Logfile of random's system information tool 1.09 (written by random/random)
Run by ACER at 2013-12-21 17:58:05
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 38 GB (26%) free of 148 GB
Total RAM: 3066 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:59:16, on 21.12.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\ACER\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\inf\mskhqsmy\mskhqsmy.exe
C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Users\ACER\Desktop\RSIT.exe
C:\Program Files\trend micro\ACER.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tuvaro.com/ws/?source=4c3f95e5&t ... 215d74708e
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\ACER\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: IMPI Helper - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll
O2 - BHO: outobox - {30f06672-0e95-41a9-80cb-dee386af99ad} - C:\Program Files\outobox\outoboxbho.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files\OApps\SelectionLinks.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
O4 - HKLM\..\Run: [mssrpmfbSrv] C:\Windows\inf\mssrpmfb.vbe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1955701762-1772253553-2218349715-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1955701762-1772253553-2218349715-1003\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1955701762-1772253553-2218349715-1003\..\RunOnce: [AcerScrSav] C:\Windows\Acer\run_NB.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: c:\progra~1\google\google~1\googledesktopnetwork3.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files\Dokan\DokanLibrary\mounter.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: IMPI Updater - Unknown owner - C:\Program Files\IMPI\ExtensionUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Update outobox - Unknown owner - C:\Program Files\outobox\updateoutobox.exe
O23 - Service: Util outobox - Unknown owner - C:\Program Files\outobox\bin\utiloutobox.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10408 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://tuvaro.com/ws/?source=4c3f95e5&t ... 215d74708e"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, {1CE72EFA-E2D1-48FA-A5EC-D7111C2C5BB6}:1.0, ffxtlbr@Facemoods.com:1.4.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
C:\Program Files\Mozilla Firefox\extensions\
{1CE72EFA-E2D1-48FA-A5EC-D7111C2C5BB6}
C:\Program Files\Mozilla Firefox\components\
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
npdivx32.dll
npdivx32.xpt
ssldivx.dll
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
fcmdSrchw7th2.xml
googledesktop.xml
C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\extensions\
WebSiteRecommendation@weliketheweb.com
C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\
askcom.xml
search-here.xml
sweetim.xml
tuvaro.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\ACER\AppData\Roaming\Complitly\Complitly.dll [2012-11-30 142040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30f06672-0e95-41a9-80cb-dee386af99ad}]
outobox - C:\Program Files\outobox\outoboxbho.dll [2013-12-07 249624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\IPSBHO.DLL [2013-02-21 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}]
SelectionLinks - C:\Program Files\OApps\SelectionLinks.dll [2013-05-15 483840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
DefaultTab Browser Helper - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-12-13 471160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}]
Related Searches - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-13 398968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{96A25A24-2E87-4374-8A50-CC6F943FCE4D} - Related Searches - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-13 398968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mssrpmfbSrv"=C:\Windows\inf\mssrpmfb.vbe [2013-08-27 1558]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2008-03-05 1216512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERHI~1.EXE [2008-04-08 163840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE [2008-04-10 593920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-04-23 727592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\google\google~1\googledesktopnetwork3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-12-16 3197952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2008-03-25 567560]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=divxa32.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.MKVC"=KMVIDC32.DLL
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-12-21 17:54:03 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-12-16 15:07:37 ----D---- C:\ProgramData\RegClean
2013-12-12 17:35:01 ----A---- C:\Windows\system32\SET868B.tmp
2013-12-12 17:35:01 ----A---- C:\Windows\system32\SET8484.tmp
2013-12-12 17:00:00 ----A---- C:\Windows\system32\vbscript.dll
2013-12-12 17:00:00 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-12 16:59:54 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 16:59:53 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 16:59:52 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 16:59:52 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-12 16:59:52 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 16:59:51 ----A---- C:\Windows\system32\jscript.dll
2013-12-12 16:59:50 ----A---- C:\Windows\system32\url.dll
2013-12-12 16:59:50 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 16:59:50 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 16:59:47 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 16:59:44 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 16:59:33 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 20:03:50 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 20:03:48 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 20:03:48 ----A---- C:\Windows\system32\cscript.exe
2013-12-11 20:03:47 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 20:03:44 ----A---- C:\Windows\system32\wshcon.dll
2013-12-11 20:03:32 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 20:03:31 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-11 20:03:28 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-09 21:11:33 ----D---- C:\Program Files\outobox
2013-12-09 21:10:37 ----D---- C:\Program Files\MyPC Backup
2013-12-01 15:52:32 ----A---- C:\Windows\system32\msvbvm50.dll
2013-12-01 13:59:07 ----D---- C:\Users\ACER\AppData\Roaming\Ascaron Entertainment
2013-12-01 13:56:16 ----D---- C:\Program Files\Ascaron Entertainment
2013-12-01 13:49:32 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-12-01 13:37:43 ----D---- C:\Program Files\DAEMON Tools Lite
======List of files/folders modified in the last 1 month======
2013-12-21 17:58:10 ----D---- C:\Program Files\trend micro
2013-12-21 17:58:04 ----D---- C:\Windows\temp
2013-12-21 17:58:04 ----D---- C:\Windows\Prefetch
2013-12-21 17:55:13 ----D---- C:\Windows\system32\LogFiles
2013-12-21 17:54:03 ----D---- C:\Windows\System32
2013-12-21 17:53:59 ----D---- C:\Windows
2013-12-21 17:24:01 ----D---- C:\Program Files
2013-12-21 17:19:25 ----D---- C:\Program Files\Electronic Arts
2013-12-21 17:19:21 ----SHD---- C:\System Volume Information
2013-12-21 16:51:02 ----D---- C:\Program Files\File Type Assistant
2013-12-21 16:46:26 ----D---- C:\Users\ACER\AppData\Roaming\DAEMON Tools Lite
2013-12-20 16:27:42 ----D---- C:\Windows\system32\catroot2
2013-12-16 15:07:37 ----D---- C:\ProgramData
2013-12-16 15:05:34 ----DC---- C:\Windows\system32\DRVSTORE
2013-12-15 14:45:23 ----D---- C:\Program Files\Zrychleni Pocitace
2013-12-15 14:38:36 ----D---- C:\Windows\inf
2013-12-15 14:38:34 ----D---- C:\Windows\Debug
2013-12-13 16:41:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-12 18:41:55 ----D---- C:\Program Files\Mozilla Firefox
2013-12-12 17:38:01 ----D---- C:\Windows\system32\migration
2013-12-12 17:37:57 ----D---- C:\Program Files\Internet Explorer
2013-12-12 17:35:00 ----D---- C:\Windows\system32\RTCOM
2013-12-12 17:32:54 ----D---- C:\Windows\system32\drivers
2013-12-12 17:19:20 ----D---- C:\Windows\winsxs
2013-12-12 17:18:59 ----SHD---- C:\Windows\Installer
2013-12-12 17:16:14 ----D---- C:\ProgramData\Microsoft Help
2013-12-12 17:11:43 ----D---- C:\Windows\system32\MRT
2013-12-12 17:02:09 ----A---- C:\Windows\system32\mrt.exe
2013-12-12 17:01:05 ----D---- C:\Windows\system32\catroot
2013-12-10 23:20:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-12-08 16:09:26 ----D---- C:\Games
2013-12-06 14:30:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-03 20:23:18 ----D---- C:\Hry
2013-12-01 15:50:43 ----D---- C:\Windows\system32\Tasks
2013-11-30 15:46:25 ----D---- C:\Program Files\Full Tilt Poker
2013-11-26 12:25:54 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-22 16:45:09 ----D---- C:\Users\ACER\AppData\Roaming\VDownloader
2013-11-22 16:44:16 ----D---- C:\Program Files\VDownloader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2008-12-16 42608]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-14 18992]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAV\1000000.07D\SYMEFA.SYS [2013-02-21 309296]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\Windows\system32\drivers\NAV\1000000.07D\BHDrvx86.sys [2013-02-21 254512]
R1 ccHP;Symantec Hash Provider; \??\C:\Windows\system32\drivers\NAV\1000000.07D\ccHPx86.sys [2013-02-21 362544]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-01 243128]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2013-12-09 376920]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20131220.001\IDSvix86.sys [2013-12-12 394456]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NAV\1000000.07D\SRTSPX.SYS [2013-02-21 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2013-02-21 25136]
R1 SYMTDI;SYMTDI; \??\C:\Windows\system32\drivers\NAV\1000000.07D\SYMTDI.SYS [2013-02-21 198192]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 95744]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 AVerBDA6x;AVerBDA6x service; C:\Windows\system32\DRIVERS\AVerBDA716x.sys [2008-03-13 932864]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-19 108120]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2009-08-05 48640]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20131220.008\NAVENG.SYS [2013-12-18 93272]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20131220.008\NAVEX15.SYS [2013-12-18 1612376]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-12-29 8904632]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 62464]
R3 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NAV\1000000.07D\SRTSP.SYS [2013-02-21 305712]
R3 SYMDNS;SYMDNS; \??\C:\Windows\system32\drivers\NAV\1000000.07D\SYMDNS.SYS [2013-02-21 12976]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2013-02-21 124464]
R3 SYMFW;SYMFW; \??\C:\Windows\system32\drivers\NAV\1000000.07D\SYMFW.SYS [2013-02-21 89904]
R3 SYMNDISV;SYMNDISV; \??\C:\Windows\system32\drivers\NAV\1000000.07D\SYMNDISV.SYS [2013-02-21 40496]
R3 SYMREDRV;SYMREDRV; \??\C:\Windows\system32\drivers\NAV\1000000.07D\SYMREDRV.SYS [2013-02-21 24752]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-28 50576]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S1 prodrv03;Star Force copy protection driver v3; C:\Windows\System32\drivers\prodrv03.sys [2012-01-03 115968]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-19 912384]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 catchme;catchme; \??\C:\Users\ACER\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-04-08 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-04-08 393216]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-05-15 107520]
R2 DokanMounter;DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-12-16 3602432]
R2 IMPI Updater;IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [2013-02-05 185856]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe [2013-02-21 115560]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 639928]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-12-28 66872]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]
R2 Update outobox;Update outobox; C:\Program Files\outobox\updateoutobox.exe [2013-12-07 66840]
R2 Util outobox;Util outobox; C:\Program Files\outobox\bin\utiloutobox.exe [2013-12-10 66840]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-17 30192]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-22 104944]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 Folding@home-CPU-[1];Folding@home-CPU-[1]; C:\Folding@HomeCPU\1\Fah.exe [2012-01-25 422400]
S4 Folding@home-CPU-[2];Folding@home-CPU-[2]; C:\Folding@HomeCPU\2\Fah.exe [2012-01-25 422400]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu.velké využití paměti a CPU.proces mskhqsmy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
prosím o kontrolu.velké využití paměti a CPU.proces mskhqsmy
- Přílohy
-
- procesy.jpg (102.79 KiB) Zobrazeno 1856 x
Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by ACER on ne 22.12.2013 at 11:33:27,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1955701762-1772253553-2218349715-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\complitly
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1955701762-1772253553-2218349715-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{43AE3CC6-A494-4471-A37D-9ACFFA1C7F36}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FD85AB67-2A3C-4AA1-9FFE-79F6F9FB1263}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\big fish games"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\complitly"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\iwin"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\ACER\appdata\local\filetypeassistant"
Successfully deleted: [Folder] "C:\Users\ACER\appdata\local\opencandy"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
Successfully deleted: [Folder] "C:\Program Files\oapps"
Successfully deleted: [Folder] "C:\Program Files\sweetpacks bundle uninstaller"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Program Files\ask.com"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\user.js
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\searchplugins\sweetim.xml
Successfully deleted the following from C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\prefs.js
user_pref("avg.install.userHPSettings", "hxxp://mixidj.delta-search.com/?affID=121125&babsrc=HP_ss&mntrId=e26391b200000000000000215d74708e");
user_pref("avg.install.userSPSettings", "Delta Search");
user_pref("browser.startup.homepage", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=homepage&toolbarid=base&u=e26391b200000000000000215d74708e");
user_pref("extensions.facemoods._xpiupdate", true);
user_pref("extensions.facemoods.aflt", "_#wbst");
user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
user_pref("extensions.facemoods.first_time", false);
user_pref("extensions.facemoods.id", "_#c925be5c2c254e32ba81f7ac8c0f3c99");
user_pref("extensions.facemoods.instlDay", "_#15364");
user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
user_pref("extensions.facemoods.sid", "_#c925be5c2c254e32ba81f7ac8c0f3c99");
user_pref("extensions.facemoods.update", "_#v1.4.0");
user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
user_pref("extensions.tuvaro.admin", false);
user_pref("extensions.tuvaro.aflt", "orgnl");
user_pref("extensions.tuvaro.appId", "{2768469C-717B-401F-8532-C6D88BAE0339}");
user_pref("extensions.tuvaro.autoRvrt", "false");
user_pref("extensions.tuvaro.cam", "");
user_pref("extensions.tuvaro.dfltLng", "");
user_pref("extensions.tuvaro.dfltSrch", true);
user_pref("extensions.tuvaro.dnsErr", true);
user_pref("extensions.tuvaro.excTlbr", false);
user_pref("extensions.tuvaro.ffxUnstlRst", false);
user_pref("extensions.tuvaro.hmpg", true);
user_pref("extensions.tuvaro.hmpgUrl", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=homepage&toolbarid=base&u=e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.hpOld0", "hxxp://mixidj.delta-search.com/?affID=121125&babsrc=HP_ss&mntrId=e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.id", "e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.instlDay", "15840");
user_pref("extensions.tuvaro.instlRef", "4c3f95e5");
user_pref("extensions.tuvaro.kw_url", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=url&toolbarid=base&u=e26391b200000000000000215d74708e&q=");
user_pref("extensions.tuvaro.newTab", true);
user_pref("extensions.tuvaro.newTabUrl", "chrome://tuvaro/content/new browser tab.html?source=4c3f95e5&tbp=tab&u=e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.prdct", "tuvaro");
user_pref("extensions.tuvaro.prtnrId", "tuvaro");
user_pref("extensions.tuvaro.rvrt", "false");
user_pref("extensions.tuvaro.smplGrp", "none");
user_pref("extensions.tuvaro.srchPrvdr", "Tuvaro");
user_pref("extensions.tuvaro.tlbrId", "base");
user_pref("extensions.tuvaro.tlbrSrchUrl", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=main&toolbarid=base&u=e26391b200000000000000215d74708e&q=");
user_pref("extensions.tuvaro.vrsn", "1.8.17.3");
user_pref("extensions.tuvaro.vrsnTs", "1.8.17.321:43:03");
user_pref("extensions.tuvaro.vrsni", "1.8.17.3");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10000");
Emptied folder: C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\minidumps [178 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 22.12.2013 at 11:39:04,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.015 - Report created 22/12/2013 at 11:41:43
# Updated 10/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : ACER - ACER-PC
# Running from : C:\Users\ACER\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : DefaultTabUpdate
[#] Service Deleted : Update outobox
[#] Service Deleted : Util outobox
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\RegClean
[#] Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\outobox
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Program Files\Uniblue\DriverScanner
Folder Deleted : C:\Users\ACER\AppData\Roaming\SimilarSites
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{1CE72EFA-E2D1-48FA-A5EC-D7111C2C5BB6}
File Deleted : C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\firefox@outobox.net.xpi
File Deleted : C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\bProtector_extensions.rdf
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\e4d8dabd3dbe43
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{86F14831-D88C-4BC8-B871-C8FB24D95D9B}
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B49962AF-CAB9-44DE-8729-A4369F44BA0D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBasic
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16526
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0,{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{1CE72EFA-E2D1-48FA-A5EC-D71[...]
Line Deleted : user_pref("extensions.questbasic.init", true);
*************************
AdwCleaner[R0].txt - [6227 octets] - [22/12/2013 11:40:36]
AdwCleaner[S0].txt - [6192 octets] - [22/12/2013 11:41:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6252 octets] ##########
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by ACER on ne 22.12.2013 at 11:33:27,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1955701762-1772253553-2218349715-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\complitly
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1955701762-1772253553-2218349715-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{43AE3CC6-A494-4471-A37D-9ACFFA1C7F36}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FD85AB67-2A3C-4AA1-9FFE-79F6F9FB1263}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\big fish games"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\complitly"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\iwin"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\ACER\appdata\local\filetypeassistant"
Successfully deleted: [Folder] "C:\Users\ACER\appdata\local\opencandy"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
Successfully deleted: [Folder] "C:\Program Files\oapps"
Successfully deleted: [Folder] "C:\Program Files\sweetpacks bundle uninstaller"
Successfully deleted: [Folder] "C:\Users\ACER\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Program Files\ask.com"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\user.js
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\searchplugins\sweetim.xml
Successfully deleted the following from C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\prefs.js
user_pref("avg.install.userHPSettings", "hxxp://mixidj.delta-search.com/?affID=121125&babsrc=HP_ss&mntrId=e26391b200000000000000215d74708e");
user_pref("avg.install.userSPSettings", "Delta Search");
user_pref("browser.startup.homepage", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=homepage&toolbarid=base&u=e26391b200000000000000215d74708e");
user_pref("extensions.facemoods._xpiupdate", true);
user_pref("extensions.facemoods.aflt", "_#wbst");
user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
user_pref("extensions.facemoods.first_time", false);
user_pref("extensions.facemoods.id", "_#c925be5c2c254e32ba81f7ac8c0f3c99");
user_pref("extensions.facemoods.instlDay", "_#15364");
user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
user_pref("extensions.facemoods.sid", "_#c925be5c2c254e32ba81f7ac8c0f3c99");
user_pref("extensions.facemoods.update", "_#v1.4.0");
user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
user_pref("extensions.tuvaro.admin", false);
user_pref("extensions.tuvaro.aflt", "orgnl");
user_pref("extensions.tuvaro.appId", "{2768469C-717B-401F-8532-C6D88BAE0339}");
user_pref("extensions.tuvaro.autoRvrt", "false");
user_pref("extensions.tuvaro.cam", "");
user_pref("extensions.tuvaro.dfltLng", "");
user_pref("extensions.tuvaro.dfltSrch", true);
user_pref("extensions.tuvaro.dnsErr", true);
user_pref("extensions.tuvaro.excTlbr", false);
user_pref("extensions.tuvaro.ffxUnstlRst", false);
user_pref("extensions.tuvaro.hmpg", true);
user_pref("extensions.tuvaro.hmpgUrl", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=homepage&toolbarid=base&u=e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.hpOld0", "hxxp://mixidj.delta-search.com/?affID=121125&babsrc=HP_ss&mntrId=e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.id", "e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.instlDay", "15840");
user_pref("extensions.tuvaro.instlRef", "4c3f95e5");
user_pref("extensions.tuvaro.kw_url", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=url&toolbarid=base&u=e26391b200000000000000215d74708e&q=");
user_pref("extensions.tuvaro.newTab", true);
user_pref("extensions.tuvaro.newTabUrl", "chrome://tuvaro/content/new browser tab.html?source=4c3f95e5&tbp=tab&u=e26391b200000000000000215d74708e");
user_pref("extensions.tuvaro.prdct", "tuvaro");
user_pref("extensions.tuvaro.prtnrId", "tuvaro");
user_pref("extensions.tuvaro.rvrt", "false");
user_pref("extensions.tuvaro.smplGrp", "none");
user_pref("extensions.tuvaro.srchPrvdr", "Tuvaro");
user_pref("extensions.tuvaro.tlbrId", "base");
user_pref("extensions.tuvaro.tlbrSrchUrl", "hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=main&toolbarid=base&u=e26391b200000000000000215d74708e&q=");
user_pref("extensions.tuvaro.vrsn", "1.8.17.3");
user_pref("extensions.tuvaro.vrsnTs", "1.8.17.321:43:03");
user_pref("extensions.tuvaro.vrsni", "1.8.17.3");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10000");
Emptied folder: C:\Users\ACER\AppData\Roaming\mozilla\firefox\profiles\f5zpykzg.default\minidumps [178 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 22.12.2013 at 11:39:04,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.015 - Report created 22/12/2013 at 11:41:43
# Updated 10/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : ACER - ACER-PC
# Running from : C:\Users\ACER\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : DefaultTabUpdate
[#] Service Deleted : Update outobox
[#] Service Deleted : Util outobox
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\RegClean
[#] Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\outobox
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Program Files\Uniblue\DriverScanner
Folder Deleted : C:\Users\ACER\AppData\Roaming\SimilarSites
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{1CE72EFA-E2D1-48FA-A5EC-D7111C2C5BB6}
File Deleted : C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\firefox@outobox.net.xpi
File Deleted : C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\bProtector_extensions.rdf
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\e4d8dabd3dbe43
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{86F14831-D88C-4BC8-B871-C8FB24D95D9B}
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B49962AF-CAB9-44DE-8729-A4369F44BA0D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBasic
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16526
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0,{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{1CE72EFA-E2D1-48FA-A5EC-D71[...]
Line Deleted : user_pref("extensions.questbasic.init", true);
*************************
AdwCleaner[R0].txt - [6227 octets] - [22/12/2013 11:40:36]
AdwCleaner[S0].txt - [6192 octets] - [22/12/2013 11:41:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6252 octets] ##########
Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-12-2013 01
Ran by ACER (administrator) on ACER-PC on 23-12-2013 16:28:48
Running from C:\Users\ACER\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(AVerMedia) C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
() C:\Program Files\Dokan\DokanLibrary\mounter.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
() C:\Program Files\IMPI\ExtensionUpdaterService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\ACER\Mobility Center\MobilityService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Realtek Semiconductor Corp.) C:\Users\ACER\AppData\Local\temp\RtkBtMnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Windows\inf\mskhqsmy\mskhqsmy.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\ACER\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [mssrpmfbSrv] - C:\Windows\inf\mssrpmfb.vbe [1558 2013-08-27] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [ 2007-08-21] ()
AppInit_DLLs: C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [ 2010-09-17] (Google)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll ()
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\IPSBHO.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - No Name - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\tuvaro.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchw7th2.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: WebSite Recommendation - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\WebSiteRecommendation@weliketheweb.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox
========================== Services (Whitelisted) =================
R2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2008-04-08] (AVerMedia)
R2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [393216 2008-04-08] ()
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] ()
R2 DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-06-02] ()
S4 Folding@home-CPU-[1]; C:\Folding@HomeCPU\1\Fah.exe [422400 2012-01-25] ()
S4 Folding@home-CPU-[2]; C:\Folding@HomeCPU\2\Fah.exe [422400 2012-01-25] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-17] (Google)
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3602432 2008-12-16] ()
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] ()
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] ()
R2 Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\diMaster.dll [130928 2008-12-05] (Symantec Corporation)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2009-12-28] ()
S4 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-01-10] (Acer Incorporated)
==================== Drivers (Whitelisted) ====================
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [42608 2008-12-16] (Alfa Corporation)
R3 AVerBDA6x; C:\Windows\System32\DRIVERS\AVerBDA716x.sys [932864 2008-03-13] (AVerMedia TECHNOLOGIES, Inc.)
R1 BHDrvx86; C:\Windows\system32\drivers\NAV\1000000.07D\BHDrvx86.sys [254512 2013-02-21] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NAV\1000000.07D\ccHPx86.sys [362544 2013-02-21] (Symantec Corporation)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [95744 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-01] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-19] (Symantec Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20131220.001\IDSvix86.sys [394456 2013-12-12] (Symantec Corporation)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] ()
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20131222.020\NAVENG.SYS [93272 2013-12-18] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20131222.020\NAVEX15.SYS [1612376 2013-12-18] (Symantec Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S1 prodrv03; C:\Windows\System32\drivers\prodrv03.sys [115968 2012-01-03] (Protection Technology Co.)
R1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology)
R0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology)
R0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology)
R0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R3 SRTSP; C:\Windows\system32\drivers\NAV\1000000.07D\SRTSP.SYS [305712 2013-02-21] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1000000.07D\SRTSPX.SYS [43696 2013-02-21] (Symantec Corporation)
R3 SYMDNS; C:\Windows\system32\drivers\NAV\1000000.07D\SYMDNS.SYS [12976 2013-02-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1000000.07D\SYMEFA.SYS [309296 2013-02-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2013-02-21] (Symantec Corporation)
R3 SYMFW; C:\Windows\system32\drivers\NAV\1000000.07D\SYMFW.SYS [89904 2013-02-21] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [25136 2013-02-21] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\system32\drivers\NAV\1000000.07D\SYMNDISV.SYS [40496 2013-02-21] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\system32\drivers\NAV\1000000.07D\SYMREDRV.SYS [24752 2013-02-21] (Symantec Corporation)
R1 SYMTDI; C:\Windows\system32\drivers\NAV\1000000.07D\SYMTDI.SYS [198192 2013-02-21] (Symantec Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-07-18] (Cyberlink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\ACER\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-23 16:28 - 2013-12-23 16:30 - 00015136 _____ C:\Users\ACER\Desktop\FRST.txt
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\FRST
2013-12-23 16:25 - 2013-12-23 16:25 - 00112640 _____ (forum.viry.cz) C:\Users\ACER\Desktop\FRSTLauncher.exe
2013-12-23 16:23 - 2013-12-23 16:23 - 01061231 _____ (Farbar) C:\Users\ACER\Desktop\FRST.exe
2013-12-22 13:32 - 2013-12-22 13:35 - 490434004 _____ C:\Users\ACER\Downloads\Hurá-do-basy-(2006)-byMrR-CZ.avi
2013-12-22 13:22 - 2013-12-22 13:28 - 756463616 _____ C:\Users\ACER\Downloads\Temne-patro-2009.cz.avi.avi
2013-12-22 13:16 - 2013-12-22 13:21 - 695374186 _____ C:\Users\ACER\Downloads\Insidious-(2010)-cz-titulky.avi
2013-12-22 13:05 - 2013-12-22 13:09 - 734613504 _____ C:\Users\ACER\Downloads\KR-13-2009-DVDRip-XviD-czdub.avi
2013-12-22 13:00 - 2013-12-22 13:05 - 778567364 _____ C:\Users\ACER\Downloads\Akta-X--Chci-uvěřit_TV-RIP_zkousec_h264_MP3.avi
2013-12-22 12:55 - 2013-12-22 12:59 - 733929472 _____ C:\Users\ACER\Downloads\Nenarozeni-cz-dabing-2009.avi
2013-12-22 12:48 - 2013-12-22 12:53 - 733672240 _____ C:\Users\ACER\Downloads\Pripad-cislo-39-CZ-dabing.avi
2013-12-22 12:42 - 2013-12-22 12:46 - 734763008 _____ C:\Users\ACER\Downloads\Pulnocni-vlak-cz.avi
2013-12-22 11:40 - 2013-12-22 11:55 - 00000000 ____D C:\AdwCleaner
2013-12-22 11:33 - 2013-12-22 11:33 - 00000000 ____D C:\Windows\ERUNT
2013-12-22 11:31 - 2013-12-22 11:31 - 01226750 _____ C:\Users\ACER\Desktop\adwcleaner.exe
2013-12-22 11:31 - 2013-12-22 11:31 - 01034531 _____ (Thisisu) C:\Users\ACER\Desktop\JRT.exe
2013-12-21 17:54 - 2013-12-21 17:55 - 01647712 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-21 17:53 - 2013-12-23 16:10 - 00004216 _____ C:\Windows\PFRO.log
2013-12-21 17:07 - 2013-12-21 17:11 - 633475534 _____ (Acresso Software Inc.) C:\Users\ACER\Downloads\Sims3_1.63.4.024002_from_1.57.62.023002.exe
2013-12-21 16:28 - 2013-12-21 16:33 - 00000000 ____D C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21
2013-12-21 15:37 - 2013-12-21 16:06 - 421632000 _____ C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21.iso
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET868B.tmp
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET8484.tmp
2013-12-12 17:00 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-12 17:00 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-12 17:00 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 16:59 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 16:59 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 16:59 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 16:59 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 16:59 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 16:59 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 16:59 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-12 16:59 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 16:59 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-12 16:59 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 16:59 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 16:59 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 16:59 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 20:03 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:03 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 20:03 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:03 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:03 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:03 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:03 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 20:03 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:03 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-08 12:21 - 2013-12-08 12:23 - 00001968 _____ C:\Users\ACER\Desktop\recept.txt
2013-12-03 20:22 - 2013-12-03 20:22 - 00000579 _____ C:\Users\ACER\Desktop\ENGINE – zástupce.lnk
2013-12-01 16:10 - 2013-12-01 16:14 - 561561830 _____ C:\Users\ACER\Downloads\THE-SETTLERS-4-GOLD-EDITION-CZ.rar
2013-12-01 15:52 - 2009-11-26 22:42 - 01355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll
2013-12-01 15:35 - 2013-12-01 15:35 - 00201802 _____ C:\Windows\system32\poclbm130302GeForce 9300M GSv1w256l4.bin
2013-12-01 15:35 - 2013-12-01 15:35 - 00000000 _____ C:\Users\ACER\regbcm
2013-12-01 15:14 - 2013-12-01 15:29 - 00000000 ____D C:\Users\ACER\Documents\OpenTTD
2013-12-01 13:59 - 2013-12-01 14:18 - 00000894 _____ C:\Users\UpdatusUser\Desktop\Port Royale 2.lnk
2013-12-01 13:59 - 2013-12-01 14:18 - 00000894 _____ C:\Users\ACER\Desktop\Port Royale 2.lnk
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Ascaron Entertainment
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 _____ C:\Users\Public\Documents\PCD604.L!C
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\Documents\Ascaron Entertainment
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2013-12-01 13:56 - 2013-12-01 13:56 - 00000000 ____D C:\Program Files\Ascaron Entertainment
2013-12-01 13:49 - 2013-12-01 13:49 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-01 13:37 - 2013-12-01 13:49 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-12-01 13:37 - 2013-12-01 13:37 - 00001699 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-11-23 20:39 - 2013-11-23 20:39 - 00012736 _____ C:\Users\ACER\Documents\cc_20131123_203940.reg
==================== One Month Modified Files and Folders =======
2013-12-23 16:30 - 2013-12-23 16:28 - 00015136 _____ C:\Users\ACER\Desktop\FRST.txt
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\FRST
2013-12-23 16:25 - 2013-12-23 16:25 - 00112640 _____ (forum.viry.cz) C:\Users\ACER\Desktop\FRSTLauncher.exe
2013-12-23 16:23 - 2013-12-23 16:23 - 01061231 _____ (Farbar) C:\Users\ACER\Desktop\FRST.exe
2013-12-23 16:18 - 2013-10-16 17:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-23 16:16 - 2013-07-10 17:36 - 01215855 _____ C:\Windows\WindowsUpdate.log
2013-12-23 16:11 - 2008-12-16 16:37 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2013-12-23 16:11 - 2008-08-06 09:06 - 00000147 _____ C:\Windows\system32\agent.log
2013-12-23 16:10 - 2013-12-21 17:53 - 00004216 _____ C:\Windows\PFRO.log
2013-12-23 16:10 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-23 16:10 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-23 16:10 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-23 08:08 - 2008-12-16 21:51 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-23 08:08 - 2006-11-02 14:01 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-22 13:35 - 2013-12-22 13:32 - 490434004 _____ C:\Users\ACER\Downloads\Hurá-do-basy-(2006)-byMrR-CZ.avi
2013-12-22 13:28 - 2013-12-22 13:22 - 756463616 _____ C:\Users\ACER\Downloads\Temne-patro-2009.cz.avi.avi
2013-12-22 13:21 - 2013-12-22 13:16 - 695374186 _____ C:\Users\ACER\Downloads\Insidious-(2010)-cz-titulky.avi
2013-12-22 13:09 - 2013-12-22 13:05 - 734613504 _____ C:\Users\ACER\Downloads\KR-13-2009-DVDRip-XviD-czdub.avi
2013-12-22 13:05 - 2013-12-22 13:00 - 778567364 _____ C:\Users\ACER\Downloads\Akta-X--Chci-uvěřit_TV-RIP_zkousec_h264_MP3.avi
2013-12-22 12:59 - 2013-12-22 12:55 - 733929472 _____ C:\Users\ACER\Downloads\Nenarozeni-cz-dabing-2009.avi
2013-12-22 12:53 - 2013-12-22 12:48 - 733672240 _____ C:\Users\ACER\Downloads\Pripad-cislo-39-CZ-dabing.avi
2013-12-22 12:46 - 2013-12-22 12:42 - 734763008 _____ C:\Users\ACER\Downloads\Pulnocni-vlak-cz.avi
2013-12-22 11:55 - 2013-12-22 11:40 - 00000000 ____D C:\AdwCleaner
2013-12-22 11:42 - 2012-12-27 16:48 - 00000000 ____D C:\Program Files\Uniblue
2013-12-22 11:41 - 2008-12-17 23:04 - 00000000 ____D C:\ProgramData\ICQ
2013-12-22 11:33 - 2013-12-22 11:33 - 00000000 ____D C:\Windows\ERUNT
2013-12-22 11:31 - 2013-12-22 11:31 - 01226750 _____ C:\Users\ACER\Desktop\adwcleaner.exe
2013-12-22 11:31 - 2013-12-22 11:31 - 01034531 _____ (Thisisu) C:\Users\ACER\Desktop\JRT.exe
2013-12-21 18:44 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-12-21 17:58 - 2009-11-20 17:43 - 00000000 ____D C:\Program Files\trend micro
2013-12-21 17:55 - 2013-12-21 17:54 - 01647712 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-21 17:19 - 2013-10-12 11:46 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-21 17:11 - 2013-12-21 17:07 - 633475534 _____ (Acresso Software Inc.) C:\Users\ACER\Downloads\Sims3_1.63.4.024002_from_1.57.62.023002.exe
2013-12-21 16:51 - 2012-12-27 16:49 - 00000000 ____D C:\Program Files\File Type Assistant
2013-12-21 16:46 - 2011-09-14 19:37 - 00000000 ____D C:\Users\ACER\AppData\Roaming\DAEMON Tools Lite
2013-12-21 16:33 - 2013-12-21 16:28 - 00000000 ____D C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21
2013-12-21 16:06 - 2013-12-21 15:37 - 421632000 _____ C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21.iso
2013-12-17 18:51 - 2012-01-23 23:04 - 00000339 _____ C:\WirelessDiagLog.csv
2013-12-15 14:45 - 2011-03-24 20:43 - 00000000 ____D C:\Program Files\Zrychleni Pocitace
2013-12-13 22:51 - 2013-05-15 20:41 - 00000270 __RSH C:\Users\ACER\ntuser.pol
2013-12-13 22:51 - 2008-12-16 16:19 - 00000000 ____D C:\Users\ACER
2013-12-13 16:41 - 2012-12-22 19:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-12 18:41 - 2013-04-12 15:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET868B.tmp
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET8484.tmp
2013-12-12 17:35 - 2008-08-06 08:28 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-12 17:16 - 2008-08-06 09:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 17:11 - 2013-07-21 19:18 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 17:02 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-10 23:20 - 2013-10-16 17:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 23:20 - 2013-04-29 18:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 21:10 - 2013-05-15 20:42 - 00000000 ____D C:\Users\Public\Documents\Explorer Suite Signatures
2013-12-08 16:09 - 2013-01-06 11:25 - 00000000 ____D C:\Games
2013-12-08 12:23 - 2013-12-08 12:21 - 00001968 _____ C:\Users\ACER\Desktop\recept.txt
2013-12-06 14:30 - 2008-01-21 07:47 - 01418586 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 20:23 - 2013-05-12 13:09 - 00000000 ____D C:\Hry
2013-12-03 20:22 - 2013-12-03 20:22 - 00000579 _____ C:\Users\ACER\Desktop\ENGINE – zástupce.lnk
2013-12-01 16:14 - 2013-12-01 16:10 - 561561830 _____ C:\Users\ACER\Downloads\THE-SETTLERS-4-GOLD-EDITION-CZ.rar
2013-12-01 15:35 - 2013-12-01 15:35 - 00201802 _____ C:\Windows\system32\poclbm130302GeForce 9300M GSv1w256l4.bin
2013-12-01 15:35 - 2013-12-01 15:35 - 00000000 _____ C:\Users\ACER\regbcm
2013-12-01 15:29 - 2013-12-01 15:14 - 00000000 ____D C:\Users\ACER\Documents\OpenTTD
2013-12-01 14:18 - 2013-12-01 13:59 - 00000894 _____ C:\Users\UpdatusUser\Desktop\Port Royale 2.lnk
2013-12-01 14:18 - 2013-12-01 13:59 - 00000894 _____ C:\Users\ACER\Desktop\Port Royale 2.lnk
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Ascaron Entertainment
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 _____ C:\Users\Public\Documents\PCD604.L!C
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\Documents\Ascaron Entertainment
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2013-12-01 13:56 - 2013-12-01 13:56 - 00000000 ____D C:\Program Files\Ascaron Entertainment
2013-12-01 13:49 - 2013-12-01 13:49 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-01 13:49 - 2013-12-01 13:37 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-12-01 13:37 - 2013-12-01 13:37 - 00001699 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-01 09:07 - 2011-11-10 20:44 - 00000000 ____D C:\Users\ACER\AppData\Local\PokerStars
2013-11-30 15:46 - 2013-01-04 15:15 - 00000000 ____D C:\Program Files\Full Tilt Poker
2013-11-30 08:27 - 2008-12-17 16:30 - 00000000 ____D C:\Users\ACER\AppData\Local\Adobe
2013-11-30 00:48 - 2011-03-13 22:44 - 00000000 ____D C:\Users\ACER\AppData\Local\FullTiltPoker
2013-11-26 12:25 - 2009-12-27 16:41 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-23 20:39 - 2013-11-23 20:39 - 00012736 _____ C:\Users\ACER\Documents\cc_20131123_203940.reg
Some content of TEMP:
====================
C:\Users\ACER\AppData\Local\temp\Quarantine.exe
C:\Users\ACER\AppData\Local\temp\RtkBtMnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Norton AntiVirus (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ACER\Desktop" je 4 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERHI~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe:*:Enabled:encryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe:*:Enabled:decryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe:*:Enabled:encryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe:*:Enabled:decryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe:*:Enabled:eDStbmngr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by ACER (administrator) on ACER-PC on 23-12-2013 16:28:48
Running from C:\Users\ACER\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(AVerMedia) C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
() C:\Program Files\Dokan\DokanLibrary\mounter.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
() C:\Program Files\IMPI\ExtensionUpdaterService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\ACER\Mobility Center\MobilityService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Realtek Semiconductor Corp.) C:\Users\ACER\AppData\Local\temp\RtkBtMnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Windows\inf\mskhqsmy\mskhqsmy.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(forum.viry.cz) C:\Users\ACER\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [mssrpmfbSrv] - C:\Windows\inf\mssrpmfb.vbe [1558 2013-08-27] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [ 2007-08-21] ()
AppInit_DLLs: C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [ 2010-09-17] (Google)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll ()
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\IPSBHO.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - No Name - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\tuvaro.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchw7th2.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: WebSite Recommendation - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\WebSiteRecommendation@weliketheweb.com
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox
========================== Services (Whitelisted) =================
R2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2008-04-08] (AVerMedia)
R2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [393216 2008-04-08] ()
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] ()
R2 DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-06-02] ()
S4 Folding@home-CPU-[1]; C:\Folding@HomeCPU\1\Fah.exe [422400 2012-01-25] ()
S4 Folding@home-CPU-[2]; C:\Folding@HomeCPU\2\Fah.exe [422400 2012-01-25] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-17] (Google)
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3602432 2008-12-16] ()
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] ()
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] ()
R2 Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\diMaster.dll [130928 2008-12-05] (Symantec Corporation)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2009-12-28] ()
S4 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-01-10] (Acer Incorporated)
==================== Drivers (Whitelisted) ====================
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [42608 2008-12-16] (Alfa Corporation)
R3 AVerBDA6x; C:\Windows\System32\DRIVERS\AVerBDA716x.sys [932864 2008-03-13] (AVerMedia TECHNOLOGIES, Inc.)
R1 BHDrvx86; C:\Windows\system32\drivers\NAV\1000000.07D\BHDrvx86.sys [254512 2013-02-21] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NAV\1000000.07D\ccHPx86.sys [362544 2013-02-21] (Symantec Corporation)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [95744 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-01] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-19] (Symantec Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20131220.001\IDSvix86.sys [394456 2013-12-12] (Symantec Corporation)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] ()
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20131222.020\NAVENG.SYS [93272 2013-12-18] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20131222.020\NAVEX15.SYS [1612376 2013-12-18] (Symantec Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S1 prodrv03; C:\Windows\System32\drivers\prodrv03.sys [115968 2012-01-03] (Protection Technology Co.)
R1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology)
R0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology)
R0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology)
R0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R3 SRTSP; C:\Windows\system32\drivers\NAV\1000000.07D\SRTSP.SYS [305712 2013-02-21] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1000000.07D\SRTSPX.SYS [43696 2013-02-21] (Symantec Corporation)
R3 SYMDNS; C:\Windows\system32\drivers\NAV\1000000.07D\SYMDNS.SYS [12976 2013-02-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1000000.07D\SYMEFA.SYS [309296 2013-02-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2013-02-21] (Symantec Corporation)
R3 SYMFW; C:\Windows\system32\drivers\NAV\1000000.07D\SYMFW.SYS [89904 2013-02-21] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [25136 2013-02-21] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\system32\drivers\NAV\1000000.07D\SYMNDISV.SYS [40496 2013-02-21] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\system32\drivers\NAV\1000000.07D\SYMREDRV.SYS [24752 2013-02-21] (Symantec Corporation)
R1 SYMTDI; C:\Windows\system32\drivers\NAV\1000000.07D\SYMTDI.SYS [198192 2013-02-21] (Symantec Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-07-18] (Cyberlink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\ACER\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-23 16:28 - 2013-12-23 16:30 - 00015136 _____ C:\Users\ACER\Desktop\FRST.txt
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\FRST
2013-12-23 16:25 - 2013-12-23 16:25 - 00112640 _____ (forum.viry.cz) C:\Users\ACER\Desktop\FRSTLauncher.exe
2013-12-23 16:23 - 2013-12-23 16:23 - 01061231 _____ (Farbar) C:\Users\ACER\Desktop\FRST.exe
2013-12-22 13:32 - 2013-12-22 13:35 - 490434004 _____ C:\Users\ACER\Downloads\Hurá-do-basy-(2006)-byMrR-CZ.avi
2013-12-22 13:22 - 2013-12-22 13:28 - 756463616 _____ C:\Users\ACER\Downloads\Temne-patro-2009.cz.avi.avi
2013-12-22 13:16 - 2013-12-22 13:21 - 695374186 _____ C:\Users\ACER\Downloads\Insidious-(2010)-cz-titulky.avi
2013-12-22 13:05 - 2013-12-22 13:09 - 734613504 _____ C:\Users\ACER\Downloads\KR-13-2009-DVDRip-XviD-czdub.avi
2013-12-22 13:00 - 2013-12-22 13:05 - 778567364 _____ C:\Users\ACER\Downloads\Akta-X--Chci-uvěřit_TV-RIP_zkousec_h264_MP3.avi
2013-12-22 12:55 - 2013-12-22 12:59 - 733929472 _____ C:\Users\ACER\Downloads\Nenarozeni-cz-dabing-2009.avi
2013-12-22 12:48 - 2013-12-22 12:53 - 733672240 _____ C:\Users\ACER\Downloads\Pripad-cislo-39-CZ-dabing.avi
2013-12-22 12:42 - 2013-12-22 12:46 - 734763008 _____ C:\Users\ACER\Downloads\Pulnocni-vlak-cz.avi
2013-12-22 11:40 - 2013-12-22 11:55 - 00000000 ____D C:\AdwCleaner
2013-12-22 11:33 - 2013-12-22 11:33 - 00000000 ____D C:\Windows\ERUNT
2013-12-22 11:31 - 2013-12-22 11:31 - 01226750 _____ C:\Users\ACER\Desktop\adwcleaner.exe
2013-12-22 11:31 - 2013-12-22 11:31 - 01034531 _____ (Thisisu) C:\Users\ACER\Desktop\JRT.exe
2013-12-21 17:54 - 2013-12-21 17:55 - 01647712 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-21 17:53 - 2013-12-23 16:10 - 00004216 _____ C:\Windows\PFRO.log
2013-12-21 17:07 - 2013-12-21 17:11 - 633475534 _____ (Acresso Software Inc.) C:\Users\ACER\Downloads\Sims3_1.63.4.024002_from_1.57.62.023002.exe
2013-12-21 16:28 - 2013-12-21 16:33 - 00000000 ____D C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21
2013-12-21 15:37 - 2013-12-21 16:06 - 421632000 _____ C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21.iso
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET868B.tmp
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET8484.tmp
2013-12-12 17:00 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-12 17:00 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-12 17:00 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 16:59 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 16:59 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 16:59 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 16:59 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 16:59 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 16:59 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 16:59 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-12 16:59 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 16:59 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-12 16:59 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 16:59 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 16:59 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 16:59 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 20:03 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:03 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 20:03 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:03 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:03 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:03 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:03 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 20:03 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:03 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-08 12:21 - 2013-12-08 12:23 - 00001968 _____ C:\Users\ACER\Desktop\recept.txt
2013-12-03 20:22 - 2013-12-03 20:22 - 00000579 _____ C:\Users\ACER\Desktop\ENGINE – zástupce.lnk
2013-12-01 16:10 - 2013-12-01 16:14 - 561561830 _____ C:\Users\ACER\Downloads\THE-SETTLERS-4-GOLD-EDITION-CZ.rar
2013-12-01 15:52 - 2009-11-26 22:42 - 01355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll
2013-12-01 15:35 - 2013-12-01 15:35 - 00201802 _____ C:\Windows\system32\poclbm130302GeForce 9300M GSv1w256l4.bin
2013-12-01 15:35 - 2013-12-01 15:35 - 00000000 _____ C:\Users\ACER\regbcm
2013-12-01 15:14 - 2013-12-01 15:29 - 00000000 ____D C:\Users\ACER\Documents\OpenTTD
2013-12-01 13:59 - 2013-12-01 14:18 - 00000894 _____ C:\Users\UpdatusUser\Desktop\Port Royale 2.lnk
2013-12-01 13:59 - 2013-12-01 14:18 - 00000894 _____ C:\Users\ACER\Desktop\Port Royale 2.lnk
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Ascaron Entertainment
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 _____ C:\Users\Public\Documents\PCD604.L!C
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\Documents\Ascaron Entertainment
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2013-12-01 13:56 - 2013-12-01 13:56 - 00000000 ____D C:\Program Files\Ascaron Entertainment
2013-12-01 13:49 - 2013-12-01 13:49 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-01 13:37 - 2013-12-01 13:49 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-12-01 13:37 - 2013-12-01 13:37 - 00001699 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-11-23 20:39 - 2013-11-23 20:39 - 00012736 _____ C:\Users\ACER\Documents\cc_20131123_203940.reg
==================== One Month Modified Files and Folders =======
2013-12-23 16:30 - 2013-12-23 16:28 - 00015136 _____ C:\Users\ACER\Desktop\FRST.txt
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\FRST
2013-12-23 16:25 - 2013-12-23 16:25 - 00112640 _____ (forum.viry.cz) C:\Users\ACER\Desktop\FRSTLauncher.exe
2013-12-23 16:23 - 2013-12-23 16:23 - 01061231 _____ (Farbar) C:\Users\ACER\Desktop\FRST.exe
2013-12-23 16:18 - 2013-10-16 17:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-23 16:16 - 2013-07-10 17:36 - 01215855 _____ C:\Windows\WindowsUpdate.log
2013-12-23 16:11 - 2008-12-16 16:37 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2013-12-23 16:11 - 2008-08-06 09:06 - 00000147 _____ C:\Windows\system32\agent.log
2013-12-23 16:10 - 2013-12-21 17:53 - 00004216 _____ C:\Windows\PFRO.log
2013-12-23 16:10 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-23 16:10 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-23 16:10 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-23 08:08 - 2008-12-16 21:51 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-23 08:08 - 2006-11-02 14:01 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-22 13:35 - 2013-12-22 13:32 - 490434004 _____ C:\Users\ACER\Downloads\Hurá-do-basy-(2006)-byMrR-CZ.avi
2013-12-22 13:28 - 2013-12-22 13:22 - 756463616 _____ C:\Users\ACER\Downloads\Temne-patro-2009.cz.avi.avi
2013-12-22 13:21 - 2013-12-22 13:16 - 695374186 _____ C:\Users\ACER\Downloads\Insidious-(2010)-cz-titulky.avi
2013-12-22 13:09 - 2013-12-22 13:05 - 734613504 _____ C:\Users\ACER\Downloads\KR-13-2009-DVDRip-XviD-czdub.avi
2013-12-22 13:05 - 2013-12-22 13:00 - 778567364 _____ C:\Users\ACER\Downloads\Akta-X--Chci-uvěřit_TV-RIP_zkousec_h264_MP3.avi
2013-12-22 12:59 - 2013-12-22 12:55 - 733929472 _____ C:\Users\ACER\Downloads\Nenarozeni-cz-dabing-2009.avi
2013-12-22 12:53 - 2013-12-22 12:48 - 733672240 _____ C:\Users\ACER\Downloads\Pripad-cislo-39-CZ-dabing.avi
2013-12-22 12:46 - 2013-12-22 12:42 - 734763008 _____ C:\Users\ACER\Downloads\Pulnocni-vlak-cz.avi
2013-12-22 11:55 - 2013-12-22 11:40 - 00000000 ____D C:\AdwCleaner
2013-12-22 11:42 - 2012-12-27 16:48 - 00000000 ____D C:\Program Files\Uniblue
2013-12-22 11:41 - 2008-12-17 23:04 - 00000000 ____D C:\ProgramData\ICQ
2013-12-22 11:33 - 2013-12-22 11:33 - 00000000 ____D C:\Windows\ERUNT
2013-12-22 11:31 - 2013-12-22 11:31 - 01226750 _____ C:\Users\ACER\Desktop\adwcleaner.exe
2013-12-22 11:31 - 2013-12-22 11:31 - 01034531 _____ (Thisisu) C:\Users\ACER\Desktop\JRT.exe
2013-12-21 18:44 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-12-21 17:58 - 2009-11-20 17:43 - 00000000 ____D C:\Program Files\trend micro
2013-12-21 17:55 - 2013-12-21 17:54 - 01647712 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-21 17:19 - 2013-10-12 11:46 - 00000000 ____D C:\Program Files\Electronic Arts
2013-12-21 17:11 - 2013-12-21 17:07 - 633475534 _____ (Acresso Software Inc.) C:\Users\ACER\Downloads\Sims3_1.63.4.024002_from_1.57.62.023002.exe
2013-12-21 16:51 - 2012-12-27 16:49 - 00000000 ____D C:\Program Files\File Type Assistant
2013-12-21 16:46 - 2011-09-14 19:37 - 00000000 ____D C:\Users\ACER\AppData\Roaming\DAEMON Tools Lite
2013-12-21 16:33 - 2013-12-21 16:28 - 00000000 ____D C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21
2013-12-21 16:06 - 2013-12-21 15:37 - 421632000 _____ C:\Users\ACER\Downloads\The-Sims-3-Tropický-ráj---By-Repsol21.iso
2013-12-17 18:51 - 2012-01-23 23:04 - 00000339 _____ C:\WirelessDiagLog.csv
2013-12-15 14:45 - 2011-03-24 20:43 - 00000000 ____D C:\Program Files\Zrychleni Pocitace
2013-12-13 22:51 - 2013-05-15 20:41 - 00000270 __RSH C:\Users\ACER\ntuser.pol
2013-12-13 22:51 - 2008-12-16 16:19 - 00000000 ____D C:\Users\ACER
2013-12-13 16:41 - 2012-12-22 19:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-12 18:41 - 2013-04-12 15:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET868B.tmp
2013-12-12 17:35 - 2013-12-12 17:35 - 00000000 _____ C:\Windows\system32\SET8484.tmp
2013-12-12 17:35 - 2008-08-06 08:28 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-12 17:16 - 2008-08-06 09:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 17:11 - 2013-07-21 19:18 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 17:02 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-10 23:20 - 2013-10-16 17:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 23:20 - 2013-04-29 18:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 21:10 - 2013-05-15 20:42 - 00000000 ____D C:\Users\Public\Documents\Explorer Suite Signatures
2013-12-08 16:09 - 2013-01-06 11:25 - 00000000 ____D C:\Games
2013-12-08 12:23 - 2013-12-08 12:21 - 00001968 _____ C:\Users\ACER\Desktop\recept.txt
2013-12-06 14:30 - 2008-01-21 07:47 - 01418586 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 20:23 - 2013-05-12 13:09 - 00000000 ____D C:\Hry
2013-12-03 20:22 - 2013-12-03 20:22 - 00000579 _____ C:\Users\ACER\Desktop\ENGINE – zástupce.lnk
2013-12-01 16:14 - 2013-12-01 16:10 - 561561830 _____ C:\Users\ACER\Downloads\THE-SETTLERS-4-GOLD-EDITION-CZ.rar
2013-12-01 15:35 - 2013-12-01 15:35 - 00201802 _____ C:\Windows\system32\poclbm130302GeForce 9300M GSv1w256l4.bin
2013-12-01 15:35 - 2013-12-01 15:35 - 00000000 _____ C:\Users\ACER\regbcm
2013-12-01 15:29 - 2013-12-01 15:14 - 00000000 ____D C:\Users\ACER\Documents\OpenTTD
2013-12-01 14:18 - 2013-12-01 13:59 - 00000894 _____ C:\Users\UpdatusUser\Desktop\Port Royale 2.lnk
2013-12-01 14:18 - 2013-12-01 13:59 - 00000894 _____ C:\Users\ACER\Desktop\Port Royale 2.lnk
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Ascaron Entertainment
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 _____ C:\Users\Public\Documents\PCD604.L!C
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\Documents\Ascaron Entertainment
2013-12-01 13:57 - 2013-12-01 13:57 - 00000000 ____D C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2013-12-01 13:56 - 2013-12-01 13:56 - 00000000 ____D C:\Program Files\Ascaron Entertainment
2013-12-01 13:49 - 2013-12-01 13:49 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-01 13:49 - 2013-12-01 13:37 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-12-01 13:37 - 2013-12-01 13:37 - 00001699 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-01 09:07 - 2011-11-10 20:44 - 00000000 ____D C:\Users\ACER\AppData\Local\PokerStars
2013-11-30 15:46 - 2013-01-04 15:15 - 00000000 ____D C:\Program Files\Full Tilt Poker
2013-11-30 08:27 - 2008-12-17 16:30 - 00000000 ____D C:\Users\ACER\AppData\Local\Adobe
2013-11-30 00:48 - 2011-03-13 22:44 - 00000000 ____D C:\Users\ACER\AppData\Local\FullTiltPoker
2013-11-26 12:25 - 2009-12-27 16:41 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-23 20:39 - 2013-11-23 20:39 - 00012736 _____ C:\Users\ACER\Documents\cc_20131123_203940.reg
Some content of TEMP:
====================
C:\Users\ACER\AppData\Local\temp\Quarantine.exe
C:\Users\ACER\AppData\Local\temp\RtkBtMnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Norton AntiVirus (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ACER\Desktop" je 4 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERHI~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe:*:Enabled:encryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe:*:Enabled:decryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe:*:Enabled:encryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe:*:Enabled:decryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe:*:Enabled:eDStbmngr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (3.91 KiB) Staženo 57 x
Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [mssrpmfbSrv] - C:\Windows\inf\mssrpmfb.vbe [1558 2013-08-27] () HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch SearchScopes: HKLM - DefaultScope value is missing. BHO: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll () Toolbar: HKLM - No Name - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File FF SearchPlugin: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\tuvaro.xml FF Extension: WebSite Recommendation - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\WebSiteRecommendation@weliketheweb.com FF Extension: IMPI - C:\Program Files\IMPI\Firefox S3 catchme; \??\C:\Users\ACER\AppData\Local\Temp\catchme.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] 2013-12-15 14:45 - 2011-03-24 20:43 - 00000000 ____D C:\Program Files\Zrychleni Pocitace Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-12-2013 01
Ran by ACER at 2013-12-25 10:06:00 Run:1
Running from C:\Users\ACER\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [mssrpmfbSrv] - C:\Windows\inf\mssrpmfb.vbe [1558 2013-08-27] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll ()
Toolbar: HKLM - No Name - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF SearchPlugin: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\tuvaro.xml
FF Extension: WebSite Recommendation - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\WebSiteRecommendation@weliketheweb.com
FF Extension: IMPI - C:\Program Files\IMPI\Firefox
S3 catchme; \??\C:\Users\ACER\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
2013-12-15 14:45 - 2011-03-24 20:43 - 00000000 ____D C:\Program Files\Zrychleni Pocitace
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mssrpmfbSrv => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKCR\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} => Value deleted successfully.
HKCR\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\tuvaro.xml => Moved successfully.
C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\WebSiteRecommendation@weliketheweb.com => Moved successfully.
C:\Program Files\IMPI\Firefox => Moved successfully.
catchme => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Program Files\Zrychleni Pocitace => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by ACER at 2013-12-25 10:06:00 Run:1
Running from C:\Users\ACER\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [mssrpmfbSrv] - C:\Windows\inf\mssrpmfb.vbe [1558 2013-08-27] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll ()
Toolbar: HKLM - No Name - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF SearchPlugin: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\tuvaro.xml
FF Extension: WebSite Recommendation - C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\WebSiteRecommendation@weliketheweb.com
FF Extension: IMPI - C:\Program Files\IMPI\Firefox
S3 catchme; \??\C:\Users\ACER\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
2013-12-15 14:45 - 2011-03-24 20:43 - 00000000 ____D C:\Program Files\Zrychleni Pocitace
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mssrpmfbSrv => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKCR\CLSID\{17E113E6-CD0E-4045-B154-65F0E57959EF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} => Value deleted successfully.
HKCR\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\searchplugins\tuvaro.xml => Moved successfully.
C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\f5zpykzg.default\Extensions\WebSiteRecommendation@weliketheweb.com => Moved successfully.
C:\Program Files\IMPI\Firefox => Moved successfully.
catchme => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Program Files\Zrychleni Pocitace => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
už je to v pohodě.moc díky za pomoc a šťastný Nový rok přeju
Re: prosím o kontrolu.velké využití paměti a CPU.proces mskh
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?