-2D77C53F1DBE}: [URL] = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_9973 - Encyklopedie Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6a663b2f-1b29-4f32-925c-4daaf0e5b082}: [URL] = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_9973 - Mapy.cz
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [SuggestionsURL_JSON] = https://toolbar.avg.com/acp?q={searchTerms}&o=1 - AVG Secure Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: [URL] = https://mysearch.avg.com/search?cid={9448D983-7838-4099-9333-DE7B2195E8B8}&mid=1aaa7781b73147d28a6005743811c8cf-6c36a3a8788b04fd4acc111858ab6f4d57729044&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-26 11:59:36&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms} - AVG Secure Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB657B2-2172-43CF-9386-339F811D05E8}: [URL] = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_9973 - Seznam TV Program
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC2394E2-6FE8-4100-A2AB-57E13A91A0A5}: [SuggestionsURL_JSON] = http://slovnik.seznam.cz/suggest/cz_en?phrase={searchTerms}&result=firefox - Slovník CZ/EN
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC2394E2-6FE8-4100-A2AB-57E13A91A0A5}: [URL] = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_9973 - Slovník CZ/EN
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{dfcefc1e-9b8a-4a04-8137-783116adb164}: [SuggestionsURL_JSON] = http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms} - Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{dfcefc1e-9b8a-4a04-8137-783116adb164}: [URL] = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_9973 - Seznam
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
O2 - HKLM\..\BHO: (no name) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - (no file)
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll
O2-32 - HKLM\..\BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\Run: [Dropbox Update] = C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E2740AFF44D7E4976F45E8C429DA17AC] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Opera Browser Assistant] = C:\Users\Horic\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] = C:\Users\Horic\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\Control Panel\Desktop: [SCRNSAVE.EXE] = C:\Windows\SysWOW64\launcher.scr
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4-32 - HKLM\..\Run: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
O4-32 - HKLM\..\Run: [KeePass 2 PreLoad] = C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe --preload
O4-32 - HKLM\..\Run: [LeagueDisplays] = C:\Riot Games\LolScreenSaver\assistant\LeagueDisplaysAssistant.exe /onWindowsStart
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Otevřít programem PDF Viewer Plus: (default) = C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\Otevřít programem PDF Viewer Plus: (default) = C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O9-32 - Button: HKLM\..\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}: Nastavení Lištičky ... - (no file)
O9-32 - Button: HKLM\..\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}: Zvýrazňovač slov Lištičky - (no file)
O9-32 - Tools menu item: HKLM\..\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}: Nastavení Lištičky ... - (no file)
O9-32 - Tools menu item: HKLM\..\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}: Zvýrazňovač slov Lištičky - (no file)
O15 - Trusted Zone: https://czuvpraze-files.sharepoint.com
O15 - Trusted Zone: https://czuvpraze-myfiles.sharepoint.com
O15 - Trusted Zone: https://vospcz-files.sharepoint.com
O15 - Trusted Zone: https://vospcz-myfiles.sharepoint.com
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0018-0000-0073-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
O17 - DHCP DNS 1: 192.168.101.1
O17 - DHCP DNS 2: 192.168.102.1
O17 - DHCP DNS 3: 212.24.128.8
O17 - DHCP DNS 4: 212.24.132.132
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt1": DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt2": DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt3": DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt4": DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt5": DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt6": DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt7": DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\"DropboxExt8": DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Horic\AppData\Roaming\Dropbox\bin\DropboxExt.46.0.dll
O22 - Task (.job): (Ready) DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002Core.job - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (Ready) DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002UA.job - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task (.job): (disabled) 0615avUpdateInfo.job - C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0615av /INFORETRY=3
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Media Center\PeriodicScanRetry - C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (file missing)
O22 - Task: (disabled) \Microsoft\Windows\Media Center\RecordingRestart - C:\WINDOWS\ehome\ehrec /RestartRecording (file missing)
O22 - Task: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40b4-8963-D3C761B18371} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\WindowsParentalControls - {DFA14C43-F385-4170-99CC-1B7765FA0E4A} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Shell\WindowsParentalControlsMigration - {343D770D-7788-47c2-B62A-B7C4CED925CB} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDfE067B1} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: 0615avUpdateInfo - C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0615av /INFORETRY=3
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe -check plugin
O22 - Task: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe -check pepperplugin
O22 - Task: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: AdobeAAMUpdater-1.0-Horic-PC-Horic - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
O22 - Task: AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002Core - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task: DropboxUpdateTaskUserS-1-5-21-4004562020-652146638-2829249104-1002UA - C:\Users\Horic\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: EMPTY - C:\Program Files\ESL\EmptyStandbyList.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Java Update Scheduler - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: Opera scheduled Autoupdate 1551573995 - C:\Users\Horic\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: Opera scheduled assistant Autoupdate 1582797711 - C:\Users\Horic\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Horic\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Task: ROCCAT DEVICE SERVICE - H:/Roccat/ROCCAT Swarm/ROCCAT_dev_service.exe
O22 - Task: Red Giant Link - C:\Program Files\Red Giant Link\Red Giant Link.exe --silent (file missing)
O22 - Task: SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget (file missing)
O22 - Task: Trojan Killer - C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe -startupscan (file missing)
O22 - Task: UnHackMe Task Scheduler - C:\Program Files (x86)\UnHackMe\hackmon.exe $(Arg0) (file missing)
O22 - Task: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (file missing)
O22 - Task: \Microsoft\VisualStudio\VSIX Auto Update 14 - C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe (file missing)
O22 - Task: \Microsoft\Windows\End Of Support\Notify1 - C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (file missing)
O22 - Task: \Microsoft\Windows\End Of Support\Notify2 - C:\WINDOWS\system32\sipnotify.exe -Daily (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Task: \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Task: \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (file missing)
O22 - Task: \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Task: \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (file missing)
O22 - Task: \Microsoft\Windows\Media Center\StartRecording - C:\WINDOWS\ehome\ehrec /StartRecording (file missing)
O22 - Task: \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Task: \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Task: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43da-BFD7-FBEEA2180A1E} - (no file)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4f47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Task: \Microsoft\Windows\Tcpip\IpAddressConflict1 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem (Microsoft)
O22 - Task: \Microsoft\Windows\Tcpip\IpAddressConflict2 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem (Microsoft)
O22 - Task: {08222A88-7FEF-41C5-A1D5-95D7D5ECB7A0} - C:\Windows\system32\pcalua.exe -a "D:\Games\asdas\Call of duty 4 Multiplayer.exe" -d D:\Games\asdas
O22 - Task: {5BA478B6-119F-410C-B232-36E339FFE296} - C:\Windows\system32\pcalua.exe -a H:\XboxInstaller.exe -d H:\
O22 - Task: {66B1ADDB-E42D-47B9-B760-DCFBA258EBB6} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Razer\Synapse\RzAIOInstallManager.exe" -d "C:\Program Files (x86)\Razer\Synapse"
O22 - Task: {6B33BA92-5BF7-4252-9FBF-0345ED386CBE} - C:\Windows\system32\pcalua.exe -a H:\Games\GTA\Redistributables\VCRed\vcredist_x86.exe -d "H:\Games\GTA V\Launcher" -c /q
O22 - Task: {6D610788-9DDF-4528-B4D2-6F86D176C4FA} - C:\Windows\system32\pcalua.exe -a "H:\Games\L.A. Noire Complete Edition\Redistributables\VCRed\vcredist_x86.exe" -d "H:\Games\GTA V\Launcher" -c /q
O22 - Task: {80A74D71-D319-4D76-86AC-C6B1C2EDCFB5} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
O22 - Task: {81C6BE5E-5733-476D-9247-0EDAF04D5EF4} - C:\Windows\system32\pcalua.exe -a G:\INSTALL.EXE -d G:\
O22 - Task: {89B547A8-FF87-4CAD-96D3-C2E841539B4A} - C:\Windows\system32\pcalua.exe -a "H:\Games\Riot Games\Riot Client\RiotClientServices.exe" -c --uninstall-product=valorant --uninstall-patchline=live
O22 - Task: {E9162CCD-A2CD-4361-9EC3-884A80143588} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\TeamSpeak 3 Client\package_inst.exe" -d H:\ -c "H:\rp_soundboard_1810.ts3_plugin"
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.45.11001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Hi-Rez Studios Authenticate and Update Service - (HiPatchService) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Smart Connect Technology Agent - (ISCTAgent) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service R2: MSI_Trigger_Service - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: Origin Web Helper Service - D:\Origin\OriginWebHelperService.exe
O23 - Service R2: PDFProFiltSrvPP - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe
O23 - Service R2: PnkBstrB - C:\WINDOWS\SysWOW64\PnkBstrB.exe
O23 - Service R2: Razer Game Scanner - (Razer Game Scanner Service) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service R2: WtuSystemSupport - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
O23 - Service R2: vToolbarUpdater40.3.8 - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
O23 - Service S2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service S2: Služba Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Adobe SwitchBoard - (SwitchBoard) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: BitRaider Mini-Support Service Stub Loader - (BRSptStub) - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Origin Client Service - D:\Origin\OriginClientService.exe
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - H:\Games\GTA V\Launcher\RockstarService.exe
O23 - Service S3: Služba Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 8.2 sec. - 78274 bytes, CRC32: FFFFFFFF. Sign: 滳�
:horse:

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41324
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod jaro3 » 12 říj 2020 16:40

Nedávej logy do code ani spoileru.

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/

na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 12 říj 2020 21:40

Aha! Tak to promiň, myslel jsem, že to tak bude lepší. :)

ADW:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-12-2020
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 74
# Failed: 0


***** [ Services ] *****

Deleted WtuSystemSupport
Deleted vToolbarUpdater40.3.8

***** [ Folders ] *****

Deleted C:\Program Files (x86)\BUUYNSAVE
Deleted C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted C:\Program Files (x86)\IndepthGeneration
Deleted C:\Program Files (x86)\SALEPLLUS
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\avg web tuneup
Deleted C:\Program Files\Common Files\AVG Secure Search
Deleted C:\ProgramData\AVG Secure Search
Deleted C:\ProgramData\AVG Security Toolbar
Deleted C:\ProgramData\AVG_UPDATE_0615AV
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\Uniblue
Deleted C:\ProgramData\avg web tuneup
Deleted C:\Users\Horic\AppData\Local\DriverToolkit
Deleted C:\Users\Horic\AppData\Local\avg web tuneup
Deleted C:\Users\Horic\AppData\Roaming\Seznam.cz
Deleted C:\Users\Horic\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\C2MP

***** [ Files ] *****

Deleted C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Deleted C:\Users\Horic\AppData\Roaming\Mozilla\Firefox\Profiles\dwhb44kn.default-1426517132149\searchplugins\avg-secure-search.xml
Deleted C:\Windows\System32\drivers\wcmvcam64.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\0615avUpdateInfo
Deleted C:\Windows\Tasks\0615avUpdateInfo.job

***** [ Registry ] *****

Deleted HKCU\Software\AppDataLow\Software\Seznam.cz
Deleted HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKCU\Software\BSD
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Softonic
Deleted HKCU\Software\SpeeditupFree
Deleted HKCU\Software\win
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19C5918A-9C57-44C6-81C6-75208B2E9E8D}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19C5918A-9C57-44C6-81C6-75208B2E9E8D}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0615avUpdateInfo
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F3126D84-ED43-4FAD-9550-AC949876F93C}C:\program files (x86)\bitlord\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{61F70733-9FB0-4D7A-B74B-9E783009C125}C:\program files (x86)\bitlord\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0AE0B4A0-4DE7-4EB0-B768-2B321946EBB6}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BC048920-D84B-477B-B09A-3F3210314813}
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Classes\driverscanner
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.szndesktop
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Seznam.cz
Deleted HKLM\Software\Wow6432Node\SiteSee
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Deleted HKLM\Software\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKLM\System\Setup\FirstBoot\Services\WtuSystemSupport
Deleted HKLM\System\Setup\FirstBoot\Services\vToolbarUpdater40.3.8

***** [ Chromium (and derivatives) ] *****

Deleted Extutil - booedmolknjekdopkepjjeckmjkdpfgl
Deleted Managera - flpcjncodpafbgdpnkljologafpionhb
Deleted nhogbcndagiknbfomjgdeghehkljalhi

***** [ Chromium URLs ] *****

Deleted istartsurf

***** [ Firefox (and derivatives) ] *****

Deleted AVG Web TuneUp - avg@toolbar

***** [ Firefox URLs ] *****

Deleted https://mysearch.avg.com/?cid={9448D983-7838-4099-9333-DE7B2195E8B8}&mid=1aaa7781b73147d28a6005743811c8cf-6c36a3a8788b04fd4acc111858ab6f4d57729044&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-07-26 11:59:36&v=4.2.1.951&pid=wtu&sg=&sap=hp
Deleted https://mysearch.avg.com/?cid={9448D983-7838-4099-9333-DE7B2195E8B8}&mid=1aaa7781b73147d28a6005743811c8cf-6c36a3a8788b04fd4acc111858ab6f4d57729044&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-07-26 11:59:36&v=4.2.1.951&pid=wtu&sg=&sap=hp

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\Horic\AppData\Roaming\SAMSUNG\SMART SWITCH PC


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8061 octets] - [12/10/2020 21:17:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
:horse:

Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 12 říj 2020 21:41

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 12.10.20
Čas skenování: 21:19
Logovací soubor: dcad556c-0cbf-11eb-b28a-d43d7ef5213c.json

-Informace o softwaru-
Verze: 4.2.0.82
Verze komponentů: 1.0.1036
Aktualizovat verzi balíku komponent: 1.0.31236
Licence: Bezplatná

-Systémová informace-
OS: Windows 10 (Build 19041.508)
CPU: x64
Systém souborů: NTFS
Uživatel: Horic-PC\Horic

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 368026
Zjištěné hrozby: 10
Hrozby umístěné do karantény: 10
Uplynulý čas: 3 min, 55 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Varovat
Potenciálně nežádoucí modifikace: Varovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 1
Adware.Elex.ShrtCln, C:\USERS\HORIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, V karanténě, 297, 454693, , , , , ,

Soubor: 9
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, V karanténě, 297, 454693, , , , , E99F0352AA33B825F2E9B8654952F32A, D4D244C3251C5FB1A98818BAF735180842D2A813825CBBAC0E0BCD5E5AD8407A
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000032.log, V karanténě, 297, 454693, , , , , ,
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000034.ldb, V karanténě, 297, 454693, , , , , 95492727A01B70C515BC4ECFEB4081DA, BDD0530CA97F9B22B2A3B99A5AFC5BE6D714B1CDD256201F9454D745B8E4ADF4
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, V karanténě, 297, 454693, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, V karanténě, 297, 454693, , , , , ,
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, V karanténě, 297, 454693, , , , , ,
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, V karanténě, 297, 454693, , , , , 739F5EA3457B3C1E5B2FC2F96AADA753, 917BF51EE26E9C5B9DE44F496AAAA6D4C819B68425275374B17FDC4E3CB14C1D
Adware.Elex.ShrtCln, C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, V karanténě, 297, 454693, , , , , ,
Adware.Elex.ShrtCln, C:\USERS\HORIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Nahrazen, 297, 454693, 1.0.31236, , ame, , ,

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
:horse:

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41324
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice  Vyřešeno

Příspěvekod jaro3 » 12 říj 2020 21:49

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 12 říj 2020 22:26

Je normální, že Sophos Virus Removal skenuje tak šíleně dlouho? Mám pocit, že to poběží celý den.
:horse:

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41324
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod jaro3 » 12 říj 2020 23:42

Jo někdy se to stává i hodně hodin , nech to přes noc , stejně jdu spát.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 15 říj 2020 20:58

Nejsem si jistý, ale logy se ukládají vždy do stejného textáku? Přikládám jen poslední, omylem jsem ho předtím zrušil a nevyčistil.

----

2020-10-15 14:31:36.364 Sophos Virus Removal Tool version 2.7.0
2020-10-15 14:31:36.364 Copyright (c) 2009-2018 Sophos Limited. All rights reserved.

2020-10-15 14:31:36.364 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2020-10-15 14:31:36.364 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
2020-10-15 14:31:36.364 Checking for updates...
2020-10-15 14:31:36.372 Update progress: proxy server not available
2020-10-15 14:31:51.405 Downloading updates...
2020-10-15 14:31:51.409 Update progress: [I96736] sdds.svrt_v1.18: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2020-10-15 14:31:51.409 Update progress: [I95020] sdds.svrt_v1.18: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-10-15 14:31:51.409 Update progress: [I22529] sdds.svrt_v1.18: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-10-15 14:31:51.409 Update progress: [V81533] SU::createCachedPackageSource creating cached package source for http://d2.sophosupd.com/update-B: url=SOPHOS
2020-10-15 14:31:51.409 Update progress: [V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
2020-10-15 14:31:51.409 Update progress: [V81533] SU::createCachedPackageSource creating package source to download customer file
2020-10-15 14:31:51.409 Update progress: [V81533] SU::createCachedPackageSource creating cached package source
2020-10-15 14:31:51.409 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: catalogue/sdds.data0910.xml
2020-10-15 14:31:51.409 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: catalogue/sdds.data0910.xml: 94 ms
2020-10-15 14:31:51.409 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0f2e292cda28102d96b451335b8b4030x000.xml: 4249 bytes
2020-10-15 14:31:51.409 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0f2e292cda28102d96b451335b8b4030x000.xml: 47 ms
2020-10-15 14:31:51.409 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 99184e83713e821fb1d2c45085bd6ab7x000.xml: 8673 bytes
2020-10-15 14:31:51.409 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 99184e83713e821fb1d2c45085bd6ab7x000.xml: 63 ms
2020-10-15 14:31:51.409 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE580/8011a8cdbbaf3d66fbcdadc05877d034x000.xml: 5009 bytes
2020-10-15 14:31:51.409 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE580/8011a8cdbbaf3d66fbcdadc05877d034x000.xml: 109 ms
2020-10-15 14:31:51.409 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 332a5f87d6f69dad6c87961a9308ae1fx000.xml: 877 bytes
2020-10-15 14:31:51.409 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 332a5f87d6f69dad6c87961a9308ae1fx000.xml: 31 ms
2020-10-15 14:31:51.409 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0bafb74f43a535733494ad6829cc281bx000.xml: 1027 bytes
2020-10-15 14:31:51.409 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0bafb74f43a535733494ad6829cc281bx000.xml: 31 ms
2020-10-15 14:31:51.409 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 14ff4bc9484d9998a326b5132236fa28x000.xml: 336 bytes
2020-10-15 14:31:51.409 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 14ff4bc9484d9998a326b5132236fa28x000.xml: 32 ms
2020-10-15 14:31:51.409 Update progress: [I49502] sdds.data0910.xml: found supplement IDE577 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2020-10-15 14:31:51.409 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE577 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE577 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I49502] sdds.data0910.xml: found supplement IDE578 LATEST path= baseVersion= [included from product IDE577 LATEST path=]
2020-10-15 14:31:51.410 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE578 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE578 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I49502] sdds.data0910.xml: found supplement IDE579 LATEST path= baseVersion= [included from product IDE578 LATEST path=]
2020-10-15 14:31:51.410 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE579 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE579 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I49502] sdds.data0910.xml: found supplement IDE580 LATEST path= baseVersion= [included from product IDE579 LATEST path=]
2020-10-15 14:31:51.410 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE580 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE580 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I49502] sdds.data0910.xml: found supplement IDE581 LATEST path= baseVersion= [included from product IDE580 LATEST path=]
2020-10-15 14:31:51.410 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE581 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE581 LATEST path=
2020-10-15 14:31:51.410 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-10-15 14:31:52.555 Update progress: [I19463] Syncing product IDE577 LATEST path=
2020-10-15 14:31:52.555 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: bda91b45770351dbc20a0e409ce55c95x000.xml: 397 bytes
2020-10-15 14:31:52.555 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: bda91b45770351dbc20a0e409ce55c95x000.xml: 31 ms
2020-10-15 14:31:52.555 Update progress: [I19463] Product download size 5277 bytes
2020-10-15 14:31:52.621 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9b2db6cfcd6f9d42c2b311475721e2b4x000.xml: 5277 bytes
2020-10-15 14:31:52.621 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9b2db6cfcd6f9d42c2b311475721e2b4x000.xml: 63 ms
2020-10-15 14:31:53.466 Update progress: [I19463] Syncing product IDE578 LATEST path=
2020-10-15 14:31:54.378 Update progress: [I19463] Syncing product IDE579 LATEST path=
2020-10-15 14:31:54.941 Update progress: [I19463] Syncing product IDE580 LATEST path=
2020-10-15 14:31:54.941 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 67b4b55a78b08b368960c75c9d2f19a2x000.xml: 21989 bytes
2020-10-15 14:31:54.941 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 67b4b55a78b08b368960c75c9d2f19a2x000.xml: 47 ms
2020-10-15 14:31:54.941 Update progress: [I19463] Product download size 16142 bytes
2020-10-15 14:31:55.018 Update progress: [I19463] Syncing product IDE581 LATEST path=
2020-10-15 14:31:55.068 Installing updates...
2020-10-15 14:32:14.971 Option all = no
2020-10-15 14:32:15.584 Option recurse = yes
2020-10-15 14:32:15.584 Option archive = no
2020-10-15 14:32:15.584 Option service = yes
2020-10-15 14:32:15.584 Option confirm = yes
2020-10-15 14:32:15.584 Option sxl = yes
2020-10-15 14:32:15.584 Option max-data-age = 35
2020-10-15 14:32:15.584 Option vdl-logging = yes
2020-10-15 14:32:15.584 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2020-10-15 14:32:15.584 Machine ID: c712cace98404c8db2908a8f62818677
2020-10-15 14:32:15.584 Component SVRTcli.exe version 2.7.0
2020-10-15 14:32:15.584 Component control.dll version 2.7.0
2020-10-15 14:32:15.584 Component SVRTservice.exe version 2.7.0
2020-10-15 14:32:15.584 Component engine\osdp.dll version 1.44.1.2490
2020-10-15 14:32:15.584 Component engine\veex.dll version 3.79.0.2490
2020-10-15 14:32:15.584 Component engine\savi.dll version 9.0.20.2490
2020-10-15 14:32:15.584 Component rkdisk.dll version 1.5.33.1
2020-10-15 14:32:15.584 Version info: Product version 2.7.0
2020-10-15 14:32:15.585 Version info: Detection engine 3.79.0
2020-10-15 14:32:15.585 Version info: Detection data 5.76
2020-10-15 14:32:15.585 Version info: Build date 23.6.2020
2020-10-15 14:32:15.585 Version info: Data files added 543
2020-10-15 14:32:15.585 Version info: Last successful update 15.10.2020 11:41:05
2020-10-15 14:32:15.585 Error level 1
2020-10-15 14:32:16.196 Update successful
2020-10-15 14:32:25.622 Option all = no
2020-10-15 14:32:25.622 Option recurse = yes
2020-10-15 14:32:25.622 Option archive = no
2020-10-15 14:32:25.622 Option service = yes
2020-10-15 14:32:25.622 Option confirm = yes
2020-10-15 14:32:25.622 Option sxl = yes
2020-10-15 14:32:25.624 Option max-data-age = 35
2020-10-15 14:32:25.624 Option vdl-logging = yes
2020-10-15 14:32:25.629 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2020-10-15 14:32:25.629 Machine ID: c712cace98404c8db2908a8f62818677
2020-10-15 14:32:25.629 Component SVRTcli.exe version 2.7.0
2020-10-15 14:32:25.629 Component control.dll version 2.7.0
2020-10-15 14:32:25.629 Component SVRTservice.exe version 2.7.0
2020-10-15 14:32:25.629 Component engine\osdp.dll version 1.44.1.2490
2020-10-15 14:32:25.629 Component engine\veex.dll version 3.79.0.2490
2020-10-15 14:32:25.629 Component engine\savi.dll version 9.0.20.2490
2020-10-15 14:32:25.630 Component rkdisk.dll version 1.5.33.1
2020-10-15 14:32:25.630 Version info: Product version 2.7.0
2020-10-15 14:32:25.630 Version info: Detection engine 3.79.0
2020-10-15 14:32:25.630 Version info: Detection data 5.76
2020-10-15 14:32:25.630 Version info: Build date 23.6.2020
2020-10-15 14:32:25.631 Version info: Data files added 544
2020-10-15 14:32:25.631 Version info: Last successful update 15.10.2020 16:32:16

2020-10-15 17:21:00.008 Could not open C:\hiberfil.sys
2020-10-15 17:29:37.364 Could not open C:\ProgramData\Oracle\Java\javapath\java.exe
2020-10-15 17:29:37.364 Could not open C:\ProgramData\Oracle\Java\javapath\javaw.exe
2020-10-15 17:29:37.365 Could not open C:\ProgramData\Oracle\Java\javapath\javaws.exe
2020-10-15 17:30:05.546 Could not open C:\swapfile.sys
2020-10-15 17:33:15.264 Could not open C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13247247382139489
2020-10-15 17:33:15.275 Could not open C:\Users\Horic\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13247222617571641
2020-10-15 17:33:48.895 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\GameBarElevatedFT_Alias.exe
2020-10-15 17:33:48.898 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python.exe
2020-10-15 17:33:48.898 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python3.exe
2020-10-15 17:33:48.901 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\Microsoft.GamingApp_8wekyb3d8bbwe\XboxPcApp.exe
2020-10-15 17:33:48.903 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2020-10-15 17:33:48.906 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\Microsoft.SkypeApp_kzf8qxf38zg5c\Skype.exe
2020-10-15 17:33:48.909 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\GameBarElevatedFT_Alias.exe
2020-10-15 17:33:48.909 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe
2020-10-15 17:33:48.910 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\python.exe
2020-10-15 17:33:48.910 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\python3.exe
2020-10-15 17:33:48.911 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\Skype.exe
2020-10-15 17:33:48.911 Could not open C:\Users\Horic\AppData\Local\Microsoft\WindowsApps\XboxPcApp.exe
2020-10-15 17:42:25.517 Could not open C:\Windows\System32\catroot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\catdb
2020-10-15 17:42:25.519 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2020-10-15 17:42:25.521 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2020-10-15 17:42:26.895 Could not open C:\Windows\System32\config\BBI
2020-10-15 17:50:28.553 >>> Virus 'Mal/MSIL-AX' found in file D:\fg\hlae_2_34_5\injector.exe
2020-10-15 17:50:28.553 >>> Virus 'Mal/MSIL-AX' found in file HKU\S-1-5-21-4004562020-652146638-2829249104-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2020-10-15 17:50:28.553 >>> Virus 'Mal/MSIL-AX' found in file HKU\S-1-5-21-4004562020-652146638-2829249104-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2020-10-15 17:50:28.553 >>> Virus 'Mal/MSIL-AX' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2020-10-15 18:11:51.110 Could not open LOGICAL:0004:00000000
2020-10-15 18:11:51.113 Could not open E:\
2020-10-15 18:28:33.690 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-4004562020-652146638-2829249104-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2020-10-15 18:28:33.690 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-4004562020-652146638-2829249104-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2020-10-15 18:28:33.690 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2020-10-15 18:30:59.414 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Athena\Binaries\UWP64\SoTGame.exe
2020-10-15 18:31:00.197 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\cpprest140_uwp_2_9.dll
2020-10-15 18:31:00.290 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\CoherentGTCore.dll
2020-10-15 18:31:00.291 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\CoherentGTJS.dll
2020-10-15 18:31:00.292 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\coherenticuin.dll
2020-10-15 18:31:00.293 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\coherenticuuc.dll
2020-10-15 18:31:00.294 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\CoherentUIGT.dll
2020-10-15 18:31:00.295 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\icudtcoherent53.dll
2020-10-15 18:31:00.296 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\RenoirCore.UWP.dll
2020-10-15 18:31:00.297 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\CoherentUIGT\UWP64\Release\WTF.dll
2020-10-15 18:31:00.347 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\UWP64\VS2017\PhysX3Common_x64.dll
2020-10-15 18:31:00.349 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\UWP64\VS2017\PhysX3Cooking_x64.dll
2020-10-15 18:31:00.350 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\UWP64\VS2017\PhysX3_x64.dll
2020-10-15 18:31:00.370 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\UWP64\VS2017\PxFoundation_x64.dll
2020-10-15 18:31:00.371 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\UWP64\VS2017\PxPvdSDK_x64.dll
2020-10-15 18:31:00.424 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Source\ThirdParty\AMD\AGS_5_2_0\lib\amd_ags_uwp_x64.dll
2020-10-15 18:31:00.518 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Source\ThirdParty\PlayfabParty\Party\UWP\1.4.8\lib\uwp64\release\Party.dll
2020-10-15 18:31:00.599 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Engine\Source\ThirdParty\PlayfabParty\PartyXboxLive\UWP\1.2.5\lib\uwp64\release\PartyXboxLive.dll
2020-10-15 18:31:00.602 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\EraAdapter.dll
2020-10-15 18:31:00.609 Could not open H:\WindowsApps\Microsoft.SeaofThieves_2.95.6160.2_x64__8wekyb3d8bbwe\Microsoft.Xbox.Services.dll
2020-10-15 18:32:23.286 The following items will be cleaned up:
2020-10-15 18:32:23.286 Mal/MSIL-AX
2020-10-15 18:32:23.286 Mal/Generic-S
:horse:

Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 15 říj 2020 20:59

RogueKiller Anti-Malware V14.7.3.0 (x64) [Sep 15 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19041) 64 bits
Started in : Normal mode
User : Horic [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20201015_091159, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/10/15 16:14:29 (Duration : 00:08:20)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
[PUP.Anvisoft (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\Anvisoft -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-4004562020-652146638-2829249104-1002\Software\Tencent -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-4004562020-652146638-2829249104-1002\Software\WebApp -- N/A -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Miner.Gen (Malicious)] (folder) Theta -- C:\Users\Horic\AppData\Roaming\Theta -> Found
[PUP.HighPCBooster (Potentially Malicious)] (folder) BSD -- C:\ProgramData\BSD -> Found
[PUP.InstallPack (Potentially Malicious)] (folder) InstallMate -- C:\ProgramData\InstallMate -> Found
[PUP.Anvisoft (Potentially Malicious)] (folder) Anvisoft -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft -> Found
[PUP.Gen3 (Potentially Malicious)] (file) wtu-secure-search.xml -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Firefox Addon
[PUP.Gen2 (Potentially Malicious)] Seznam dopln?k - Email (C:\Users\Horic\AppData\Roaming\Mozilla\Firefox\Profiles\dwhb44kn.default-1426517132149\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}) -- {ea614400-e918-4741-9a97-7a972ff7c30b} -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
:horse:

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41324
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod jaro3 » 15 říj 2020 22:13

Sophos něco našel? Myslel jsem dát konec toho logu ( pokud tam něco bylo).

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.


Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
HoricGAMER
Level 2
Level 2
Příspěvky: 173
Registrován: srpen 11
Pohlaví: Muž

Re: HiJackThis - problematická klávesnice

Příspěvekod HoricGAMER » 16 říj 2020 19:58

Zoek.exe pise, ze nemuze nalezt polozku pevz.exe, jak v normalnim, tak nouzovem rezimu.

Edit: Zapomněl jsem zmínit, že se Zoek.exe jednou spustil i přes ten error, ale raději jsem ho vypnul, protože jsem tam nějak zběsile klikal, tak raději než abych něco udělal blbě, jsem ho chtěl otevřít znovu a normálně, ale pak už se nepustil.
:horse:


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 2 hosti