Dobrý den dnes se mi dostal do rukou bratrancův notebook. |Je neskutečně pomalý, v prohlížečích se otevírají nežádané stránky, všude vyskakuje kupa reklam.
log prikladam zde:
Logfile of random's system information tool 1.10 (written by random/random)
Run by jarda at 2015-05-19 17:45:48
Microsoft Windows 8.1
System drive C: has 739 GB (79%) free of 936 GB
Total RAM: 7988 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:46:02, on 19. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\jarda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\jarda\AppData\Roaming\TornTV.com\TornTV Downloader.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files (x86)\Reverse Page\bin\ReversePage.BrowserAdapter.exe
C:\Program Files (x86)\Reverse Page\bin\ReversePage.expext.exe
C:\Program Files (x86)\Reverse Page\bin\ReversePage.BOASHelper.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Reverse Page\bin\ReversePage.BOASPRT.exe
C:\Program Files (x86)\Reverse Page\bin\ReversePage.BOAS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\jarda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpp ... DC478DC478
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpp ... DC478DC478
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpp ... DC478DC478
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpp ... DC478DC478
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Reverse Page 1.0.0.7 - {83dc36e5-db3f-461a-8fbc-245e44000b1f} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HFALoader] C:\Program Files (x86)\Hamster Soft\Hamster Free Archiver\HamsterArc.exe -loader
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [TornTv Downloader] C:\Users\jarda\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\jarda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
O4 - HKUS\S-1-5-21-255666515-4009557440-1129730794-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Startup: TornTvDownloader.lnk = jarda\AppData\Roaming\TornTV.com\TornTV Downloader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @oem3.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Torntv Downloader (trntv) - Cool Mirage - C:\Users\jarda\AppData\Roaming\TornTV.com\TornTVSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Reverse Page - Unknown owner - C:\Program Files (x86)\Reverse Page\updateReversePage.exe
O23 - Service: Util Reverse Page - Unknown owner - C:\Program Files (x86)\Reverse Page\bin\utilReversePage.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13887 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {48fa8a4d-37a9-411a-b5f7539d3ce53b46}
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Users\jarda\AppData\Roaming\TornTV.com\TornTVSvc.exe
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
ngservice.exe pipeserver
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
taskhost.exe $(Arg0)
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
igfxEM.exe
ClassicStartMenu.exe -startup
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\igfxext.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Users\jarda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Users\jarda\AppData\Roaming\TornTV.com\TornTV Downloader.exe" /c=startup
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Reverse Page\updateReversePage.exe"
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe" /pcm
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files (x86)\Reverse Page\bin\utilReversePage.exe"
"C:\Program Files (x86)\Reverse Page\bin\ReversePage.PurBrowse64.exe" /l false /s false /c "Reverse Page" /t "C:\Program Files (x86)\Reverse Page\bin\TEMP" /i "http://apireversepageco-a.akamaihd.net/ ... 0000000000" /d {d2fdc1de-992e-4939-98b7-06c65f42ed12}w64 /p 6019eee2-16e4-40bd-b2d9-ddb23c517ab0:chrome /p 4cf6c00c-b8ba-4d33-b875-6fe995f22318:iexplore /h cdn.sharedaddomain.com,cdn.sharedaddomain2.com 0 10 "C:\Program Files (x86)\Reverse Page\bin\bau" true
\??\C:\WINDOWS\system32\conhost.exe 0x4
/ch 6019eee2-16e4-40bd-b2d9-ddb23c517ab0 /ie 4cf6c00c-b8ba-4d33-b875-6fe995f22318 /z "n=ReversePage&is=fmxqtcz&dpt=20"
/ch 6019eee2-16e4-40bd-b2d9-ddb23c517ab0 /ie 4cf6c00c-b8ba-4d33-b875-6fe995f22318 /z "n=ReversePage&is=fmxqtcz&dpt=20"
/ieg 4cf6c00c-b8ba-4d33-b875-6fe995f22318 /is fmxqtcz
/w 910 /h 100 /cg 153cde0f-9c2d-4299-8983-0ef6cf3ff02d /gc 1 /ff 1 /ie 1 /is fmxqtcz
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
taskeng.exe {2FF622A0-C989-4133-AC95-96447ADE050A}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://isearch.omiga-plus.com/?type=sc& ... DC478DC478
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5880.0.842708121\263914834" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3621 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_DisplayHintTextControl_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5880.2.251493656\2034277147" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_DisplayHintTextControl_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5880.3.1401655533\1077159595" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_DisplayHintTextControl_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5880.4.1603019326\2147196853" /prefetch:673131151
"C:\Program Files (x86)\Reverse Page\bin\ReversePage.BOASPRT.exe" /w 910 /h 100 /hw 132202 /g 153cde0f-9c2d-4299-8983-0ef6cf3ff02d /is fmxqtcz
"C:\Program Files (x86)\Reverse Page\bin\ReversePage.BOAS.exe" /w 910 /h 100 /hw 132202 /g 153cde0f-9c2d-4299-8983-0ef6cf3ff02d /is fmxqtcz /bt 0 /ps \\.\pipe\boa{B01E9B29-FE97-464B-8DAC-65C886E307C5} /bv 42
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5880.6.718208467\1746233657" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_DisplayHintTextControl_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5880.7.658973202\1937309535" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_DisplayHintTextControl_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5880.8.1270171484\238252308" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_DisplayHintTextControl_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5880 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5880.9.732652086\975497852" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe18_ Global\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\jarda\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core.job - C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA.job - C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Norton Security Scan for jarda.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-14 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83dc36e5-db3f-461a-8fbc-245e44000b1f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-14 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-20 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-01-29 13267016]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-01-18 1276488]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [2013-10-15 10592256]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-01-17 3010800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TornTv Downloader"=C:\Users\jarda\AppData\Roaming\TornTV.com\Torntv Downloader.exe [2015-01-22 306176]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [2014-11-27 338888]
"Yahoo! Search"=C:\Users\jarda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [2015-03-28 644352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2013-10-16 111216]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-14 5512912]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"HFALoader"=C:\Program Files (x86)\Hamster Soft\Hamster Free Archiver\HamsterArc.exe [2013-06-17 9776624]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2015-04-28 2004360]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TornTvDownloader.lnk - C:\Users\jarda\AppData\Roaming\TornTV.com\TornTV Downloader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-19 17:45:49 ----D---- C:\Program Files\trend micro
2015-05-19 17:45:48 ----D---- C:\rsit
2015-05-19 17:31:54 ----A---- C:\WINDOWS\system32\drivers\{d2fdc1de-992e-4939-98b7-06c65f42ed12}w64.sys
2015-05-17 11:58:03 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 11:58:03 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 07:28:29 ----A---- C:\WINDOWS\system32\drivers\{62ef299e-e3f9-479a-9bc1-8f1ce7a51ee8}w64.sys
2015-05-15 14:28:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-15 14:28:46 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-15 14:28:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-15 14:28:39 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-15 14:28:39 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-15 14:28:39 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-15 14:28:38 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-15 14:28:37 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-15 14:28:36 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-15 14:28:34 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-15 14:28:34 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-15 14:28:29 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-15 14:28:28 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-15 14:28:28 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-15 14:28:28 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-15 14:28:28 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-15 14:28:28 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-15 14:28:27 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-15 14:28:27 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-15 14:28:27 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-15 14:28:27 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-15 14:28:26 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-15 14:28:26 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-15 14:28:24 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-15 14:28:15 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-15 14:28:15 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-15 14:28:12 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-15 14:28:12 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-15 14:20:56 ----A---- C:\WINDOWS\system32\services.exe
2015-05-15 14:20:55 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-15 14:20:55 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-15 14:20:55 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-15 14:20:54 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-15 14:20:54 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-15 14:20:54 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-15 14:20:46 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-15 14:20:43 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-15 14:20:39 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-15 14:20:38 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-15 14:20:36 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-15 14:20:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-15 14:20:35 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-15 14:20:35 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-15 14:20:34 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-15 14:20:34 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-15 14:20:34 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-15 14:20:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-15 14:20:34 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-15 14:20:33 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-15 14:20:33 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-15 14:20:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-15 14:20:25 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-15 14:20:25 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-15 14:20:25 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-15 14:20:25 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-15 13:04:11 ----A---- C:\WINDOWS\system32\drivers\{b3b8a2af-a9d1-4fe0-8e7c-28f57acf9dfb}w64.sys
2015-04-25 12:07:58 ----A---- C:\WINDOWS\system32\drivers\{806c7faa-cecc-4ae1-a0e0-3c42cc68b8bd}w64.sys
======List of files/folders modified in the last 1 month======
2015-05-19 17:45:55 ----D---- C:\WINDOWS\Prefetch
2015-05-19 17:45:49 ----RD---- C:\Program Files
2015-05-19 17:42:24 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2015-05-19 17:32:40 ----A---- C:\WINDOWS\win.ini
2015-05-19 17:32:37 ----D---- C:\Program Files (x86)\Reverse Page
2015-05-19 17:32:09 ----D---- C:\WINDOWS\Temp
2015-05-19 17:31:54 ----D---- C:\WINDOWS\system32\drivers
2015-05-19 17:28:35 ----D---- C:\WINDOWS\system32\sru
2015-05-19 17:26:52 ----D---- C:\WINDOWS\AppReadiness
2015-05-18 18:02:32 ----D---- C:\WINDOWS\system32\config
2015-05-18 17:48:57 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-05-18 17:47:03 ----D---- C:\WINDOWS\WinSxS
2015-05-18 17:45:26 ----D---- C:\WINDOWS\Inf
2015-05-18 17:45:13 ----A---- C:\WINDOWS\system32\wpbbin.exe
2015-05-17 20:08:32 ----RD---- C:\WINDOWS\System32
2015-05-17 20:08:32 ----D---- C:\WINDOWS\SysWOW64
2015-05-17 20:08:30 ----D---- C:\WINDOWS\apppatch
2015-05-17 20:08:28 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-17 20:08:02 ----D---- C:\WINDOWS\CbsTemp
2015-05-17 20:07:18 ----D---- C:\Users\jarda\AppData\Roaming\ClassicShell
2015-05-17 19:02:23 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-17 19:01:33 ----RSD---- C:\WINDOWS\assembly
2015-05-17 18:57:47 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-17 18:57:17 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-17 18:57:12 ----RSD---- C:\WINDOWS\Fonts
2015-05-17 18:41:11 ----D---- C:\WINDOWS\system32\MRT
2015-05-17 18:41:02 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-17 18:13:55 ----D---- C:\Program Files\Internet Explorer
2015-05-17 18:13:55 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-17 11:50:55 ----D---- C:\Program Files\Windows Journal
2015-05-17 07:36:28 ----HD---- C:\Program Files\WindowsApps
2015-05-16 07:21:04 ----SHD---- C:\System Volume Information
2015-05-16 06:42:03 ----SHD---- C:\WINDOWS\Installer
2015-05-16 06:37:12 ----D---- C:\Program Files (x86)
2015-05-16 06:37:10 ----D---- C:\WINDOWS\Tasks
2015-05-15 15:47:15 ----D---- C:\WINDOWS\system32\catroot2
2015-05-05 19:59:54 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-04-14 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-04-14 271200]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-04-14 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-04-14 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-04-14 442264]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-12 487216]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-04-14 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-04-14 88408]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-04-14 136752]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-14 273824]
R3 BCM42RLY;BCM42RLY; C:\WINDOWS\system32\drivers\BCM42RLY.sys [2013-10-15 22632]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-21 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-01-29 3311944]
R3 IntcDAud;@oem17.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem24.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-09-05 11273504]
R3 Ps2Kb2Hid;@oem5.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2013-10-16 26736]
R3 RSBASTOR;@oem11.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2012-08-17 288256]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-01-17 31472]
R3 SynTP;@oem8.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-01-17 464624]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 bcbtums;@oem3.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2012-10-01 169240]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
S3 dg_ssudbus;@oem33.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem23.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem35.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 trufos;trufos; C:\WINDOWS\system32\drivers\trufos.sys [2014-07-11 350160]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-18 121088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2015-04-28 178568]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-14 343336]
R2 BcmBtRSupport;@oem3.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe [2012-10-01 2227992]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2013-01-09 960216]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-02-20 2615368]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2013-01-16 350984]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-24 2457232]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-05-21 314696]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-01-16 158896]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2014-11-27 437704]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-10-16 96880]
R2 trntv;Torntv Downloader; C:\Users\jarda\AppData\Roaming\TornTV.com\TornTVSvc.exe [2015-01-22 23552]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 Update Reverse Page;Update Reverse Page; C:\Program Files (x86)\Reverse Page\updateReversePage.exe [2015-05-19 658168]
R2 Util Reverse Page;Util Reverse Page; C:\Program Files (x86)\Reverse Page\bin\utilReversePage.exe [2015-05-19 658168]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-14 4030800]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-01-18 660040]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11 116648]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-05-21 278344]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-11-16 469648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o pomoc s viry
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Prosím o pomoc s viry
Omlouvám se za ty prázdné posty ani nevím jak se to stalo nedá se na tom pc skoro nic dělat.
Re: Prosím o pomoc s viry
Krasny den Vam preju 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o pomoc s viry
# AdwCleaner v4.204 - Log vytvořen 19/05/2015 v 18:08:31
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : jarda - HORNÍKOVI
# Spuštěno z : C:\Users\jarda\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění
***** [ Služby ] *****
Služba Smazáno : APNMCP
[#] Služba Smazáno : IHProtect Service
[#] Služba Smazáno : pcsuservice
[#] Služba Smazáno : trntv
[#] Služba Smazáno : WindowsMangerProtect
[#] Služba Smazáno : Update Reverse Page
[#] Služba Smazáno : Util Reverse Page
Služba Smazáno : {0d65a344-f995-4299-856d-5fed092e3452}Gw64
Služba Smazáno : {1ba7fb6a-fa1f-4a13-873c-a4b8ee5a52a2}Gw64
Služba Smazáno : {29eb638a-6d5a-4991-8851-b2d34edf4f64}Gw64
Služba Smazáno : {2aa743cb-afd8-4756-927f-f085a5062b91}Gw64
Služba Smazáno : {304c2a7d-b0e5-4752-bc7f-90d4456afe97}Gw64
Služba Smazáno : {31d73085-c36d-421a-a484-ab1b708e3456}Gw64
Služba Smazáno : {3ad5a8e4-b8a3-4333-9022-726dc1eda808}Gw64
Služba Smazáno : {3e26b928-0db2-4fd1-bc29-c87d5b3a0564}Gw64
Služba Smazáno : {4289c69f-577e-41b1-9923-8ed1ff38e0ba}Gw64
Služba Smazáno : {440fcf74-387d-4c6b-83f7-b92c9cfbf61b}Gw64
Služba Smazáno : {44ccc73b-2c79-4528-b51c-bc6942b43d70}Gw64
Služba Smazáno : {48dc18da-f06f-4891-b5db-5b184244f469}Gw64
Služba Smazáno : {4c296860-54b8-44ec-8fd3-b3777283520f}Gw64
Služba Smazáno : {62ef299e-e3f9-479a-9bc1-8f1ce7a51ee8}w64
Služba Smazáno : {6921794f-4437-454f-926f-713dc444a2a2}Gw64
Služba Smazáno : {6da6982a-4cc9-4ce4-9d22-b5594dc744e2}Gw64
Služba Smazáno : {70577838-ef7e-45d3-a249-5d43ed500b6b}Gw64
Služba Smazáno : {713f4525-9b38-40c8-81c7-6dd3bd0d9646}Gw64
Služba Smazáno : {7a2310c4-2c82-4278-b597-17ee1b693265}Gw64
Služba Smazáno : {806c7faa-cecc-4ae1-a0e0-3c42cc68b8bd}w64
Služba Smazáno : {873e9c4a-7b09-499b-bc47-9fc4bc35c8e9}Gw64
Služba Smazáno : {8be37afa-8ad9-4def-9845-a6580430c575}Gw64
Služba Smazáno : {915e08ca-8cc7-486c-887c-d088eab7acca}Gw64
Služba Smazáno : {94b388e3-b8e9-4440-9f2c-606d4fc4845c}Gw64
Služba Smazáno : {9652c7a7-7363-4f0e-bf03-3b32b55ea241}Gw64
Služba Smazáno : {a972c4da-d204-4113-b9e5-c8f5e9157e30}Gw64
Služba Smazáno : {b3b8a2af-a9d1-4fe0-8e7c-28f57acf9dfb}w64
Služba Smazáno : {c3d3f4e1-81a0-4d48-8492-60320708b6f1}Gw64
Služba Smazáno : {c98dbf8c-0384-41b5-82f6-355d7c346e53}Gw64
Služba Smazáno : {cf5f934f-d49f-4748-b9be-59d4e037c51c}Gw64
Služba Smazáno : {d2fdc1de-992e-4939-98b7-06c65f42ed12}w64
Služba Smazáno : {ec48494d-e0d5-40c8-93d5-69612e9b1df0}Gw64
Služba Smazáno : {ef97e02e-4b65-428e-b633-93a93f8e5c23}Gw64
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\PC Performer
Složka Smazáno : C:\Program Files (x86)\Zrychleni Pocitace
Složka Smazáno : C:\Program Files (x86)\XTab
Složka Smazáno : C:\Program Files (x86)\Reverse Page
Složka Smazáno : C:\Users\jarda\AppData\Local\Temp\apn
Složka Smazáno : C:\Users\jarda\AppData\Local\Temp\Reverse Page
Složka Smazáno : C:\Users\jarda\AppData\Local\AskPartnerNetwork
Složka Smazáno : C:\Users\jarda\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Složka Smazáno : C:\Users\jarda\AppData\Local\pay-by-ads
Složka Smazáno : C:\Users\jarda\AppData\Local\PCPerformerSetup
Složka Smazáno : C:\Users\jarda\AppData\Roaming\PerformerSoft
Složka Smazáno : C:\Users\jarda\AppData\Roaming\TornTV.com
Složka Smazáno : C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Složka Smazáno : C:\Users\jarda\Documents\PCSpeedUp
Složka Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[/!\] Ne Smazáno ( Junction ) : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage-journal
Soubor Smazáno : C:\WINDOWS\performersoftsetup.dll
Soubor Smazáno : C:\WINDOWS\System32\drivers\{0d65a344-f995-4299-856d-5fed092e3452}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{1ba7fb6a-fa1f-4a13-873c-a4b8ee5a52a2}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{29eb638a-6d5a-4991-8851-b2d34edf4f64}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{2aa743cb-afd8-4756-927f-f085a5062b91}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{304c2a7d-b0e5-4752-bc7f-90d4456afe97}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{31d73085-c36d-421a-a484-ab1b708e3456}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{3ad5a8e4-b8a3-4333-9022-726dc1eda808}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{3e26b928-0db2-4fd1-bc29-c87d5b3a0564}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{4289c69f-577e-41b1-9923-8ed1ff38e0ba}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{440fcf74-387d-4c6b-83f7-b92c9cfbf61b}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{44ccc73b-2c79-4528-b51c-bc6942b43d70}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{48dc18da-f06f-4891-b5db-5b184244f469}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{4c296860-54b8-44ec-8fd3-b3777283520f}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{62ef299e-e3f9-479a-9bc1-8f1ce7a51ee8}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{6921794f-4437-454f-926f-713dc444a2a2}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{6da6982a-4cc9-4ce4-9d22-b5594dc744e2}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{70577838-ef7e-45d3-a249-5d43ed500b6b}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{713f4525-9b38-40c8-81c7-6dd3bd0d9646}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{7a2310c4-2c82-4278-b597-17ee1b693265}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{806c7faa-cecc-4ae1-a0e0-3c42cc68b8bd}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{873e9c4a-7b09-499b-bc47-9fc4bc35c8e9}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{8be37afa-8ad9-4def-9845-a6580430c575}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{915e08ca-8cc7-486c-887c-d088eab7acca}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{94b388e3-b8e9-4440-9f2c-606d4fc4845c}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{9652c7a7-7363-4f0e-bf03-3b32b55ea241}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{a972c4da-d204-4113-b9e5-c8f5e9157e30}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{b3b8a2af-a9d1-4fe0-8e7c-28f57acf9dfb}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{c3d3f4e1-81a0-4d48-8492-60320708b6f1}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{c98dbf8c-0384-41b5-82f6-355d7c346e53}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{cf5f934f-d49f-4748-b9be-59d4e037c51c}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{d2fdc1de-992e-4939-98b7-06c65f42ed12}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{ec48494d-e0d5-40c8-93d5-69612e9b1df0}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{ef97e02e-4b65-428e-b633-93a93f8e5c23}Gw64.sys
Soubor Smazáno : C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_a2g-secure.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_a2g-secure.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cs.reimageplus.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cs.reimageplus.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_q.search-simple.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_q.search-simple.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.omiga-plus.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.omiga-plus.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
Úloha Smazáno : PC SpeedUp Service Deactivator
Úloha Smazáno : Yahoo! Search
Úloha Smazáno : Yahoo! Search Updater
***** [ Zástupci ] *****
Zástupce Vyléčeno : C:\Users\Public\Desktop\Google Chrome.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKCU\Software\Classes\keepmysearch
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.Registry
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Reverse Page
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Reverse Page
Klíč Smazáno : HKCU\Software\Classes\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9103c314-c4e2-4463-8934-b19bcb46236d}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103c314-c4e2-4463-8934-b19bcb46236d}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97cef41c-5055-474a-855a-892d4fe3e596}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d375ee64-f893-498a-a0e9-0e9829c88c3d}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9103c314-c4e2-4463-8934-b19bcb46236d}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\OldSearch
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3281D400-D2AD-4851-B0BC-8E3D14789B69}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{727593F0-B2FE-45A0-899D-E9342E9AFF37}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A5C46C1-B185-4070-BEA2-15F0E0D35F7D}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\PerformerSoft
Klíč Smazáno : HKCU\Software\Speedchecker Limited
Klíč Smazáno : HKCU\Software\Reverse Page
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\omiga-plusSoftware
Klíč Smazáno : HKLM\SOFTWARE\PerformerSoft
Klíč Smazáno : HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\Reverse Page
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCPerformer_is1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : [x64] HKLM\SOFTWARE\TornTv Downloader
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reverse Page
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v42.0.2311.152
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478&q={searchTerms}
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478&q={searchTerms}
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.search.ask.com/?gct=hp
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Default_Search_Provider_Data] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478&q={searchTerms}
*************************
AdwCleaner[R0].txt - [15124 bytů] - [10/07/2014 16:11:54]
AdwCleaner[R1].txt - [25210 bytů] - [19/05/2015 18:02:50]
AdwCleaner[S0].txt - [14398 bytů] - [10/07/2014 16:12:17]
AdwCleaner[S1].txt - [20880 bytů] - [19/05/2015 18:08:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [20939 bytů] ##########
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : jarda - HORNÍKOVI
# Spuštěno z : C:\Users\jarda\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění
***** [ Služby ] *****
Služba Smazáno : APNMCP
[#] Služba Smazáno : IHProtect Service
[#] Služba Smazáno : pcsuservice
[#] Služba Smazáno : trntv
[#] Služba Smazáno : WindowsMangerProtect
[#] Služba Smazáno : Update Reverse Page
[#] Služba Smazáno : Util Reverse Page
Služba Smazáno : {0d65a344-f995-4299-856d-5fed092e3452}Gw64
Služba Smazáno : {1ba7fb6a-fa1f-4a13-873c-a4b8ee5a52a2}Gw64
Služba Smazáno : {29eb638a-6d5a-4991-8851-b2d34edf4f64}Gw64
Služba Smazáno : {2aa743cb-afd8-4756-927f-f085a5062b91}Gw64
Služba Smazáno : {304c2a7d-b0e5-4752-bc7f-90d4456afe97}Gw64
Služba Smazáno : {31d73085-c36d-421a-a484-ab1b708e3456}Gw64
Služba Smazáno : {3ad5a8e4-b8a3-4333-9022-726dc1eda808}Gw64
Služba Smazáno : {3e26b928-0db2-4fd1-bc29-c87d5b3a0564}Gw64
Služba Smazáno : {4289c69f-577e-41b1-9923-8ed1ff38e0ba}Gw64
Služba Smazáno : {440fcf74-387d-4c6b-83f7-b92c9cfbf61b}Gw64
Služba Smazáno : {44ccc73b-2c79-4528-b51c-bc6942b43d70}Gw64
Služba Smazáno : {48dc18da-f06f-4891-b5db-5b184244f469}Gw64
Služba Smazáno : {4c296860-54b8-44ec-8fd3-b3777283520f}Gw64
Služba Smazáno : {62ef299e-e3f9-479a-9bc1-8f1ce7a51ee8}w64
Služba Smazáno : {6921794f-4437-454f-926f-713dc444a2a2}Gw64
Služba Smazáno : {6da6982a-4cc9-4ce4-9d22-b5594dc744e2}Gw64
Služba Smazáno : {70577838-ef7e-45d3-a249-5d43ed500b6b}Gw64
Služba Smazáno : {713f4525-9b38-40c8-81c7-6dd3bd0d9646}Gw64
Služba Smazáno : {7a2310c4-2c82-4278-b597-17ee1b693265}Gw64
Služba Smazáno : {806c7faa-cecc-4ae1-a0e0-3c42cc68b8bd}w64
Služba Smazáno : {873e9c4a-7b09-499b-bc47-9fc4bc35c8e9}Gw64
Služba Smazáno : {8be37afa-8ad9-4def-9845-a6580430c575}Gw64
Služba Smazáno : {915e08ca-8cc7-486c-887c-d088eab7acca}Gw64
Služba Smazáno : {94b388e3-b8e9-4440-9f2c-606d4fc4845c}Gw64
Služba Smazáno : {9652c7a7-7363-4f0e-bf03-3b32b55ea241}Gw64
Služba Smazáno : {a972c4da-d204-4113-b9e5-c8f5e9157e30}Gw64
Služba Smazáno : {b3b8a2af-a9d1-4fe0-8e7c-28f57acf9dfb}w64
Služba Smazáno : {c3d3f4e1-81a0-4d48-8492-60320708b6f1}Gw64
Služba Smazáno : {c98dbf8c-0384-41b5-82f6-355d7c346e53}Gw64
Služba Smazáno : {cf5f934f-d49f-4748-b9be-59d4e037c51c}Gw64
Služba Smazáno : {d2fdc1de-992e-4939-98b7-06c65f42ed12}w64
Služba Smazáno : {ec48494d-e0d5-40c8-93d5-69612e9b1df0}Gw64
Služba Smazáno : {ef97e02e-4b65-428e-b633-93a93f8e5c23}Gw64
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\PC Performer
Složka Smazáno : C:\Program Files (x86)\Zrychleni Pocitace
Složka Smazáno : C:\Program Files (x86)\XTab
Složka Smazáno : C:\Program Files (x86)\Reverse Page
Složka Smazáno : C:\Users\jarda\AppData\Local\Temp\apn
Složka Smazáno : C:\Users\jarda\AppData\Local\Temp\Reverse Page
Složka Smazáno : C:\Users\jarda\AppData\Local\AskPartnerNetwork
Složka Smazáno : C:\Users\jarda\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Složka Smazáno : C:\Users\jarda\AppData\Local\pay-by-ads
Složka Smazáno : C:\Users\jarda\AppData\Local\PCPerformerSetup
Složka Smazáno : C:\Users\jarda\AppData\Roaming\PerformerSoft
Složka Smazáno : C:\Users\jarda\AppData\Roaming\TornTV.com
Složka Smazáno : C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Složka Smazáno : C:\Users\jarda\Documents\PCSpeedUp
Složka Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[/!\] Ne Smazáno ( Junction ) : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage-journal
Soubor Smazáno : C:\WINDOWS\performersoftsetup.dll
Soubor Smazáno : C:\WINDOWS\System32\drivers\{0d65a344-f995-4299-856d-5fed092e3452}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{1ba7fb6a-fa1f-4a13-873c-a4b8ee5a52a2}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{29eb638a-6d5a-4991-8851-b2d34edf4f64}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{2aa743cb-afd8-4756-927f-f085a5062b91}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{304c2a7d-b0e5-4752-bc7f-90d4456afe97}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{31d73085-c36d-421a-a484-ab1b708e3456}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{3ad5a8e4-b8a3-4333-9022-726dc1eda808}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{3e26b928-0db2-4fd1-bc29-c87d5b3a0564}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{4289c69f-577e-41b1-9923-8ed1ff38e0ba}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{440fcf74-387d-4c6b-83f7-b92c9cfbf61b}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{44ccc73b-2c79-4528-b51c-bc6942b43d70}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{48dc18da-f06f-4891-b5db-5b184244f469}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{4c296860-54b8-44ec-8fd3-b3777283520f}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{62ef299e-e3f9-479a-9bc1-8f1ce7a51ee8}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{6921794f-4437-454f-926f-713dc444a2a2}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{6da6982a-4cc9-4ce4-9d22-b5594dc744e2}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{70577838-ef7e-45d3-a249-5d43ed500b6b}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{713f4525-9b38-40c8-81c7-6dd3bd0d9646}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{7a2310c4-2c82-4278-b597-17ee1b693265}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{806c7faa-cecc-4ae1-a0e0-3c42cc68b8bd}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{873e9c4a-7b09-499b-bc47-9fc4bc35c8e9}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{8be37afa-8ad9-4def-9845-a6580430c575}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{915e08ca-8cc7-486c-887c-d088eab7acca}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{94b388e3-b8e9-4440-9f2c-606d4fc4845c}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{9652c7a7-7363-4f0e-bf03-3b32b55ea241}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{a972c4da-d204-4113-b9e5-c8f5e9157e30}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{b3b8a2af-a9d1-4fe0-8e7c-28f57acf9dfb}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{c3d3f4e1-81a0-4d48-8492-60320708b6f1}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{c98dbf8c-0384-41b5-82f6-355d7c346e53}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{cf5f934f-d49f-4748-b9be-59d4e037c51c}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{d2fdc1de-992e-4939-98b7-06c65f42ed12}w64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{ec48494d-e0d5-40c8-93d5-69612e9b1df0}Gw64.sys
Soubor Smazáno : C:\WINDOWS\System32\drivers\{ef97e02e-4b65-428e-b633-93a93f8e5c23}Gw64.sys
Soubor Smazáno : C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_a2g-secure.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_a2g-secure.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cs.reimageplus.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cs.reimageplus.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_q.search-simple.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_q.search-simple.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.omiga-plus.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.omiga-plus.com_0.localstorage-journal
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
Úloha Smazáno : PC SpeedUp Service Deactivator
Úloha Smazáno : Yahoo! Search
Úloha Smazáno : Yahoo! Search Updater
***** [ Zástupci ] *****
Zástupce Vyléčeno : C:\Users\Public\Desktop\Google Chrome.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\jarda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKCU\Software\Classes\keepmysearch
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.Registry
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Reverse Page
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Reverse Page
Klíč Smazáno : HKCU\Software\Classes\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9103c314-c4e2-4463-8934-b19bcb46236d}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103c314-c4e2-4463-8934-b19bcb46236d}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97cef41c-5055-474a-855a-892d4fe3e596}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d375ee64-f893-498a-a0e9-0e9829c88c3d}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9103c314-c4e2-4463-8934-b19bcb46236d}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\OldSearch
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3281D400-D2AD-4851-B0BC-8E3D14789B69}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{727593F0-B2FE-45A0-899D-E9342E9AFF37}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A5C46C1-B185-4070-BEA2-15F0E0D35F7D}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\PerformerSoft
Klíč Smazáno : HKCU\Software\Speedchecker Limited
Klíč Smazáno : HKCU\Software\Reverse Page
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\omiga-plusSoftware
Klíč Smazáno : HKLM\SOFTWARE\PerformerSoft
Klíč Smazáno : HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\Reverse Page
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCPerformer_is1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : [x64] HKLM\SOFTWARE\TornTv Downloader
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reverse Page
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v42.0.2311.152
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478&q={searchTerms}
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478&q={searchTerms}
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.search.ask.com/?gct=hp
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478
[C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Default_Search_Provider_Data] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422286417&from=ild&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E73DC478DC478&q={searchTerms}
*************************
AdwCleaner[R0].txt - [15124 bytů] - [10/07/2014 16:11:54]
AdwCleaner[R1].txt - [25210 bytů] - [19/05/2015 18:02:50]
AdwCleaner[S0].txt - [14398 bytů] - [10/07/2014 16:12:17]
AdwCleaner[S1].txt - [20880 bytů] - [19/05/2015 18:08:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [20939 bytů] ##########
Re: Prosím o pomoc s viry
Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/
- Spuste dvojklikem a extrahujte na plochu
- kliknete na Next
- Aktualizujte virovou databazi klikem na Update a pokracujte na Next
- Vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 15 minut)
- zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
- kliknete na Cleanup a souhlaste s restartem - Yes
- obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o pomoc s viry
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.19.03
rootkit: v2015.05.16.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17801
jarda :: HORNÍKOVI [administrator]
19. 5. 2015 18:30:05
mbar-log-2015-05-19 (18-30-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 407645
Time elapsed: 49 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Database version:
main: v2015.05.19.03
rootkit: v2015.05.16.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17801
jarda :: HORNÍKOVI [administrator]
19. 5. 2015 18:30:05
mbar-log-2015-05-19 (18-30-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 407645
Time elapsed: 49 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Re: Prosím o pomoc s viry
Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm
- spustte jako spravce
- do velkeho okna zkopirujte script uvedeny nize
- kliknete na Run script
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o pomoc s viry
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by jarda on Łt 19. 05. 2015 at 20:00:50,75.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jarda\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19. 5. 2015 20:03:40 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\COMMON~1\MicroWorld deleted successfully
C:\PROGRA~2\COMMON~1\VST3 deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\jarda\AppData\Roaming\DAEMON Tools Lite deleted successfully
C:\Users\jarda\AppData\Roaming\VST3 Presets deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83dc36e5-db3f-461a-8fbc-245e44000b1f} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~2\Flyordie Plugin deleted
C:\Users\jarda\AppData\Local\Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-255666515-4009557440-1129730794-1002 deleted
C:\Users\jarda\AppData\LocalLow\VideoDownloadConverter_4zEI deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Public\Desktop\WinX YouTube Downloader.lnk deleted
"C:\windows\Installer\309c0.msi" deleted
"C:\WINDOWS\Installer\46724.msi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [14. 04. 2015 07:39]
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.152
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14. 04. 2015 07:38]
Learn multiplication - Times Ninja Adventure - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckheibehandmnbmkapigeclddighkpj
Marvel Heroes - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\elofpdhfkkfkbaihkfkiggcfbjclangc
Reverse Page - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhpiahdedpggpdjinpccffhlaajoakej
Bookmark Manager - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://isearch.omiga-plus.com/?type=hpp ... DC478DC478",
"urls_to_restore_on_startup": [ "http://search.yahoo.com/?fr=hp-ddc-bd&t ... syc_bd_com" ]
==== Chromium Fix ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savefromvk.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savefromvk.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.geewa.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.geewa.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.globososo.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.globososo.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_clkdeals.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_clkdeals.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dealsking.co_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dealsking.co_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhpiahdedpggpdjinpccffhlaajoakej deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fhpiahdedpggpdjinpccffhlaajoakej_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
==== Reset Google Chrome ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences1421077141 was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences1421077495 was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences1421077587 was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC0C110 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1C01} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Weeny Free Video Converter_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0C110 deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=34 folders=11 4617978 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\jarda\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\jarda\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\jarda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JST99TQF\heias.com" not found
==== EOF on Łt 19. 05. 2015 at 21:02:39,30 ======================
Tool run by jarda on Łt 19. 05. 2015 at 20:00:50,75.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jarda\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19. 5. 2015 20:03:40 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\COMMON~1\MicroWorld deleted successfully
C:\PROGRA~2\COMMON~1\VST3 deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\jarda\AppData\Roaming\DAEMON Tools Lite deleted successfully
C:\Users\jarda\AppData\Roaming\VST3 Presets deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83dc36e5-db3f-461a-8fbc-245e44000b1f} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~2\Flyordie Plugin deleted
C:\Users\jarda\AppData\Local\Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-255666515-4009557440-1129730794-1002 deleted
C:\Users\jarda\AppData\LocalLow\VideoDownloadConverter_4zEI deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Public\Desktop\WinX YouTube Downloader.lnk deleted
"C:\windows\Installer\309c0.msi" deleted
"C:\WINDOWS\Installer\46724.msi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [14. 04. 2015 07:39]
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.152
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14. 04. 2015 07:38]
Learn multiplication - Times Ninja Adventure - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckheibehandmnbmkapigeclddighkpj
Marvel Heroes - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\elofpdhfkkfkbaihkfkiggcfbjclangc
Reverse Page - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhpiahdedpggpdjinpccffhlaajoakej
Bookmark Manager - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://isearch.omiga-plus.com/?type=hpp ... DC478DC478",
"urls_to_restore_on_startup": [ "http://search.yahoo.com/?fr=hp-ddc-bd&t ... syc_bd_com" ]
==== Chromium Fix ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savefromvk.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savefromvk.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.geewa.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.geewa.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.globososo.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.globososo.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_clkdeals.com_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_clkdeals.com_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dealsking.co_0.localstorage deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dealsking.co_0.localstorage-journal deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhpiahdedpggpdjinpccffhlaajoakej deleted successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fhpiahdedpggpdjinpccffhlaajoakej_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
==== Reset Google Chrome ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences1421077141 was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences1421077495 was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences1421077587 was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC0C110 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1C01} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Weeny Free Video Converter_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0C110 deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\jarda\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=34 folders=11 4617978 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\jarda\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\jarda\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\jarda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JST99TQF\heias.com" not found
==== EOF on Łt 19. 05. 2015 at 21:02:39,30 ======================
Re: Prosím o pomoc s viry
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o pomoc s viry
nejde mi stahnout ten launcher stity mam vypnute ale i chrome to hlasi jako napadeny soubor
Re: Prosím o pomoc s viry
Spustte tedy jen samotny FRST.exe/FRST64.exe (bez FRSTLauncheru).Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o pomoc s viry
Mel jste tam dost haveti, takze pred zacatkem skenu zatrhnete moznost 90 Days Files. Log bude pravdepodobne dlouhy, takze jej rozdelte do vice prispevku.Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o pomoc s viry
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by jarda (administrator) on HORNÍKOVI on 19-05-2015 21:24:59
Running from C:\Users\jarda\Desktop
Loaded Profiles: UpdatusUser & jarda (Available profiles: UpdatusUser & jarda)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10592256 2013-10-15] (Broadcom Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-10-16] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-14] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [HFALoader] => C:\Program Files (x86)\Hamster Soft\Hamster Free Archiver\HamsterArc.exe [9776624 2013-06-17] (Hamster Soft)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\Run: [Yahoo! Search] => C:\Users\jarda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-10-15]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-14] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-255666515-4009557440-1129730794-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-255666515-4009557440-1129730794-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-255666515-4009557440-1129730794-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-14] (Avast Software s.r.o.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-14] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-20] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-255666515-4009557440-1129730794-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\jarda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-255666515-4009557440-1129730794-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jarda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-09] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-11]
Chrome:
=======
CHR Profile: C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-19]
CHR Extension: (Google Docs) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-11]
CHR Extension: (Google Drive) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-11]
CHR Extension: (YouTube) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-11]
CHR Extension: (Google Search) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-11]
CHR Extension: (Google Sheets) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-19]
CHR Extension: (Bookmark Manager) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Avast Online Security) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-11]
CHR Extension: (Google Wallet) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-11]
CHR Extension: (Gmail) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-14] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-14] (Avast Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-20] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-16] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6068736 2013-10-15] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-14] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-14] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-14] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-14] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-14] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-14] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-12] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-16] (Dritek System Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2014-07-11] (BitDefender S.R.L.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-14] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]
S3 X6va023; \??\C:\WINDOWS\SysWOW64\Drivers\X6va023 [X]
S3 X6va025; \??\C:\WINDOWS\SysWOW64\Drivers\X6va025 [X]
S3 X6va026; \??\C:\WINDOWS\SysWOW64\Drivers\X6va026 [X]
S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-19 21:24 - 2015-05-19 21:25 - 00019103 _____ () C:\Users\jarda\Desktop\FRST.txt
2015-05-19 21:24 - 2015-05-19 21:25 - 00000000 ____D () C:\FRST
2015-05-19 21:10 - 2015-05-19 21:10 - 02107904 _____ (Farbar) C:\Users\jarda\Desktop\FRST64.exe
2015-05-19 20:59 - 2015-05-19 20:00 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-19 20:02 - 2015-05-19 21:02 - 00014791 _____ () C:\zoek-results.log
2015-05-19 19:58 - 2015-05-19 20:54 - 00000000 ____D () C:\zoek_backup
2015-05-19 19:58 - 2015-05-19 19:58 - 01308672 _____ () C:\Users\jarda\Desktop\zoek.exe
2015-05-19 18:30 - 2015-05-19 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-19 18:29 - 2015-05-19 18:29 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-19 18:27 - 2015-05-19 18:27 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-19 18:26 - 2015-05-19 18:27 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004 (2).exe
2015-05-19 18:25 - 2015-05-19 19:18 - 00000000 ____D () C:\Users\jarda\Desktop\mbar
2015-05-19 18:25 - 2015-05-19 18:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004.exe
2015-05-19 18:25 - 2015-05-19 18:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004 (1).exe
2015-05-19 18:02 - 2015-05-19 18:01 - 02209792 _____ () C:\Users\jarda\Desktop\adwcleaner_4.204.exe
2015-05-19 17:45 - 2015-05-19 17:46 - 00000000 ____D () C:\rsit
2015-05-19 17:45 - 2015-05-19 17:46 - 00000000 ____D () C:\Program Files\trend micro
2015-05-19 17:45 - 2015-05-19 17:45 - 01222144 _____ () C:\Users\jarda\Downloads\RSITx64.exe
2015-05-19 17:45 - 2015-05-19 17:45 - 01222144 _____ () C:\Users\jarda\Downloads\RSITx64 (1).exe
2015-05-18 18:13 - 2015-05-18 18:13 - 06381245 _____ () C:\Users\jarda\Downloads\prilohy_7.zip
2015-05-17 11:58 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 11:58 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 17:09 - 2015-05-15 17:09 - 01241924 _____ () C:\Users\jarda\Downloads\Pasova_kontrola1.wmv
2015-05-15 14:28 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-15 14:28 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-15 14:28 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-15 14:28 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-15 14:28 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-15 14:28 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-15 14:28 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-15 14:28 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-15 14:28 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-15 14:28 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-15 14:28 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-15 14:28 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-15 14:28 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-15 14:28 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-15 14:28 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-15 14:28 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-15 14:28 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-15 14:28 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-15 14:28 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-15 14:28 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-15 14:28 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-15 14:28 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-15 14:28 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-15 14:28 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-15 14:28 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-15 14:28 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-15 14:28 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-15 14:28 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-15 14:28 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-15 14:20 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-15 14:20 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-15 14:20 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-15 14:20 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-15 14:20 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-15 14:20 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-15 14:20 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-15 14:20 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-15 14:20 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-15 14:20 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-15 14:20 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-15 14:20 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-15 14:20 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-15 14:20 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-15 14:20 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-15 14:20 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-15 14:20 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-15 14:20 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-15 14:20 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-15 14:20 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-15 14:20 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-15 14:20 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-15 14:20 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-15 14:20 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-15 14:20 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-15 14:20 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-15 14:20 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-15 14:20 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-15 14:20 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-15 14:20 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-15 14:20 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-15 14:20 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-15 14:20 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-15 14:20 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-15 14:20 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-15 14:20 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-15 14:20 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-15 14:20 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-15 14:20 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-15 14:20 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-15 14:20 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-15 14:20 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-15 14:20 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-15 14:20 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-15 14:20 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-15 14:20 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-15 14:20 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-15 14:20 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-15 14:20 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-15 14:20 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-19 21:05 - 2014-07-14 15:49 - 00000000 ___DO () C:\Users\jarda\OneDrive
2015-05-19 21:04 - 2014-07-11 12:01 - 01555602 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-19 21:02 - 2014-07-11 13:10 - 00000976 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-19 21:01 - 2015-02-06 20:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-19 21:00 - 2014-07-11 15:52 - 00100912 _____ () C:\WINDOWS\PFRO.log
2015-05-19 21:00 - 2014-07-11 13:00 - 00031418 _____ () C:\WINDOWS\setupact.log
2015-05-19 21:00 - 2014-07-11 11:32 - 00053284 _____ () C:\WINDOWS\system32\wpbbin.exe
2015-05-19 21:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-19 21:00 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-19 20:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-05-19 20:42 - 2014-07-11 13:10 - 00000980 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-19 20:22 - 2014-02-11 18:17 - 00000948 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA.job
2015-05-19 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-19 19:04 - 2013-12-25 11:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-255666515-4009557440-1129730794-1002
2015-05-19 18:16 - 2013-08-22 16:44 - 00486648 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-19 18:11 - 2014-07-11 13:11 - 00001270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-19 18:11 - 2014-07-11 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-19 18:11 - 2014-07-11 12:03 - 00000985 _____ () C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-19 18:11 - 2014-07-10 16:11 - 00000000 ____D () C:\AdwCleaner
2015-05-19 18:03 - 2014-03-18 17:33 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-19 18:03 - 2014-03-18 16:54 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-19 18:03 - 2014-03-18 16:54 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-19 17:32 - 2012-07-26 07:26 - 00000706 _____ () C:\WINDOWS\win.ini
2015-05-19 17:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-17 20:08 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-17 20:07 - 2014-07-10 14:05 - 00000000 ____D () C:\Users\jarda\AppData\Roaming\ClassicShell
2015-05-17 18:57 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-17 18:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-17 18:41 - 2013-12-29 22:00 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-17 18:41 - 2013-12-29 22:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-17 11:50 - 2014-03-18 17:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-16 06:37 - 2014-07-11 13:10 - 00003952 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 06:37 - 2014-07-11 13:10 - 00003716 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 19:36 - 2014-11-20 19:21 - 00000472 ____H () C:\WINDOWS\Tasks\Norton Security Scan for jarda.job
2015-05-15 17:22 - 2014-02-11 18:17 - 00000926 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core.job
2015-05-05 19:59 - 2015-03-14 10:03 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-14 10:03 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-19 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
==================== Files in the root of some directories =======
2013-12-26 09:20 - 2014-01-16 12:25 - 0001692 _____ () C:\Users\jarda\AppData\Roaming\msensfl.dat
2013-12-26 09:20 - 2014-01-16 20:57 - 0000028 _____ () C:\Users\jarda\AppData\Roaming\mspdohoe.dat
2014-07-02 15:11 - 2014-07-02 15:14 - 0005632 _____ () C:\Users\jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-12 17:39 - 2015-01-26 17:23 - 0000035 _____ () C:\Users\jarda\AppData\Local\installLang.ini
2013-10-16 00:05 - 2013-10-16 00:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-19 19:04
==================== End Of Log ============================
Ran by jarda (administrator) on HORNÍKOVI on 19-05-2015 21:24:59
Running from C:\Users\jarda\Desktop
Loaded Profiles: UpdatusUser & jarda (Available profiles: UpdatusUser & jarda)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10592256 2013-10-15] (Broadcom Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-10-16] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-14] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [HFALoader] => C:\Program Files (x86)\Hamster Soft\Hamster Free Archiver\HamsterArc.exe [9776624 2013-06-17] (Hamster Soft)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\Run: [Yahoo! Search] => C:\Users\jarda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-10-15]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-14] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-255666515-4009557440-1129730794-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-255666515-4009557440-1129730794-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-255666515-4009557440-1129730794-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-14] (Avast Software s.r.o.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-14] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-20] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-255666515-4009557440-1129730794-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\jarda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-255666515-4009557440-1129730794-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jarda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-09] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-11]
Chrome:
=======
CHR Profile: C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-19]
CHR Extension: (Google Docs) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-11]
CHR Extension: (Google Drive) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-11]
CHR Extension: (YouTube) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-11]
CHR Extension: (Google Search) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-11]
CHR Extension: (Google Sheets) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-19]
CHR Extension: (Bookmark Manager) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Avast Online Security) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-11]
CHR Extension: (Google Wallet) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-11]
CHR Extension: (Gmail) - C:\Users\jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-14] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-14] (Avast Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-20] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-16] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6068736 2013-10-15] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-14] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-14] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-14] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-14] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-14] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-14] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-12] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-16] (Dritek System Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2014-07-11] (BitDefender S.R.L.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-14] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]
S3 X6va023; \??\C:\WINDOWS\SysWOW64\Drivers\X6va023 [X]
S3 X6va025; \??\C:\WINDOWS\SysWOW64\Drivers\X6va025 [X]
S3 X6va026; \??\C:\WINDOWS\SysWOW64\Drivers\X6va026 [X]
S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-19 21:24 - 2015-05-19 21:25 - 00019103 _____ () C:\Users\jarda\Desktop\FRST.txt
2015-05-19 21:24 - 2015-05-19 21:25 - 00000000 ____D () C:\FRST
2015-05-19 21:10 - 2015-05-19 21:10 - 02107904 _____ (Farbar) C:\Users\jarda\Desktop\FRST64.exe
2015-05-19 20:59 - 2015-05-19 20:00 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-19 20:02 - 2015-05-19 21:02 - 00014791 _____ () C:\zoek-results.log
2015-05-19 19:58 - 2015-05-19 20:54 - 00000000 ____D () C:\zoek_backup
2015-05-19 19:58 - 2015-05-19 19:58 - 01308672 _____ () C:\Users\jarda\Desktop\zoek.exe
2015-05-19 18:30 - 2015-05-19 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-19 18:29 - 2015-05-19 18:29 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-19 18:27 - 2015-05-19 18:27 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-19 18:26 - 2015-05-19 18:27 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004 (2).exe
2015-05-19 18:25 - 2015-05-19 19:18 - 00000000 ____D () C:\Users\jarda\Desktop\mbar
2015-05-19 18:25 - 2015-05-19 18:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004.exe
2015-05-19 18:25 - 2015-05-19 18:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004 (1).exe
2015-05-19 18:02 - 2015-05-19 18:01 - 02209792 _____ () C:\Users\jarda\Desktop\adwcleaner_4.204.exe
2015-05-19 17:45 - 2015-05-19 17:46 - 00000000 ____D () C:\rsit
2015-05-19 17:45 - 2015-05-19 17:46 - 00000000 ____D () C:\Program Files\trend micro
2015-05-19 17:45 - 2015-05-19 17:45 - 01222144 _____ () C:\Users\jarda\Downloads\RSITx64.exe
2015-05-19 17:45 - 2015-05-19 17:45 - 01222144 _____ () C:\Users\jarda\Downloads\RSITx64 (1).exe
2015-05-18 18:13 - 2015-05-18 18:13 - 06381245 _____ () C:\Users\jarda\Downloads\prilohy_7.zip
2015-05-17 11:58 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 11:58 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 17:09 - 2015-05-15 17:09 - 01241924 _____ () C:\Users\jarda\Downloads\Pasova_kontrola1.wmv
2015-05-15 14:28 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-15 14:28 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-15 14:28 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-15 14:28 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-15 14:28 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-15 14:28 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-15 14:28 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-15 14:28 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-15 14:28 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-15 14:28 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-15 14:28 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-15 14:28 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-15 14:28 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-15 14:28 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-15 14:28 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-15 14:28 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-15 14:28 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-15 14:28 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-15 14:28 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-15 14:28 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-15 14:28 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-15 14:28 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-15 14:28 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-15 14:28 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-15 14:28 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-15 14:28 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-15 14:28 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-15 14:28 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-15 14:28 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-15 14:20 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-15 14:20 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-15 14:20 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-15 14:20 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-15 14:20 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-15 14:20 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-15 14:20 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-15 14:20 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-15 14:20 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-15 14:20 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-15 14:20 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-15 14:20 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-15 14:20 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-15 14:20 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-15 14:20 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-15 14:20 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-15 14:20 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-15 14:20 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-15 14:20 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-15 14:20 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-15 14:20 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-15 14:20 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-15 14:20 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-15 14:20 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-15 14:20 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-15 14:20 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-15 14:20 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-15 14:20 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-15 14:20 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-15 14:20 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-15 14:20 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-15 14:20 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-15 14:20 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-15 14:20 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-15 14:20 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-15 14:20 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-15 14:20 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-15 14:20 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-15 14:20 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-15 14:20 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-15 14:20 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-15 14:20 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-15 14:20 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-15 14:20 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-15 14:20 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-15 14:20 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-15 14:20 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-15 14:20 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-15 14:20 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-15 14:20 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-19 21:05 - 2014-07-14 15:49 - 00000000 ___DO () C:\Users\jarda\OneDrive
2015-05-19 21:04 - 2014-07-11 12:01 - 01555602 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-19 21:02 - 2014-07-11 13:10 - 00000976 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-19 21:01 - 2015-02-06 20:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-19 21:00 - 2014-07-11 15:52 - 00100912 _____ () C:\WINDOWS\PFRO.log
2015-05-19 21:00 - 2014-07-11 13:00 - 00031418 _____ () C:\WINDOWS\setupact.log
2015-05-19 21:00 - 2014-07-11 11:32 - 00053284 _____ () C:\WINDOWS\system32\wpbbin.exe
2015-05-19 21:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-19 21:00 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-19 20:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-05-19 20:42 - 2014-07-11 13:10 - 00000980 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-19 20:22 - 2014-02-11 18:17 - 00000948 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA.job
2015-05-19 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-19 19:04 - 2013-12-25 11:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-255666515-4009557440-1129730794-1002
2015-05-19 18:16 - 2013-08-22 16:44 - 00486648 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-19 18:11 - 2014-07-11 13:11 - 00001270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-19 18:11 - 2014-07-11 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-19 18:11 - 2014-07-11 12:03 - 00000985 _____ () C:\Users\jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-19 18:11 - 2014-07-10 16:11 - 00000000 ____D () C:\AdwCleaner
2015-05-19 18:03 - 2014-03-18 17:33 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-19 18:03 - 2014-03-18 16:54 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-19 18:03 - 2014-03-18 16:54 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-19 17:32 - 2012-07-26 07:26 - 00000706 _____ () C:\WINDOWS\win.ini
2015-05-19 17:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-17 20:08 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-17 20:07 - 2014-07-10 14:05 - 00000000 ____D () C:\Users\jarda\AppData\Roaming\ClassicShell
2015-05-17 18:57 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-17 18:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-17 18:41 - 2013-12-29 22:00 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-17 18:41 - 2013-12-29 22:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-17 11:50 - 2014-03-18 17:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-16 06:37 - 2014-07-11 13:10 - 00003952 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 06:37 - 2014-07-11 13:10 - 00003716 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 19:36 - 2014-11-20 19:21 - 00000472 ____H () C:\WINDOWS\Tasks\Norton Security Scan for jarda.job
2015-05-15 17:22 - 2014-02-11 18:17 - 00000926 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core.job
2015-05-05 19:59 - 2015-03-14 10:03 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-14 10:03 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-19 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
==================== Files in the root of some directories =======
2013-12-26 09:20 - 2014-01-16 12:25 - 0001692 _____ () C:\Users\jarda\AppData\Roaming\msensfl.dat
2013-12-26 09:20 - 2014-01-16 20:57 - 0000028 _____ () C:\Users\jarda\AppData\Roaming\mspdohoe.dat
2014-07-02 15:11 - 2014-07-02 15:14 - 0005632 _____ () C:\Users\jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-12 17:39 - 2015-01-26 17:23 - 0000035 _____ () C:\Users\jarda\AppData\Local\installLang.ini
2013-10-16 00:05 - 2013-10-16 00:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-19 19:04
==================== End Of Log ============================
Re: Prosím o pomoc s viry
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by jarda at 2015-05-19 21:27:14
Running from C:\Users\jarda\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-255666515-4009557440-1129730794-500 - Administrator - Disabled)
Guest (S-1-5-21-255666515-4009557440-1129730794-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-255666515-4009557440-1129730794-1004 - Limited - Enabled)
jarda (S-1-5-21-255666515-4009557440-1129730794-1002 - Administrator - Enabled) => C:\Users\jarda
UpdatusUser (S-1-5-21-255666515-4009557440-1129730794-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{81C6F800-A69B-4E70-9DC0-74732F8B00E7}) (Version: 1.00.3015 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.3004.0 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Aktualizace NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Assassins Creed III v1.0.1 (HKLM-x32\...\Assassins Creed III_is1) (Version: 1.0.1 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
Bagr simulátor (HKLM-x32\...\Bagr simulátor_is1) (Version: 1.0 - TopQer s.r.o.)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.104 - Broadcom Corporation)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
CD Ripper a WAV - MP3 Encoder (08.01.2008) (HKLM-x32\...\CD Ripper a WAV - MP3 Encoder_is1) (Version: - Radek Hemelík)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dřevorubecký simulátor (HKLM-x32\...\Dřevorubecký simulátor_is1) (Version: 1.0 - Game shop, s.r.o.)
Edirol Hyper Canvas v1.01 (HKLM-x32\...\Edirol Hyper Canvas v1.01) (Version: - )
Edirol Super Quartet (HKLM-x32\...\Edirol Super Quartet) (Version: - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FIFA 10 - Demo (HKLM-x32\...\{9CD9CD94-76CC-4524-8617-DEB9C2D7C389}) (Version: 1.0.0.0 - Electronic Arts)
FlatOut (HKLM-x32\...\{84BAD30E-07CD-496A-AC88-EE9C8DFE2327}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GTI Racing (HKLM-x32\...\GTI Racing) (Version: 1.4 - Techland)
Hamster Free Archiver 2.0.1.8 (HKLM-x32\...\Hamster Free Archiver_is1) (Version: 2.0.1.8 - HamsterSoft)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Infernal (HKLM-x32\...\InfernalGame) (Version: - )
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.12 - Acer Inc.)
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
Medicopter 117 (HKLM-x32\...\Medicopter 117_is1) (Version: 1.0 - US-Action, s.r.o.)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MINECRAFT 1.5.2 plna hra zdarma version for Windows (HKLM-x32\...\{9AD42E20-2076-7BE2-3165-CFA12BFC429B}_is1) (Version: for Windows - )
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
NVIDIA Ovladače grafiky 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Ovládací panel NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27028 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg Nuendo 4 (HKLM-x32\...\{41E0A8DD-4343-4B33-95C3-272A99F18984}) (Version: 4.3.0.371 - Steinberg Media Technologies GmbH)
Steinberg Nuendo Expansion Kit (HKLM-x32\...\{A1E50F2C-F6CA-4C27-AEA7-819B2A486223}) (Version: 4.2.2.274 - Steinberg Media Technologies GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
Total Audio MP3 Converter v3.1 build 1257 (HKLM-x32\...\{0C2BF220-E21C-493D-B2A3-D89848C719F0}_is1) (Version: - Hoo Technologies)
Unity Web Player (HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VideoDownloadConverter Internet Explorer Toolbar (HKLM-x32\...\VideoDownloadConverter_4zbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5100 - Broadcom Corporation)
WinX YouTube Downloader 3.2.3 (HKLM-x32\...\WinX YouTube Downloader_is1) (Version: - Digiarty Software, Inc.)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Тут недорого, версия 2.8 (HKLM-x32\...\{261F1A59-7B6F-41EB-97EC-CC9F51A08F13}_is1) (Version: 2.8 - Hamstersoft, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
13-01-2015 22:27:40 Windows Update
25-01-2015 02:13:06 Windows Update
28-01-2015 23:48:52 Windows Update
06-02-2015 20:09:35 Windows Update
12-02-2015 20:39:31 Windows Update
01-03-2015 17:07:09 Windows Update
13-03-2015 17:46:40 Windows Update
29-03-2015 10:56:36 Windows Update
08-04-2015 15:38:00 Windows Update
14-04-2015 07:35:08 avast! antivirus system restore point
16-05-2015 07:20:18 Windows Update
19-05-2015 20:02:12 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2015-05-19 20:04 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01083645-6F2D-4AC1-94E0-4634A1998206} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11] (Google Inc.)
Task: {0C3008AE-3D7C-44A2-81AD-4B4DFB8F5295} - \avastBCLRestartS-1-5-21-255666515-4009557440-1129730794-1002 No Task File <==== ATTENTION
Task: {18EFA2CF-0EE7-4448-98D3-C36BFDFB08DD} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-01-17] (Synaptics Incorporated)
Task: {1B27D91D-01AB-403C-8615-6AB985727F41} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {262BA18D-74EA-41EC-A473-FDEB6529B99F} - System32\Tasks\Norton Security Scan for jarda => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe [2014-01-27] (Symantec Corporation)
Task: {35669C9C-F6FD-41DC-8500-0B903472CF2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11] (Google Inc.)
Task: {3B83C4F3-D218-4822-83E0-0203663DCCE5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {49EED1A7-E976-4363-8D4C-1D55A8689F9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {4C293D95-A5CF-41F5-902A-48459BF9C00E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-14] (Avast Software s.r.o.)
Task: {4D05BB85-FF19-4A4D-9733-9014394F0013} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-08] ()
Task: {535198B3-0F9F-496F-BF84-04A74F499925} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {59BEEAE1-DCBB-4C5B-9790-708D93D083FF} - System32\Tasks\{13EEF2F7-140A-4EF3-A2B6-D756F960D0F0} => pcalua.exe -a D:\nuendo_2_2.exe -d D:\
Task: {64C93F9D-4F43-41A3-BFA1-76ACE2BE52C3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {6D6C832C-2053-4EDD-8061-F1CFADAC23EC} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-08] ()
Task: {6FAE8F68-C3A2-45CC-968C-CE24D8649409} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-17] (Microsoft Corporation)
Task: {8908F347-C27C-4A55-8667-A8F3F4C714A9} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-255666515-4009557440-1129730794-1002
Task: {A60020ED-0FD2-43FC-94ED-A22D681814BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B263D0C8-EC76-42A5-9655-E222503E4598} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-01-22] ()
Task: {BC467A08-A679-4FBF-997F-961BFBAB7398} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {BEFC7CB0-C186-4D6F-947E-6354B922A590} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-11] (Facebook Inc.)
Task: {E1E8C8A6-D993-456C-BAE5-0D832C7C8D0B} - System32\Tasks\{14746DB8-062F-40A3-B033-6BAA7ED0D3F8} => pcalua.exe -a "D:\Total Commander 6.03a\tcmd603a.exe" -d "D:\Total Commander 6.03a"
Task: {F2C75CE7-32D0-426E-BB2C-CB6C419E7322} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {F425315C-4A93-41AC-B3DF-67D6E924CE83} - System32\Tasks\{8D3A0C8A-6501-4B30-9E82-DE1AB63ADF66} => pcalua.exe -a D:\Autorun.exe -d D:\
Task: {FB0C97DF-23FC-4C0D-A600-5BA77F7B0943} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated)
Task: {FB23AF1E-7D29-4194-B46C-4F2264BAE829} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-11] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core.job => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA.job => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for jarda.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-01-09 00:51 - 2013-01-09 00:51 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-02-08 23:24 - 2013-02-08 23:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-02-08 23:24 - 2013-02-08 23:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-04-14 07:39 - 2015-04-14 07:39 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-14 07:39 - 2015-04-14 07:39 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-19 18:17 - 2015-05-19 18:17 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051900\algo.dll
2015-05-19 21:01 - 2015-05-19 21:01 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051901\algo.dll
2015-04-14 07:39 - 2015-04-14 07:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-16 00:29 - 2013-02-21 07:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-05-15 14:06 - 2015-05-05 06:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-15 14:06 - 2015-05-05 06:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
2013-10-16 00:02 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\jarda\OneDrive:ms-properties
AlternateDataStreams: C:\Users\jarda\Downloads\message_5383.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-255666515-4009557440-1129730794-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{755391D7-B575-47E0-A558-29304C179BC0}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{6F7EFC64-2E26-4F6A-A2A0-DF4920B685D5}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{9321706E-981A-4C98-98DE-163A7C1F60B1}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [TCP Query User{2A2C7338-2E3A-4913-83E9-26C0209DCF0F}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{6FFDA08E-FA0C-432F-AE20-72ECE8845C47}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [TCP Query User{588F1418-CBA0-4E08-8134-611646147CFE}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{40D73BEB-671A-4823-A6D4-F03EC3393C82}C:\hry\assassins creed iii\ac3sp.exe] => (Block) C:\hry\assassins creed iii\ac3sp.exe
FirewallRules: [TCP Query User{F901927A-1F76-43EC-981C-68037ADD7EC0}C:\hry\assassins creed iii\ac3sp.exe] => (Block) C:\hry\assassins creed iii\ac3sp.exe
FirewallRules: [{94A3ABCA-9B54-4759-B48F-AF211C2AED0E}] => (Allow) C:\Users\jarda\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{5C16B1E7-E425-44E6-8D4B-BCC39D4EF024}] => (Allow) C:\Users\jarda\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{C59B5E44-733E-4FD9-A764-D4B4AB801A3E}] => (Allow) C:\Users\jarda\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{F94B99FC-B78A-467A-9CD7-F78FAF040A30}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A994080B-80FD-4CA1-A5D8-284332EF0FB1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{24FAF438-0CDE-423D-84DF-0F2AEC714295}C:\program files\flatout\flatout.exe] => (Block) C:\program files\flatout\flatout.exe
FirewallRules: [UDP Query User{0DE6B749-ADFE-4588-AD61-83F8979CB8E1}C:\program files\flatout\flatout.exe] => (Block) C:\program files\flatout\flatout.exe
FirewallRules: [TCP Query User{69E10B79-2B79-42C4-9099-06D7A874A078}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A84A4AD7-1956-426B-8AC0-38FAB6371A88}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{EC063AA2-0618-468D-8EC3-9BB5208FC58D}] => (Allow) C:\Users\jarda\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{6AC35197-DDE2-45CF-AB70-E8B154B8C7D9}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [UDP Query User{A26A42A2-EB4C-4407-AF24-42745219A798}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [TCP Query User{5B17BC65-B69B-42FC-A7CF-CA805965A3ED}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [UDP Query User{18A6402A-E621-4EA5-A291-64836D5CAE49}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [TCP Query User{6F3FD864-B090-400A-89E3-DED6912A192B}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [UDP Query User{65E4C3C1-A0C7-4F7D-8324-854D3A9E6C23}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [TCP Query User{577B977A-A318-4D7B-B0E2-644A5D19FB40}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [UDP Query User{D07DAEE5-1C00-43CE-A791-4B8605A45E77}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [TCP Query User{B159B45A-89A2-496A-8E6A-B8C9BC7AE013}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [UDP Query User{1F561E49-03CB-49BB-AD00-107171747F11}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [TCP Query User{7FF2F436-066C-4752-90FD-8E0C789DB19C}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [UDP Query User{311FE7E6-F764-4AD9-B4CE-F24BD27D5548}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [TCP Query User{87754641-5294-4906-B0BD-71F08C75C51A}C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe] => (Allow) C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe
FirewallRules: [UDP Query User{061112C4-5898-4927-B3EF-628C56E33303}C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe] => (Allow) C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe
FirewallRules: [{DAED4D47-FF16-40DA-8982-F42E9D9B8080}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3CFCD659-D483-4D42-A935-141949CDAE14}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A2A03266-CC2F-4529-8516-2D7428AA49A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Bluetooth USB module
Description: Bluetooth USB module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/18/2015 06:15:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/17/2015 06:43:20 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 06:43:20 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 06:43:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 01:37:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program worldoftanks.exe verze 0.9.7.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1f84
Čas spuštění: 01d09095d7689049
Čas ukončení: 5448
Cesta k aplikaci: C:\Games\World_of_Tanks\worldoftanks.exe
ID hlášení: 202daa6e-fc89-11e4-bf43-3065ec1e33a6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/17/2015 08:30:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 42.0.2311.152, časové razítko: 0x55481340
Název chybujícího modulu: user32.dll, verze: 6.3.9600.17736, časové razítko: 0x550f42c2
Kód výjimky: 0xc0000142
Posun chyby: 0x0009d4f2
ID chybujícího procesu: 0xa7c
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3
Úplný název chybujícího balíčku: chrome.exe4
ID aplikace související s chybujícím balíčkem: chrome.exe5
Error: (05/17/2015 07:52:01 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 07:52:01 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 07:52:01 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 07:39:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20856 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 9e0
Čas spuštění: 01d0906315431bd1
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 0abf6e3e-fc57-11e4-bf43-3065ec1e33a6
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (05/19/2015 09:05:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.
Error: (05/19/2015 08:59:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%1062
Error: (05/19/2015 08:52:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:12 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 06:11:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba IconMan_R byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (05/19/2015 06:11:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (05/19/2015 06:11:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-12-09 15:42:24.391
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-10 16:44:43.977
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz
Percentage of memory in use: 20%
Total physical RAM: 7987.6 MB
Available physical RAM: 6336 MB
Total Pagefile: 16691.6 MB
Available Pagefile: 14935.45 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:914.15 GB) (Free:726.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF5C9815)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ran by jarda at 2015-05-19 21:27:14
Running from C:\Users\jarda\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-255666515-4009557440-1129730794-500 - Administrator - Disabled)
Guest (S-1-5-21-255666515-4009557440-1129730794-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-255666515-4009557440-1129730794-1004 - Limited - Enabled)
jarda (S-1-5-21-255666515-4009557440-1129730794-1002 - Administrator - Enabled) => C:\Users\jarda
UpdatusUser (S-1-5-21-255666515-4009557440-1129730794-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{81C6F800-A69B-4E70-9DC0-74732F8B00E7}) (Version: 1.00.3015 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.3004.0 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Aktualizace NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Assassins Creed III v1.0.1 (HKLM-x32\...\Assassins Creed III_is1) (Version: 1.0.1 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
Bagr simulátor (HKLM-x32\...\Bagr simulátor_is1) (Version: 1.0 - TopQer s.r.o.)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.104 - Broadcom Corporation)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
CD Ripper a WAV - MP3 Encoder (08.01.2008) (HKLM-x32\...\CD Ripper a WAV - MP3 Encoder_is1) (Version: - Radek Hemelík)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dřevorubecký simulátor (HKLM-x32\...\Dřevorubecký simulátor_is1) (Version: 1.0 - Game shop, s.r.o.)
Edirol Hyper Canvas v1.01 (HKLM-x32\...\Edirol Hyper Canvas v1.01) (Version: - )
Edirol Super Quartet (HKLM-x32\...\Edirol Super Quartet) (Version: - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FIFA 10 - Demo (HKLM-x32\...\{9CD9CD94-76CC-4524-8617-DEB9C2D7C389}) (Version: 1.0.0.0 - Electronic Arts)
FlatOut (HKLM-x32\...\{84BAD30E-07CD-496A-AC88-EE9C8DFE2327}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GTI Racing (HKLM-x32\...\GTI Racing) (Version: 1.4 - Techland)
Hamster Free Archiver 2.0.1.8 (HKLM-x32\...\Hamster Free Archiver_is1) (Version: 2.0.1.8 - HamsterSoft)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Infernal (HKLM-x32\...\InfernalGame) (Version: - )
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.12 - Acer Inc.)
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
Medicopter 117 (HKLM-x32\...\Medicopter 117_is1) (Version: 1.0 - US-Action, s.r.o.)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MINECRAFT 1.5.2 plna hra zdarma version for Windows (HKLM-x32\...\{9AD42E20-2076-7BE2-3165-CFA12BFC429B}_is1) (Version: for Windows - )
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
NVIDIA Ovladače grafiky 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Ovládací panel NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27028 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg Nuendo 4 (HKLM-x32\...\{41E0A8DD-4343-4B33-95C3-272A99F18984}) (Version: 4.3.0.371 - Steinberg Media Technologies GmbH)
Steinberg Nuendo Expansion Kit (HKLM-x32\...\{A1E50F2C-F6CA-4C27-AEA7-819B2A486223}) (Version: 4.2.2.274 - Steinberg Media Technologies GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
Total Audio MP3 Converter v3.1 build 1257 (HKLM-x32\...\{0C2BF220-E21C-493D-B2A3-D89848C719F0}_is1) (Version: - Hoo Technologies)
Unity Web Player (HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VideoDownloadConverter Internet Explorer Toolbar (HKLM-x32\...\VideoDownloadConverter_4zbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5100 - Broadcom Corporation)
WinX YouTube Downloader 3.2.3 (HKLM-x32\...\WinX YouTube Downloader_is1) (Version: - Digiarty Software, Inc.)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Тут недорого, версия 2.8 (HKLM-x32\...\{261F1A59-7B6F-41EB-97EC-CC9F51A08F13}_is1) (Version: 2.8 - Hamstersoft, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-255666515-4009557440-1129730794-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\jarda\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
13-01-2015 22:27:40 Windows Update
25-01-2015 02:13:06 Windows Update
28-01-2015 23:48:52 Windows Update
06-02-2015 20:09:35 Windows Update
12-02-2015 20:39:31 Windows Update
01-03-2015 17:07:09 Windows Update
13-03-2015 17:46:40 Windows Update
29-03-2015 10:56:36 Windows Update
08-04-2015 15:38:00 Windows Update
14-04-2015 07:35:08 avast! antivirus system restore point
16-05-2015 07:20:18 Windows Update
19-05-2015 20:02:12 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2015-05-19 20:04 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01083645-6F2D-4AC1-94E0-4634A1998206} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11] (Google Inc.)
Task: {0C3008AE-3D7C-44A2-81AD-4B4DFB8F5295} - \avastBCLRestartS-1-5-21-255666515-4009557440-1129730794-1002 No Task File <==== ATTENTION
Task: {18EFA2CF-0EE7-4448-98D3-C36BFDFB08DD} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-01-17] (Synaptics Incorporated)
Task: {1B27D91D-01AB-403C-8615-6AB985727F41} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {262BA18D-74EA-41EC-A473-FDEB6529B99F} - System32\Tasks\Norton Security Scan for jarda => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe [2014-01-27] (Symantec Corporation)
Task: {35669C9C-F6FD-41DC-8500-0B903472CF2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-11] (Google Inc.)
Task: {3B83C4F3-D218-4822-83E0-0203663DCCE5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {49EED1A7-E976-4363-8D4C-1D55A8689F9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {4C293D95-A5CF-41F5-902A-48459BF9C00E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-14] (Avast Software s.r.o.)
Task: {4D05BB85-FF19-4A4D-9733-9014394F0013} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-08] ()
Task: {535198B3-0F9F-496F-BF84-04A74F499925} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {59BEEAE1-DCBB-4C5B-9790-708D93D083FF} - System32\Tasks\{13EEF2F7-140A-4EF3-A2B6-D756F960D0F0} => pcalua.exe -a D:\nuendo_2_2.exe -d D:\
Task: {64C93F9D-4F43-41A3-BFA1-76ACE2BE52C3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {6D6C832C-2053-4EDD-8061-F1CFADAC23EC} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-08] ()
Task: {6FAE8F68-C3A2-45CC-968C-CE24D8649409} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-17] (Microsoft Corporation)
Task: {8908F347-C27C-4A55-8667-A8F3F4C714A9} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-255666515-4009557440-1129730794-1002
Task: {A60020ED-0FD2-43FC-94ED-A22D681814BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B263D0C8-EC76-42A5-9655-E222503E4598} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-01-22] ()
Task: {BC467A08-A679-4FBF-997F-961BFBAB7398} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {BEFC7CB0-C186-4D6F-947E-6354B922A590} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-11] (Facebook Inc.)
Task: {E1E8C8A6-D993-456C-BAE5-0D832C7C8D0B} - System32\Tasks\{14746DB8-062F-40A3-B033-6BAA7ED0D3F8} => pcalua.exe -a "D:\Total Commander 6.03a\tcmd603a.exe" -d "D:\Total Commander 6.03a"
Task: {F2C75CE7-32D0-426E-BB2C-CB6C419E7322} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {F425315C-4A93-41AC-B3DF-67D6E924CE83} - System32\Tasks\{8D3A0C8A-6501-4B30-9E82-DE1AB63ADF66} => pcalua.exe -a D:\Autorun.exe -d D:\
Task: {FB0C97DF-23FC-4C0D-A600-5BA77F7B0943} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated)
Task: {FB23AF1E-7D29-4194-B46C-4F2264BAE829} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-11] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core.job => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA.job => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for jarda.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-01-09 00:51 - 2013-01-09 00:51 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-02-08 23:24 - 2013-02-08 23:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-02-08 23:24 - 2013-02-08 23:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-04-14 07:39 - 2015-04-14 07:39 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-14 07:39 - 2015-04-14 07:39 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-19 18:17 - 2015-05-19 18:17 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051900\algo.dll
2015-05-19 21:01 - 2015-05-19 21:01 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051901\algo.dll
2015-04-14 07:39 - 2015-04-14 07:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-16 00:29 - 2013-02-21 07:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-05-15 14:06 - 2015-05-05 06:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-15 14:06 - 2015-05-05 06:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
2013-10-16 00:02 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\jarda\OneDrive:ms-properties
AlternateDataStreams: C:\Users\jarda\Downloads\message_5383.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-255666515-4009557440-1129730794-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-255666515-4009557440-1129730794-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{755391D7-B575-47E0-A558-29304C179BC0}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{6F7EFC64-2E26-4F6A-A2A0-DF4920B685D5}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{9321706E-981A-4C98-98DE-163A7C1F60B1}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [TCP Query User{2A2C7338-2E3A-4913-83E9-26C0209DCF0F}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{6FFDA08E-FA0C-432F-AE20-72ECE8845C47}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [TCP Query User{588F1418-CBA0-4E08-8134-611646147CFE}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{40D73BEB-671A-4823-A6D4-F03EC3393C82}C:\hry\assassins creed iii\ac3sp.exe] => (Block) C:\hry\assassins creed iii\ac3sp.exe
FirewallRules: [TCP Query User{F901927A-1F76-43EC-981C-68037ADD7EC0}C:\hry\assassins creed iii\ac3sp.exe] => (Block) C:\hry\assassins creed iii\ac3sp.exe
FirewallRules: [{94A3ABCA-9B54-4759-B48F-AF211C2AED0E}] => (Allow) C:\Users\jarda\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{5C16B1E7-E425-44E6-8D4B-BCC39D4EF024}] => (Allow) C:\Users\jarda\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{C59B5E44-733E-4FD9-A764-D4B4AB801A3E}] => (Allow) C:\Users\jarda\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{F94B99FC-B78A-467A-9CD7-F78FAF040A30}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A994080B-80FD-4CA1-A5D8-284332EF0FB1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{24FAF438-0CDE-423D-84DF-0F2AEC714295}C:\program files\flatout\flatout.exe] => (Block) C:\program files\flatout\flatout.exe
FirewallRules: [UDP Query User{0DE6B749-ADFE-4588-AD61-83F8979CB8E1}C:\program files\flatout\flatout.exe] => (Block) C:\program files\flatout\flatout.exe
FirewallRules: [TCP Query User{69E10B79-2B79-42C4-9099-06D7A874A078}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A84A4AD7-1956-426B-8AC0-38FAB6371A88}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{EC063AA2-0618-468D-8EC3-9BB5208FC58D}] => (Allow) C:\Users\jarda\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{6AC35197-DDE2-45CF-AB70-E8B154B8C7D9}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [UDP Query User{A26A42A2-EB4C-4407-AF24-42745219A798}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [TCP Query User{5B17BC65-B69B-42FC-A7CF-CA805965A3ED}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [UDP Query User{18A6402A-E621-4EA5-A291-64836D5CAE49}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [TCP Query User{6F3FD864-B090-400A-89E3-DED6912A192B}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [UDP Query User{65E4C3C1-A0C7-4F7D-8324-854D3A9E6C23}C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi media\dmcdaemon.exe
FirewallRules: [TCP Query User{577B977A-A318-4D7B-B0E2-644A5D19FB40}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [UDP Query User{D07DAEE5-1C00-43CE-A791-4B8605A45E77}C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe] => (Block) C:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe
FirewallRules: [TCP Query User{B159B45A-89A2-496A-8E6A-B8C9BC7AE013}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [UDP Query User{1F561E49-03CB-49BB-AD00-107171747F11}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [TCP Query User{7FF2F436-066C-4752-90FD-8E0C789DB19C}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [UDP Query User{311FE7E6-F764-4AD9-B4CE-F24BD27D5548}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [TCP Query User{87754641-5294-4906-B0BD-71F08C75C51A}C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe] => (Allow) C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe
FirewallRules: [UDP Query User{061112C4-5898-4927-B3EF-628C56E33303}C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe] => (Allow) C:\users\jarda\downloads\war_thunder_world_of_planes_beta_access.exe
FirewallRules: [{DAED4D47-FF16-40DA-8982-F42E9D9B8080}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3CFCD659-D483-4D42-A935-141949CDAE14}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A2A03266-CC2F-4529-8516-2D7428AA49A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Bluetooth USB module
Description: Bluetooth USB module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/18/2015 06:15:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/17/2015 06:43:20 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 06:43:20 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 06:43:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 01:37:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program worldoftanks.exe verze 0.9.7.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1f84
Čas spuštění: 01d09095d7689049
Čas ukončení: 5448
Cesta k aplikaci: C:\Games\World_of_Tanks\worldoftanks.exe
ID hlášení: 202daa6e-fc89-11e4-bf43-3065ec1e33a6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/17/2015 08:30:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 42.0.2311.152, časové razítko: 0x55481340
Název chybujícího modulu: user32.dll, verze: 6.3.9600.17736, časové razítko: 0x550f42c2
Kód výjimky: 0xc0000142
Posun chyby: 0x0009d4f2
ID chybujícího procesu: 0xa7c
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3
Úplný název chybujícího balíčku: chrome.exe4
ID aplikace související s chybujícím balíčkem: chrome.exe5
Error: (05/17/2015 07:52:01 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 07:52:01 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 07:52:01 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro asmv2:clrClassInvocation1 se nezdařilo. Chyba v souboru manifestu nebo zásady asmv2:clrClassInvocation2 na řádku asmv2:clrClassInvocation3.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (05/17/2015 07:39:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20856 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 9e0
Čas spuštění: 01d0906315431bd1
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 0abf6e3e-fc57-11e4-bf43-3065ec1e33a6
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (05/19/2015 09:05:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.
Error: (05/19/2015 08:59:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%1062
Error: (05/19/2015 08:52:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:12 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 08:52:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (05/19/2015 06:11:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba IconMan_R byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (05/19/2015 06:11:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (05/19/2015 06:11:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-12-09 15:42:24.391
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-10 16:44:43.977
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz
Percentage of memory in use: 20%
Total physical RAM: 7987.6 MB
Available physical RAM: 6336 MB
Total Pagefile: 16691.6 MB
Available Pagefile: 14935.45 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:914.15 GB) (Free:726.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF5C9815)
Partition: GPT Partition Type.
==================== End Of Log ============================
Re: Prosím o pomoc s viry
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKU\S-1-5-21-255666515-4009557440-1129730794-1002\...\Run: [Yahoo! Search] => C:\Users\jarda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-255666515-4009557440-1129730794-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll No File FF Plugin HKU\S-1-5-21-255666515-4009557440-1129730794-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\jarda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X] S3 X6va023; \??\C:\WINDOWS\SysWOW64\Drivers\X6va023 [X] S3 X6va025; \??\C:\WINDOWS\SysWOW64\Drivers\X6va025 [X] S3 X6va026; \??\C:\WINDOWS\SysWOW64\Drivers\X6va026 [X] S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X] S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X] 2015-05-19 20:59 - 2015-05-19 20:00 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe 2015-05-19 20:02 - 2015-05-19 21:02 - 00014791 _____ () C:\zoek-results.log 2015-05-19 19:58 - 2015-05-19 20:54 - 00000000 ____D () C:\zoek_backup 2015-05-19 19:58 - 2015-05-19 19:58 - 01308672 _____ () C:\Users\jarda\Desktop\zoek.exe 2015-05-19 18:25 - 2015-05-19 19:18 - 00000000 ____D () C:\Users\jarda\Desktop\mbar 2015-05-19 18:25 - 2015-05-19 18:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004.exe 2015-05-19 18:25 - 2015-05-19 18:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jarda\Downloads\mbar-1.09.1.1004 (1).exe 2015-05-19 18:02 - 2015-05-19 18:01 - 02209792 _____ () C:\Users\jarda\Desktop\adwcleaner_4.204.exe 2015-05-19 17:45 - 2015-05-19 17:46 - 00000000 ____D () C:\rsit 2015-05-19 17:45 - 2015-05-19 17:46 - 00000000 ____D () C:\Program Files\trend micro 2015-05-19 17:45 - 2015-05-19 17:45 - 01222144 _____ () C:\Users\jarda\Downloads\RSITx64.exe 2015-05-19 17:45 - 2015-05-19 17:45 - 01222144 _____ () C:\Users\jarda\Downloads\RSITx64 (1).exe 2015-05-19 18:11 - 2014-07-10 16:11 - 00000000 ____D () C:\AdwCleaner 2013-12-26 09:20 - 2014-01-16 20:57 - 0000028 _____ () C:\Users\jarda\AppData\Roaming\mspdohoe.dat 2013-10-16 00:05 - 2013-10-16 00:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Task: {0C3008AE-3D7C-44A2-81AD-4B4DFB8F5295} - \avastBCLRestartS-1-5-21-255666515-4009557440-1129730794-1002 No Task File <==== ATTENTION Task: {59BEEAE1-DCBB-4C5B-9790-708D93D083FF} - System32\Tasks\{13EEF2F7-140A-4EF3-A2B6-D756F960D0F0} => pcalua.exe -a D:\nuendo_2_2.exe -d D:\ Task: {E1E8C8A6-D993-456C-BAE5-0D832C7C8D0B} - System32\Tasks\{14746DB8-062F-40A3-B033-6BAA7ED0D3F8} => pcalua.exe -a "D:\Total Commander 6.03a\tcmd603a.exe" -d "D:\Total Commander 6.03a" Task: {F425315C-4A93-41AC-B3DF-67D6E924CE83} - System32\Tasks\{8D3A0C8A-6501-4B30-9E82-DE1AB63ADF66} => pcalua.exe -a D:\Autorun.exe -d D:\ Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002Core.job => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-255666515-4009557440-1129730794-1002UA.job => C:\Users\jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Norton Security Scan for jarda.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe FirewallRules: [{5C16B1E7-E425-44E6-8D4B-BCC39D4EF024}] => (Allow) C:\Users\jarda\AppData\Local\iLivid\iLivid.exe FirewallRules: [{C59B5E44-733E-4FD9-A764-D4B4AB801A3E}] => (Allow) C:\Users\jarda\AppData\Local\iLivid\iLivid.exe FirewallRules: [TCP Query User{B159B45A-89A2-496A-8E6A-B8C9BC7AE013}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [UDP Query User{1F561E49-03CB-49BB-AD00-107171747F11}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Allow) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [TCP Query User{7FF2F436-066C-4752-90FD-8E0C789DB19C}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [UDP Query User{311FE7E6-F764-4AD9-B4CE-F24BD27D5548}C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\jarda\appdata\roaming\torntv.com\torntv downloader.exe C:\Users\jarda\AppData\Local\iLivid C:\users\jarda\appdata\roaming\torntv.com C:\Users\jarda\AppData\Local\Pay-By-Ads CMD: dir "C:\PROGRA~1" CMD: dir "C:\PROGRA~2" CMD: dir "C:\PROGRA~3" CMD: dir "%localappdata%" CMD: dir "%appdata%" Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?