Dobrý deň asi posledný tyžden mám problem s mojim notebookom vyskakuju mi stále reklamy typu adds by Offer Wizard hlavne v browseri v podstate je jedno na čo kliknem, len kým som sa dostal sem tak mi to vyskočilo asi sedem krát a tak isto aj launcher na MMORPG aj tam sa to dostalo.
Log z RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Miroslav Šušovica at 2015-09-15 17:02:27
Microsoft Windows 8.1
System drive C: has 271 GB (71%) free of 381 GB
Total RAM: 6030 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:31, on 15.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\GameforgeLive\gfl_client.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Miroslav Šušovica.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - Global Startup: Send Desktop.scf
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\WINDOWS\SysWOW64\nethtsrv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\WINDOWS\SysWOW64\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SSFK - TODO: <???> - C:\Program Files (x86)\SFK\SSFK.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WdsManPro Service (WdsManPro) - DTools LIMITED - C:\ProgramData\HWdsManProH\WdsManPro.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: YouTubeAcceleratorService - Unknown owner - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe (file missing)
--
End of file - 14305 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\DU Meter\DUMeterSvc.exe" /startedbyscm:E1F6D4BE-40E33354-DUMeterService
dashost.exe {a6cb7de5-40dc-4f4c-aaa28de9efb28fd4}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\SFK\SSFK.exe" -s
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 5058c869-23f3-4801-844f-9c40ecfbb16a 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\ProgramData\HWdsManProH\WdsManPro.exe -service
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\SysWOW64\nethtsrv.exe
C:\WINDOWS\SysWOW64\netupdsrv.exe
taskhost.exe $(Arg0)
winlogon.exe
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
taskhostex.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
C:\WINDOWS\Explorer.EXE
KBFiltr.exe
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\SFK\SFKEX64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\DU Meter\DUMeter.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1084.0.1748261307\939012683" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.1.1831411231\329020394" --font-cache-shared-handle=1864 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.2.1687187406\1859906600" --font-cache-shared-handle=2028 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.3.1918076781\72077805" --font-cache-shared-handle=1848 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.4.1211634549\1509032069" --font-cache-shared-handle=2240 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.5.1367473244\1055319398" --font-cache-shared-handle=1984 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.7.215328884\983888491" --font-cache-shared-handle=4928 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.8.1339833940\1224633243" --font-cache-shared-handle=5836 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.9.1131663373\967470014" --font-cache-shared-handle=5992 /prefetch:673131151
"C:\Program Files (x86)\GameforgeLive\gfl_client.exe" "/noautopatch" "-start" "Aion"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.12.54670426\1406476790" --font-cache-shared-handle=5132 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1084.13.1118199642\2132134530" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledWithReno/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="1084.14.407798935\1605289885" --font-cache-shared-handle=10408 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="1084.15.999744926\833617440" --lang=sk /prefetch:845217598
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey B94B9C5D-836F-1120-568B-93F05BE467AC -Reinvoke
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe207_ Global\UsGthrCtrlFltPipeMssGthrPipe207 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\AmiUpdXp.job - C:\Users\Miroslav Šušovica\AppData\Local\23020\Updater.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 6718864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-28 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-28 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-12 13263072]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2461504]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-09-17 2799784]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2014-10-14 12697368]
"Windows Mobile Device Center"=C:\WINDOWS\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2014-05-18 399736]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"DU Meter"=C:\Program Files (x86)\DU Meter\DUMeter.exe [2009-03-13 1058816]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-05-08 40312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-09-03 364544]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Send Desktop.scf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 6718864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-15 17:02:27 ----D---- C:\rsit
2015-09-13 13:35:47 ----A---- C:\awh2CC7.tmp
2015-09-08 20:24:19 ----D---- C:\Program Files (x86)\Cheat Engine 6.4
2015-09-07 18:16:53 ----D---- C:\Program Files (x86)\globalUpdate
2015-09-07 18:16:02 ----D---- C:\Users\Miroslav Šušovica\AppData\Roaming\Opera Software
2015-09-07 18:14:55 ----D---- C:\Program Files (x86)\Opera
2015-09-07 18:13:28 ----D---- C:\Program Files (x86)\SFK
2015-09-07 18:13:16 ----D---- C:\ProgramData\HWdsManProH
2015-09-07 18:13:16 ----A---- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-09-07 18:13:09 ----D---- C:\Users\Miroslav Šušovica\AppData\Roaming\oursurfing
======List of files/folders modified in the last 1 month======
2015-09-15 17:02:31 ----D---- C:\WINDOWS\Prefetch
2015-09-15 17:02:29 ----D---- C:\Program Files\trend micro
2015-09-15 17:00:00 ----D---- C:\WINDOWS\system32\sru
2015-09-15 16:56:15 ----D---- C:\Users\Miroslav Šušovica\AppData\Roaming\uTorrent
2015-09-15 16:55:51 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-09-15 16:53:42 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-09-15 16:50:37 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-09-15 00:02:09 ----D---- C:\Users\Miroslav Šušovica\AppData\Roaming\ClassicShell
2015-09-15 00:01:21 ----D---- C:\Users\Miroslav Šušovica\AppData\Roaming\TS3Client
2015-09-14 23:46:06 ----SHD---- C:\WINDOWS\Installer
2015-09-14 23:46:06 ----D---- C:\WINDOWS\Temp
2015-09-14 23:41:13 ----D---- C:\Program Files (x86)
2015-09-14 23:41:10 ----D---- C:\WINDOWS\Tasks
2015-09-13 13:30:42 ----D---- C:\WINDOWS\SysWOW64
2015-09-13 13:30:42 ----D---- C:\WINDOWS\system32\drivers
2015-09-13 13:30:41 ----D---- C:\Program Files (x86)\Common Files
2015-09-12 15:03:45 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-12 15:00:10 ----D---- C:\WINDOWS\system32\catroot2
2015-09-12 15:00:03 ----SHD---- C:\System Volume Information
2015-09-12 13:08:42 ----D---- C:\WINDOWS\system32\config
2015-09-12 13:05:59 ----SHD---- C:\$Recycle.Bin
2015-09-12 13:05:54 ----D---- C:\Windows
2015-09-12 13:05:53 ----D---- C:\WINDOWS\Inf
2015-09-11 16:39:03 ----D---- C:\WINDOWS\AppReadiness
2015-09-11 08:23:08 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-11 08:16:28 ----D---- C:\WINDOWS\Minidump
2015-09-11 08:16:28 ----D---- C:\WINDOWS\Logs
2015-09-11 08:16:25 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-09-10 15:55:25 ----D---- C:\Users\Miroslav Šušovica\AppData\Roaming\vlc
2015-09-08 12:21:03 ----D---- C:\WINDOWS\system32\Tasks
2015-09-08 11:15:46 ----HD---- C:\Program Files\WindowsApps
2015-09-07 18:13:16 ----HD---- C:\ProgramData
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2014-03-17 783864]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2014-03-17 345456]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-02-05 31376]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 dtsoftbus01;@oem21.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-06-11 283064]
R1 nethfdrv;nethfdrv; \??\C:\WINDOWS\system32\drivers\nethfdrv.sys [2015-08-01 46160]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 ATP;@oem4.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-11-08 70928]
R3 BtAudioBusSrv;@oem10.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-08-14 48736]
R3 HIDSwitch;@oem14.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-12-18 3262816]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-11-15 342528]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 LGBusEnum;@oem40.inf,%LGBusEnum.SVCDESC%;Logitech GamePanel Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;@oem38.inf,%LGSHidFilt.SvcDesc%;Logitech Gaming KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LGVirHid;@oem41.inf,%LGVirHid.SVCDESC%;Logitech Gamepanel Virtual HID Device Driver; C:\WINDOWS\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MEIx64;@oem28.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2014-03-17 311600]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2014-03-17 522360]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-02-05 10284872]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 20288]
R3 nvvad_WaveExtensible;@oem27.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 rtbth;@oem7.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2012-09-05 695904]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2014-03-17 69344]
S3 AmUStor;@oem29.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-06-14 100992]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2014-03-17 70592]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2014-03-17 180272]
S3 netr28x;@oem5.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-11-02 2606768]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2014-03-18 167424]
S3 TridVid;@oem43.inf,%TridVid.DeviceDesc%;USB TV Tuner; C:\WINDOWS\system32\DRIVERS\tridvid6010.sys [2011-01-21 411648]
S3 TridVid64;@oem44.inf,%TridVidII.ServiceDesc%;TM6010 TV Service; C:\WINDOWS\system32\DRIVERS\TridVidII64.sys [2009-05-08 251008]
S3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-06-19 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-09-03 1602560]
R2 DUMeterSvc;DU Meter Service; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2009-03-13 504832]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1149760]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-03-17 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-03-17 185792]
R2 NetHttpService;Network HTTP Support Service; C:\WINDOWS\SysWOW64\nethtsrv.exe [2015-08-01 350208]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-02-05 935056]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ServiceUpdater;Network Support Service Updater; C:\WINDOWS\SysWOW64\netupdsrv.exe [2015-08-01 190976]
R2 SSFK;SSFK; C:\Program Files (x86)\SFK\SSFK.exe [2015-09-07 411648]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-09-03 138752]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Stále vyskakuje reklama offer wizard
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Stále vyskakuje reklama offer wizard
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner[C?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Stále vyskakuje reklama offer wizard
# AdwCleaner v5.007 - Logfile created 16/09/2015 at 14:00:57
# Updated 08/09/2015 by Xplode
# Database : 2015-09-15.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Miroslav Šušovica - DJMIRENTE
# Running from : C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik
***** [ Files ] *****
[-] File Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage
[-] File Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage-journal
[-] File Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/12&hid=2620210849&lg=EN&cc=SK
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://websearch.searchingissme.info/?unqvl=23
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN39421460431583522&UM=1
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.default-search.net?sid=498&aid=121& ... 38&src=hmp
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=14416423 ... SLP2WUSLPX
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jpfpebmajhhopeonhlcgidhclcccjcik
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2497 bytes] ##########
# Updated 08/09/2015 by Xplode
# Database : 2015-09-15.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Miroslav Šušovica - DJMIRENTE
# Running from : C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik
***** [ Files ] *****
[-] File Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage
[-] File Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage-journal
[-] File Deleted : C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/12&hid=2620210849&lg=EN&cc=SK
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://websearch.searchingissme.info/?unqvl=23
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN39421460431583522&UM=1
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.default-search.net?sid=498&aid=121& ... 38&src=hmp
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=14416423 ... SLP2WUSLPX
[-] [C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jpfpebmajhhopeonhlcgidhclcccjcik
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2497 bytes] ##########
Re: Stále vyskakuje reklama offer wizard
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Stále vyskakuje reklama offer wizard
Zoek.exe v5.0.0.0 Updated 15-09-2015
Tool run by Miroslav ćuçovica on st 16.09.2015 at 15:30:38,17.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MIROSL~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
16.9.2015 15:31:50 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Gyumbvdsejbxpe deleted successfully
C:\PROGRA~2\Navigo deleted successfully
C:\PROGRA~2\Ubisoft deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Users\MIROSL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\CMS deleted successfully
C:\Users\MIROSL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\MediaInfo deleted successfully
C:\PROGRA~3\Oracle deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D67DD3E-835D-4A54-A31F-3F5A7FD6CBD3} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A4D3D6F-759-4258-B76D-717D48AD5AA} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8329D0E2-CB06-48B6-B959-5F1D70D93E65} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94D63F0C-2E8D-49E2-B5B3-6E3E5740BC3E} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9C12887-68F0-4852-9986-7E4D1B4392E0} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFBC9661-A833-431A-B857-74E3152DFC59} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA41A1E9-63D6-480E-B9DE-94FD4EF08013} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB8F34D0-3CBD-444F-969-F4B5C51622FD} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E438729D-C94D-4D89-A414-2D6C79EC583} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF0DDB09-137A-413A-A8B5-FB378D83B54A} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF7A50B0-93D4-4CA6-ADB0-162DBFD51BBF} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9E947D9-69CB-4F72-B871-3AB5EAB6355} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Gyumbvdsejbxpe not found
C:\PROGRA~2\Navigo not found
C:\PROGRA~2\Ubisoft not found
C:\PROGRA~2\COMMON~1\Config deleted
C:\awhA222.tmp deleted
C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWOW64\AniGIF.ocx deleted
C:\Users\MIROSL~1\Desktop\Flvto Youtube Downloader.lnk deleted
C:\Users\MIROSL~1\Desktop\MRDownloader.exe deleted
C:\Users\MIROSL~1\WindowsShortcutArrowEditor.exe deleted
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus13.msn.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus13.msn.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=17 folders=11 8715919 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\MIROSL~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 16.09.2015 at 15:44:12,56 ======================
Tool run by Miroslav ćuçovica on st 16.09.2015 at 15:30:38,17.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MIROSL~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
16.9.2015 15:31:50 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Gyumbvdsejbxpe deleted successfully
C:\PROGRA~2\Navigo deleted successfully
C:\PROGRA~2\Ubisoft deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Users\MIROSL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\CMS deleted successfully
C:\Users\MIROSL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\MediaInfo deleted successfully
C:\PROGRA~3\Oracle deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D67DD3E-835D-4A54-A31F-3F5A7FD6CBD3} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A4D3D6F-759-4258-B76D-717D48AD5AA} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8329D0E2-CB06-48B6-B959-5F1D70D93E65} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94D63F0C-2E8D-49E2-B5B3-6E3E5740BC3E} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9C12887-68F0-4852-9986-7E4D1B4392E0} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFBC9661-A833-431A-B857-74E3152DFC59} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA41A1E9-63D6-480E-B9DE-94FD4EF08013} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB8F34D0-3CBD-444F-969-F4B5C51622FD} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E438729D-C94D-4D89-A414-2D6C79EC583} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF0DDB09-137A-413A-A8B5-FB378D83B54A} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF7A50B0-93D4-4CA6-ADB0-162DBFD51BBF} deleted successfully
HKEY_USERS\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9E947D9-69CB-4F72-B871-3AB5EAB6355} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Gyumbvdsejbxpe not found
C:\PROGRA~2\Navigo not found
C:\PROGRA~2\Ubisoft not found
C:\PROGRA~2\COMMON~1\Config deleted
C:\awhA222.tmp deleted
C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWOW64\AniGIF.ocx deleted
C:\Users\MIROSL~1\Desktop\Flvto Youtube Downloader.lnk deleted
C:\Users\MIROSL~1\Desktop\MRDownloader.exe deleted
C:\Users\MIROSL~1\WindowsShortcutArrowEditor.exe deleted
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus13.msn.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus13.msn.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=17 folders=11 8715919 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\MIROSL~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 16.09.2015 at 15:44:12,56 ======================
Re: Stále vyskakuje reklama offer wizard
Poprosim o novy log z FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Stále vyskakuje reklama offer wizard
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Miroslav Šušovica (administrator) on DJMIRENTE (23-09-2015 00:03:12)
Running from C:\Users\Miroslav Šušovica\Desktop
Loaded Profiles: Miroslav Šušovica (Available Profiles: Miroslav Šušovica)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeter.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\GameforgeLive\gfl_client.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364544 2012-09-03] (IVT Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-05-18] (BitTorrent, Inc.)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [1058816 2009-03-13] (Hagel Technologies Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Send Desktop.scf [2014-05-19] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EA49A56E-E1F3-4F58-8958-17BDB09F143F}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FE2FF5BD-7B60-4B25-A061-4597699C1C12}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-2890659564-3557197188-618029785-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-28] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-28] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-28] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/12&hid=2620210849&lg=EN&cc=SK","hxxp://websearch.searchingissme.info/?unqvl=23","hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN39421460431583522&UM=1","hxxp://www.default-search.net?sid=498&aid=121& ... SLP2WUSLPX"
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Profile: C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]
CHR Extension: (Disk Google) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]
CHR Extension: (YouTube) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17]
CHR Extension: (OpenSubtitles Utilities) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokkhpcjhfanbnpfgkjdcjfdfohdlbpf [2014-08-21]
CHR Extension: (Google Search) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2015-09-15]
CHR Extension: (Speed Dial 2) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-09-16]
CHR Extension: (SoundCloud mp3 Download) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlinbfdlnkjpimeeeeodegeibkkekboe [2014-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-17]
CHR Extension: (Gmail) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1602560 2012-09-03] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-09-03] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2013-08-22] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [504832 2009-03-13] (Hagel Technologies Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-11] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-11-08] (ASUS Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
S3 cfwids; C:\Windows\system32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-11] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\system32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695904 2012-09-05] (Ralink Technology, Corp.)
S3 TridVid; C:\Windows\system32\DRIVERS\tridvid6010.sys [411648 2011-01-21] (10Moons Technologies Co.,Ltd)
S3 TridVid64; C:\Windows\system32\DRIVERS\TridVidII64.sys [251008 2009-05-08] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2014-06-11] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [257880 2014-06-11] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 23:58 - 2015-09-23 00:03 - 00023967 _____ C:\Users\Miroslav Šušovica\Desktop\FRST.txt
2015-09-22 23:57 - 2015-09-23 00:03 - 00000000 ____D C:\FRST
2015-09-22 23:55 - 2015-09-22 23:56 - 00112640 _____ (forum.viry.cz) C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe
2015-09-22 23:53 - 2015-09-22 23:53 - 02191360 _____ (Farbar) C:\Users\Miroslav Šušovica\Desktop\FRST64.exe
2015-09-20 09:54 - 2015-09-20 09:54 - 00000000 ____D C:\Users\Miroslav Šušovica\Desktop\Strapo - Versus
2015-09-20 09:52 - 2015-09-20 09:53 - 134898068 _____ C:\Users\Miroslav Šušovica\Downloads\Strapo---Versus-2015-[320kbps].zip
2015-09-17 18:24 - 2015-09-22 19:11 - 00000163 _____ C:\Users\Miroslav Šušovica\Documents\ClownfishForTeamspeak.ini
2015-09-17 17:07 - 2015-09-17 17:08 - 01568531 _____ C:\Users\Miroslav Šušovica\Desktop\12021561_446260282249465_972473861_n.mp4
2015-09-17 14:40 - 2012-06-22 07:46 - 00000000 ____D C:\Users\Miroslav Šušovica\Desktop\Nero - Welcome Reality (Deluxe Edition)
2015-09-16 18:00 - 2015-09-16 18:00 - 00237268 _____ C:\Users\Miroslav Šušovica\Downloads\ClownfishVoiceChanger-v1.50.ts3_plugin
2015-09-16 15:43 - 2015-09-16 15:43 - 00000338 _____ C:\WINDOWS\PFRO.log
2015-09-16 15:42 - 2015-09-16 15:30 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-16 15:31 - 2015-09-16 15:44 - 00007588 _____ C:\zoek-results.log
2015-09-16 15:30 - 2015-09-16 15:41 - 00000000 ____D C:\zoek_backup
2015-09-16 15:24 - 2015-09-16 15:24 - 01308672 _____ C:\Users\Miroslav Šušovica\Desktop\zoek.exe
2015-09-15 22:07 - 2015-09-15 22:07 - 01660416 _____ C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 01222144 _____ C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 00000000 ____D C:\rsit
2015-09-12 13:05 - 2015-09-12 13:05 - 00000834 _____ C:\WINDOWS\setupact.log
2015-09-12 13:05 - 2015-09-12 13:05 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-11 08:23 - 2015-09-22 21:19 - 00725843 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-11 08:22 - 2015-09-11 08:26 - 00000000 ____D C:\Users\Miroslav Šušovica\Downloads\San.Andreas.2015.1080p.WEB-DL.X264.AC3-EVO
2015-09-08 20:25 - 2015-09-08 20:25 - 00000000 ____D C:\Users\Miroslav Šušovica\Documents\My Cheat Tables
2015-09-07 18:34 - 2015-09-07 18:34 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Local\23020
2015-09-07 18:16 - 2015-09-07 18:32 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\Opera Software
2015-09-07 18:16 - 2015-09-07 18:32 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Local\Opera Software
2015-09-07 18:14 - 2015-09-07 18:32 - 00000000 ____D C:\Program Files (x86)\Opera
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-23 00:03 - 2014-05-17 20:35 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\uTorrent
2015-09-23 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-22 23:50 - 2015-01-21 20:08 - 00001775 _____ C:\Users\Miroslav Šušovica\Documents\aionmemo_13dab0b6.dat
2015-09-22 23:50 - 2014-12-30 18:30 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\TS3Client
2015-09-22 23:49 - 2014-06-21 16:18 - 00004022 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{85292513-A54F-48D3-84B9-5C44597203AA}
2015-09-22 23:46 - 2014-10-25 15:03 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 23:46 - 2014-10-25 15:02 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 14:39 - 2012-09-10 16:54 - 00000739 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-09-22 14:38 - 2014-05-17 00:36 - 00000062 _____ C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys
2015-09-22 14:37 - 2014-03-09 07:45 - 00004268 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-09-22 14:36 - 2014-03-09 07:45 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-09-21 21:30 - 2014-06-15 12:38 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\ClassicShell
2015-09-21 20:52 - 2014-09-06 18:56 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\Skype
2015-09-20 14:05 - 2014-06-11 16:42 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\XnView
2015-09-17 16:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-16 16:45 - 2014-07-24 13:38 - 00000000 ____D C:\Users\Miroslav Šušovica\Desktop\New stuffs
2015-09-16 15:43 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-16 15:41 - 2014-06-11 14:02 - 00000000 ____D C:\Users\Miroslav Šušovica
2015-09-16 15:41 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-09-16 15:41 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-09-16 15:03 - 2014-05-17 17:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2890659564-3557197188-618029785-1002
2015-09-16 14:00 - 2014-09-06 18:08 - 00000000 ____D C:\AdwCleaner
2015-09-15 22:08 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-15 17:02 - 2014-09-06 17:58 - 00000000 ____D C:\Program Files\trend micro
2015-09-15 16:58 - 2014-05-17 17:46 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Local\Google
2015-09-14 23:41 - 2014-05-17 17:47 - 00003936 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-14 23:41 - 2014-05-17 17:47 - 00003700 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-11 08:16 - 2015-06-30 16:37 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-10 15:55 - 2014-05-17 21:21 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\vlc
2015-09-07 18:33 - 2014-06-11 14:20 - 00001456 _____ C:\Users\Miroslav Šušovica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-04 12:47 - 2015-01-19 17:31 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
==================== Files in the root of some directories =======
2015-04-03 17:03 - 2015-04-03 17:04 - 0039680 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2015-04-03 19:50 - 2015-04-03 19:50 - 0017039 _____ () C:\Program Files (x86)\CMS Uninstall Log.txt
2015-03-16 18:26 - 2015-03-16 18:26 - 0002528 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\$_hpcst$.hpc
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW
2014-09-06 17:16 - 2014-09-06 17:16 - 1508712 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF
2014-09-06 17:16 - 2014-09-06 17:16 - 1951080 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF.exe
2014-05-17 00:36 - 2015-09-22 14:38 - 0000062 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys
2014-06-02 13:54 - 2014-11-14 09:33 - 0001120 _____ () C:\Users\Miroslav Šušovica\AppData\Local\MRDownloader.nast
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-19 14:24
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:372.17 GB) (Free:269.51 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:346.29 GB) NTFS
Available physical RAM: 3956.99 MB
Total physical RAM: 6029.57 MB
Percentage of memory in use: 34%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0FE4DC0A)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:8927A071
==================== Security Center ==================
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Miroslav �u�ovica\Desktop" je 7370 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Miroslav Šušovica (administrator) on DJMIRENTE (23-09-2015 00:03:12)
Running from C:\Users\Miroslav Šušovica\Desktop
Loaded Profiles: Miroslav Šušovica (Available Profiles: Miroslav Šušovica)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeter.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\GameforgeLive\gfl_client.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364544 2012-09-03] (IVT Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-05-18] (BitTorrent, Inc.)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [1058816 2009-03-13] (Hagel Technologies Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Send Desktop.scf [2014-05-19] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EA49A56E-E1F3-4F58-8958-17BDB09F143F}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FE2FF5BD-7B60-4B25-A061-4597699C1C12}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-2890659564-3557197188-618029785-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-28] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-28] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-28] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/12&hid=2620210849&lg=EN&cc=SK","hxxp://websearch.searchingissme.info/?unqvl=23","hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN39421460431583522&UM=1","hxxp://www.default-search.net?sid=498&aid=121& ... SLP2WUSLPX"
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Profile: C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17]
CHR Extension: (Disk Google) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17]
CHR Extension: (YouTube) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17]
CHR Extension: (OpenSubtitles Utilities) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokkhpcjhfanbnpfgkjdcjfdfohdlbpf [2014-08-21]
CHR Extension: (Google Search) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2015-09-15]
CHR Extension: (Speed Dial 2) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-09-16]
CHR Extension: (SoundCloud mp3 Download) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlinbfdlnkjpimeeeeodegeibkkekboe [2014-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-17]
CHR Extension: (Gmail) - C:\Users\Miroslav Šušovica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1602560 2012-09-03] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-09-03] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2013-08-22] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [504832 2009-03-13] (Hagel Technologies Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-11] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-11-08] (ASUS Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
S3 cfwids; C:\Windows\system32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-11] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\system32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695904 2012-09-05] (Ralink Technology, Corp.)
S3 TridVid; C:\Windows\system32\DRIVERS\tridvid6010.sys [411648 2011-01-21] (10Moons Technologies Co.,Ltd)
S3 TridVid64; C:\Windows\system32\DRIVERS\TridVidII64.sys [251008 2009-05-08] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2014-06-11] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [257880 2014-06-11] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 23:58 - 2015-09-23 00:03 - 00023967 _____ C:\Users\Miroslav Šušovica\Desktop\FRST.txt
2015-09-22 23:57 - 2015-09-23 00:03 - 00000000 ____D C:\FRST
2015-09-22 23:55 - 2015-09-22 23:56 - 00112640 _____ (forum.viry.cz) C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe
2015-09-22 23:53 - 2015-09-22 23:53 - 02191360 _____ (Farbar) C:\Users\Miroslav Šušovica\Desktop\FRST64.exe
2015-09-20 09:54 - 2015-09-20 09:54 - 00000000 ____D C:\Users\Miroslav Šušovica\Desktop\Strapo - Versus
2015-09-20 09:52 - 2015-09-20 09:53 - 134898068 _____ C:\Users\Miroslav Šušovica\Downloads\Strapo---Versus-2015-[320kbps].zip
2015-09-17 18:24 - 2015-09-22 19:11 - 00000163 _____ C:\Users\Miroslav Šušovica\Documents\ClownfishForTeamspeak.ini
2015-09-17 17:07 - 2015-09-17 17:08 - 01568531 _____ C:\Users\Miroslav Šušovica\Desktop\12021561_446260282249465_972473861_n.mp4
2015-09-17 14:40 - 2012-06-22 07:46 - 00000000 ____D C:\Users\Miroslav Šušovica\Desktop\Nero - Welcome Reality (Deluxe Edition)
2015-09-16 18:00 - 2015-09-16 18:00 - 00237268 _____ C:\Users\Miroslav Šušovica\Downloads\ClownfishVoiceChanger-v1.50.ts3_plugin
2015-09-16 15:43 - 2015-09-16 15:43 - 00000338 _____ C:\WINDOWS\PFRO.log
2015-09-16 15:42 - 2015-09-16 15:30 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-16 15:31 - 2015-09-16 15:44 - 00007588 _____ C:\zoek-results.log
2015-09-16 15:30 - 2015-09-16 15:41 - 00000000 ____D C:\zoek_backup
2015-09-16 15:24 - 2015-09-16 15:24 - 01308672 _____ C:\Users\Miroslav Šušovica\Desktop\zoek.exe
2015-09-15 22:07 - 2015-09-15 22:07 - 01660416 _____ C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 01222144 _____ C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 00000000 ____D C:\rsit
2015-09-12 13:05 - 2015-09-12 13:05 - 00000834 _____ C:\WINDOWS\setupact.log
2015-09-12 13:05 - 2015-09-12 13:05 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-11 08:23 - 2015-09-22 21:19 - 00725843 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-11 08:22 - 2015-09-11 08:26 - 00000000 ____D C:\Users\Miroslav Šušovica\Downloads\San.Andreas.2015.1080p.WEB-DL.X264.AC3-EVO
2015-09-08 20:25 - 2015-09-08 20:25 - 00000000 ____D C:\Users\Miroslav Šušovica\Documents\My Cheat Tables
2015-09-07 18:34 - 2015-09-07 18:34 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Local\23020
2015-09-07 18:16 - 2015-09-07 18:32 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\Opera Software
2015-09-07 18:16 - 2015-09-07 18:32 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Local\Opera Software
2015-09-07 18:14 - 2015-09-07 18:32 - 00000000 ____D C:\Program Files (x86)\Opera
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-23 00:03 - 2014-05-17 20:35 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\uTorrent
2015-09-23 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-22 23:50 - 2015-01-21 20:08 - 00001775 _____ C:\Users\Miroslav Šušovica\Documents\aionmemo_13dab0b6.dat
2015-09-22 23:50 - 2014-12-30 18:30 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\TS3Client
2015-09-22 23:49 - 2014-06-21 16:18 - 00004022 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{85292513-A54F-48D3-84B9-5C44597203AA}
2015-09-22 23:46 - 2014-10-25 15:03 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 23:46 - 2014-10-25 15:02 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 14:39 - 2012-09-10 16:54 - 00000739 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-09-22 14:38 - 2014-05-17 00:36 - 00000062 _____ C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys
2015-09-22 14:37 - 2014-03-09 07:45 - 00004268 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-09-22 14:36 - 2014-03-09 07:45 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-09-21 21:30 - 2014-06-15 12:38 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\ClassicShell
2015-09-21 20:52 - 2014-09-06 18:56 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\Skype
2015-09-20 14:05 - 2014-06-11 16:42 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\XnView
2015-09-17 16:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-16 16:45 - 2014-07-24 13:38 - 00000000 ____D C:\Users\Miroslav Šušovica\Desktop\New stuffs
2015-09-16 15:43 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-16 15:41 - 2014-06-11 14:02 - 00000000 ____D C:\Users\Miroslav Šušovica
2015-09-16 15:41 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-09-16 15:41 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-09-16 15:03 - 2014-05-17 17:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2890659564-3557197188-618029785-1002
2015-09-16 14:00 - 2014-09-06 18:08 - 00000000 ____D C:\AdwCleaner
2015-09-15 22:08 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-15 17:02 - 2014-09-06 17:58 - 00000000 ____D C:\Program Files\trend micro
2015-09-15 16:58 - 2014-05-17 17:46 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Local\Google
2015-09-14 23:41 - 2014-05-17 17:47 - 00003936 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-14 23:41 - 2014-05-17 17:47 - 00003700 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-11 08:16 - 2015-06-30 16:37 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-10 15:55 - 2014-05-17 21:21 - 00000000 ____D C:\Users\Miroslav Šušovica\AppData\Roaming\vlc
2015-09-07 18:33 - 2014-06-11 14:20 - 00001456 _____ C:\Users\Miroslav Šušovica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-04 12:47 - 2015-01-19 17:31 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
==================== Files in the root of some directories =======
2015-04-03 17:03 - 2015-04-03 17:04 - 0039680 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2015-04-03 19:50 - 2015-04-03 19:50 - 0017039 _____ () C:\Program Files (x86)\CMS Uninstall Log.txt
2015-03-16 18:26 - 2015-03-16 18:26 - 0002528 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\$_hpcst$.hpc
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW
2014-09-06 17:16 - 2014-09-06 17:16 - 1508712 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF
2014-09-06 17:16 - 2014-09-06 17:16 - 1951080 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF.exe
2014-05-17 00:36 - 2015-09-22 14:38 - 0000062 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys
2014-06-02 13:54 - 2014-11-14 09:33 - 0001120 _____ () C:\Users\Miroslav Šušovica\AppData\Local\MRDownloader.nast
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-19 14:24
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:372.17 GB) (Free:269.51 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:346.29 GB) NTFS
Available physical RAM: 3956.99 MB
Total physical RAM: 6029.57 MB
Percentage of memory in use: 34%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0FE4DC0A)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:8927A071
==================== Security Center ==================
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Miroslav �u�ovica\Desktop" je 7370 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (9.24 KiB) Staženo 46 x
Re: Stále vyskakuje reklama offer wizard
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-05-18] (BitTorrent, Inc.) HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG) HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File CHR StartupUrls: Default -> "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/12&hid=2620210849&lg=EN&cc=SK","hxxp://websearch.searchingissme.info/?unqvl=23","hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN39421460431583522&UM=1","hxxp://www.default-search.net?sid=498&aid=121&itype=n&ver=12386&tm=338&src=hmp","hxxp://www.oursurfing.com/?type=hp&ts=1441642384&z=61bfe3836e9adc595e8a645g2zbz9g8q7zdocc1m2o&from=2sq3&uid=HGSTXHTS541010A9E680_JA1000102WUSLP2WUSLPX" CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html" 2015-09-22 23:58 - 2015-09-23 00:03 - 00023967 _____ C:\Users\Miroslav Šušovica\Desktop\FRST.txt 2015-09-22 23:55 - 2015-09-22 23:56 - 00112640 _____ (forum.viry.cz) C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe 2015-09-16 15:43 - 2015-09-16 15:43 - 00000338 _____ C:\WINDOWS\PFRO.log 2015-09-16 15:42 - 2015-09-16 15:30 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2015-09-16 15:31 - 2015-09-16 15:44 - 00007588 _____ C:\zoek-results.log 2015-09-16 15:30 - 2015-09-16 15:41 - 00000000 ____D C:\zoek_backup 2015-09-16 15:24 - 2015-09-16 15:24 - 01308672 _____ C:\Users\Miroslav Šušovica\Desktop\zoek.exe 2015-09-15 22:07 - 2015-09-15 22:07 - 01660416 _____ C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe 2015-09-15 17:02 - 2015-09-15 17:02 - 01222144 _____ C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe 2015-09-15 17:02 - 2015-09-15 17:02 - 00000000 ____D C:\rsit 2015-09-12 13:05 - 2015-09-12 13:05 - 00000834 _____ C:\WINDOWS\setupact.log 2015-09-12 13:05 - 2015-09-12 13:05 - 00000000 _____ C:\WINDOWS\setuperr.log 2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW 2014-09-06 17:16 - 2014-09-06 17:16 - 1508712 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW.exe 2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF 2014-09-06 17:16 - 2014-09-06 17:16 - 1951080 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF.exe 2014-05-17 00:36 - 2015-09-22 14:38 - 0000062 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\ProgramData\Temp:8927A071 Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Stále vyskakuje reklama offer wizard
Nech sa páči
Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Miroslav Šušovica (2015-09-23 10:24:34) Run:1
Running from C:\Users\Miroslav Šušovica\Desktop
Loaded Profiles: Miroslav Šušovica (Available Profiles: Miroslav Šušovica)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-05-18] (BitTorrent, Inc.)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
CHR StartupUrls: Default -> "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/12&hid=2620210849&lg=EN&cc=SK","hxxp://websearch.searchingissme.info/?unqvl=23","hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN39421460431583522&UM=1","hxxp://www.default-search.net?sid=498&aid=121& ... SLP2WUSLPX"
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
2015-09-22 23:58 - 2015-09-23 00:03 - 00023967 _____ C:\Users\Miroslav Šušovica\Desktop\FRST.txt
2015-09-22 23:55 - 2015-09-22 23:56 - 00112640 _____ (forum.viry.cz) C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe
2015-09-16 15:43 - 2015-09-16 15:43 - 00000338 _____ C:\WINDOWS\PFRO.log
2015-09-16 15:42 - 2015-09-16 15:30 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-16 15:31 - 2015-09-16 15:44 - 00007588 _____ C:\zoek-results.log
2015-09-16 15:30 - 2015-09-16 15:41 - 00000000 ____D C:\zoek_backup
2015-09-16 15:24 - 2015-09-16 15:24 - 01308672 _____ C:\Users\Miroslav Šušovica\Desktop\zoek.exe
2015-09-15 22:07 - 2015-09-15 22:07 - 01660416 _____ C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 01222144 _____ C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 00000000 ____D C:\rsit
2015-09-12 13:05 - 2015-09-12 13:05 - 00000834 _____ C:\WINDOWS\setupact.log
2015-09-12 13:05 - 2015-09-12 13:05 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW
2014-09-06 17:16 - 2014-09-06 17:16 - 1508712 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF
2014-09-06 17:16 - 2014-09-06 17:16 - 1951080 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF.exe
2014-05-17 00:36 - 2015-09-22 14:38 - 0000062 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:8927A071
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value removed successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKCR\PROTOCOLS\Filter\application/x-mfe-ipt" => key removed successfully
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => key not found.
Chrome StartupUrls removed successfully
Chrome NewTab removed successfully
"C:\Users\Miroslav Šušovica\Desktop\FRST.txt" => File/Folder not found.
C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe => moved successfully
C:\WINDOWS\PFRO.log => moved successfully
C:\WINDOWS\zoek-delete.exe => moved successfully
C:\zoek-results.log => moved successfully
C:\zoek_backup => moved successfully
C:\Users\Miroslav Šušovica\Desktop\zoek.exe => moved successfully
C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe => moved successfully
C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe => moved successfully
C:\rsit => moved successfully
C:\WINDOWS\setupact.log => moved successfully
C:\WINDOWS\setuperr.log => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW.exe => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF.exe => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":8927A071" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 910.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 10:25:44 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Miroslav Šušovica (2015-09-23 10:24:34) Run:1
Running from C:\Users\Miroslav Šušovica\Desktop
Loaded Profiles: Miroslav Šušovica (Available Profiles: Miroslav Šušovica)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-05-18] (BitTorrent, Inc.)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
CHR StartupUrls: Default -> "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/12&hid=2620210849&lg=EN&cc=SK","hxxp://websearch.searchingissme.info/?unqvl=23","hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN39421460431583522&UM=1","hxxp://www.default-search.net?sid=498&aid=121& ... SLP2WUSLPX"
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
2015-09-22 23:58 - 2015-09-23 00:03 - 00023967 _____ C:\Users\Miroslav Šušovica\Desktop\FRST.txt
2015-09-22 23:55 - 2015-09-22 23:56 - 00112640 _____ (forum.viry.cz) C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe
2015-09-16 15:43 - 2015-09-16 15:43 - 00000338 _____ C:\WINDOWS\PFRO.log
2015-09-16 15:42 - 2015-09-16 15:30 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-16 15:31 - 2015-09-16 15:44 - 00007588 _____ C:\zoek-results.log
2015-09-16 15:30 - 2015-09-16 15:41 - 00000000 ____D C:\zoek_backup
2015-09-16 15:24 - 2015-09-16 15:24 - 01308672 _____ C:\Users\Miroslav Šušovica\Desktop\zoek.exe
2015-09-15 22:07 - 2015-09-15 22:07 - 01660416 _____ C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 01222144 _____ C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe
2015-09-15 17:02 - 2015-09-15 17:02 - 00000000 ____D C:\rsit
2015-09-12 13:05 - 2015-09-12 13:05 - 00000834 _____ C:\WINDOWS\setupact.log
2015-09-12 13:05 - 2015-09-12 13:05 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW
2014-09-06 17:16 - 2014-09-06 17:16 - 1508712 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF
2014-09-06 17:16 - 2014-09-06 17:16 - 1951080 _____ (Object Browser) C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF.exe
2014-05-17 00:36 - 2015-09-22 14:38 - 0000062 _____ () C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:8927A071
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value removed successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2890659564-3557197188-618029785-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKCR\PROTOCOLS\Filter\application/x-mfe-ipt" => key removed successfully
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => key not found.
Chrome StartupUrls removed successfully
Chrome NewTab removed successfully
"C:\Users\Miroslav Šušovica\Desktop\FRST.txt" => File/Folder not found.
C:\Users\Miroslav Šušovica\Desktop\FRSTLauncher.exe => moved successfully
C:\WINDOWS\PFRO.log => moved successfully
C:\WINDOWS\zoek-delete.exe => moved successfully
C:\zoek-results.log => moved successfully
C:\zoek_backup => moved successfully
C:\Users\Miroslav Šušovica\Desktop\zoek.exe => moved successfully
C:\Users\Miroslav Šušovica\Desktop\adwcleaner_5.007.exe => moved successfully
C:\Users\Miroslav Šušovica\Downloads\RSITx64.exe => moved successfully
C:\rsit => moved successfully
C:\WINDOWS\setupact.log => moved successfully
C:\WINDOWS\setuperr.log => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\JEXJW.exe => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\PWJELSF.exe => moved successfully
C:\Users\Miroslav Šušovica\AppData\Roaming\sp_data.sys => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":8927A071" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 910.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 10:25:44 ====
Re: Stále vyskakuje reklama offer wizard
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Stále vyskakuje reklama offer wizard
Vypadá to že už je v poriadku , žiadne reklamy zatiaľ , ďakujem Vám za pomoc a cením si Vašu skvelú prácu
Re: Stále vyskakuje reklama offer wizard
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Stále vyskakuje reklama offer wizard
Hotovo a CCleaner používam pravidelne takže ešte raz veľká vďaka za čas a trpezlivosť
Re: Stále vyskakuje reklama offer wizard
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?