Dobrý den,
pomůžete mi prosím?
V ntb se mi vždy chvíli po startu spustí proces svchost.exe, neustále běží a zatěžuje procesor na +-50%
Zkoušel jsem to odstranit pomocí adwcleaneru i mbamu. Oboje něco vyčistili a už nic nenachází, ale proces se stále spouští.
Zde je log z rsit:
Logfile of random's system information tool 1.10 (written by random/random)
Run by M at 2016-06-15 00:40:10
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 86 GB (29%) free of 295 GB
Total RAM: 3066 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:40:27, on 15.6.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16781)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\M\Desktop\RSIT.exe
C:\Program Files\trend micro\M.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_7730g
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_7730g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_7730g
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3634129065-144307380-22897537-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3634129065-144307380-22897537-1003\..\RunOnce: [AcerScrSav] C:\Windows\Acer\run_NB.exe (User 'UpdatusUser')
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files\Common Files\BattlEye\BEService.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
--
End of file - 8428 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "https://www.google.com/search"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.3.2]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default\searchplugins\
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-02 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-21 679680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-02 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-12 7405752]
"SystemExplorerAutoStart"=C:\Program Files\System Explorer\SystemExplorer.exe [2015-08-19 3389160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9]
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe /Auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
E:\hry\Origin\Origin.exe -AutoStart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2013-03-29 2081792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw]
E:\hry\Warface\Warface Launcher\live\nw.exe [2016-06-04 46350968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-05-12 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2007-10-23 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2016-01-05 14688512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScreenGif]
a []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2016-04-21 3077712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-10-06 596528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemExplorerAutoStart]
C:\Program Files\System Explorer\SystemExplorer.exe [2015-08-19 3389160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trigger New Acer AlaunchX]
c:\Acer\Preload\Command\AlaunchX\AppInRun.exe [2008-08-13 172032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2013-10-26 3607040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-02-12 723496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk]
C:\PROGRA~1\UNIVER~1\UMS.exe [2015-05-04 603866]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^M^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
C:\Users\M\AppData\Local\GAMERS~1\LIVE!\Live.exe [2013-06-25 2878504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2013-10-26 2972160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-06-14 20:28:43 ----D---- C:\Program Files\Common Files\Skype
2016-06-14 20:28:41 ----RD---- C:\Program Files\Skype
2016-06-13 00:38:30 ----A---- C:\Windows\system32\FNTCACHE.DAT
2016-06-12 20:16:08 ----A---- C:\Windows\system32\aswBoot.exe
2016-06-05 20:58:59 ----D---- C:\Program Files\Mozilla Firefox
2016-06-01 23:01:32 ----A---- C:\Windows\AviSplitter.INI
2016-05-31 19:11:13 ----D---- C:\Program Files\Apple Software Update
2016-05-31 01:51:34 ----D---- C:\Program Files\Hazem Osman
2016-05-31 00:55:19 ----D---- C:\Users\M\AppData\Roaming\Apple Computer
2016-05-31 00:49:05 ----D---- C:\Users\M\AppData\Roaming\RecoolTec
2016-05-30 23:51:17 ----D---- C:\Program Files\Free SWF to AVI Converter
2016-05-30 23:24:38 ----D---- C:\Users\M\AppData\Roaming\Apowersoft
2016-05-30 23:24:24 ----A---- C:\Windows\system32\wpcap.dll
2016-05-30 23:24:24 ----A---- C:\Windows\system32\pthreadVC.dll
2016-05-30 23:24:24 ----A---- C:\Windows\system32\Packet.dll
2016-05-30 23:24:24 ----A---- C:\Windows\system32\drivers\npf.sys
2016-05-30 23:24:17 ----D---- C:\ProgramData\Apowersoft
2016-05-30 23:24:17 ----D---- C:\Program Files\Apowersoft
2016-05-30 22:37:42 ----A---- C:\Windows\unvise32qt.exe
2016-05-30 22:37:33 ----D---- C:\Windows\system32\QuickTime
2016-05-30 22:37:32 ----D---- C:\Program Files\QuickTime
2016-05-30 22:36:44 ----D---- C:\oldver
2016-05-30 22:18:36 ----D---- C:\ProgramData\Apple
2016-05-30 22:18:35 ----D---- C:\Program Files\Common Files\Apple
2016-05-27 23:34:59 ----D---- C:\FFOutput
2016-05-27 23:34:17 ----D---- C:\Program Files\FormatFactory
2016-05-22 00:35:43 ----D---- C:\Program Files\MP3 to WAV Converter
2016-05-21 13:57:35 ----A---- C:\Windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2016-06-15 00:40:20 ----D---- C:\Program Files\trend micro
2016-06-15 00:40:13 ----D---- C:\Windows\Temp
2016-06-15 00:32:53 ----D---- C:\AdwCleaner
2016-06-15 00:19:26 ----D---- C:\Windows\System32
2016-06-15 00:19:26 ----D---- C:\Windows\inf
2016-06-15 00:19:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-15 00:07:44 ----HD---- C:\ProgramData
2016-06-14 23:57:08 ----RD---- C:\Program Files
2016-06-14 23:56:49 ----D---- C:\Windows\system32\drivers
2016-06-14 23:36:51 ----D---- C:\Users\M\AppData\Roaming\uTorrent
2016-06-14 22:25:01 ----A---- C:\Users\M\AppData\Roaming\wpulog.txt
2016-06-14 20:30:07 ----D---- C:\Users\M\AppData\Roaming\Skype
2016-06-14 20:28:58 ----SHD---- C:\Windows\Installer
2016-06-14 20:28:58 ----D---- C:\ProgramData\Skype
2016-06-14 20:28:43 ----D---- C:\Program Files\Common Files
2016-06-13 18:58:23 ----D---- C:\Windows\system32\catroot2
2016-06-13 00:42:56 ----D---- C:\Windows\SoftwareDistribution
2016-06-13 00:42:10 ----D---- C:\Windows\Prefetch
2016-06-13 00:41:50 ----D---- C:\Windows
2016-06-13 00:38:44 ----D---- C:\Windows\Debug
2016-06-12 21:54:32 ----D---- C:\Users\M\AppData\Roaming\Wise Care 365
2016-06-12 21:50:45 ----D---- C:\Users\M\AppData\Roaming\Winamp
2016-06-12 21:37:53 ----D---- C:\Windows\Tasks
2016-06-12 21:37:30 ----D---- C:\Windows\system32\config
2016-06-12 21:35:05 ----SHD---- C:\System Volume Information
2016-06-12 20:20:27 ----D---- C:\Windows\system32\Tasks
2016-06-12 20:11:43 ----D---- C:\Windows\system32\Msdtc
2016-06-12 20:11:40 ----D---- C:\Windows\system32\wbem
2016-06-12 20:01:40 ----D---- C:\Windows\system32\spool
2016-06-12 20:01:40 ----D---- C:\Windows\system32\drivers\etc
2016-06-12 20:01:31 ----D---- C:\ProgramData\SystemExplorer
2016-06-12 20:01:31 ----D---- C:\Program Files\Steam
2016-06-12 20:01:18 ----D---- C:\Windows\registration
2016-06-06 19:30:58 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-06-04 21:22:30 ----D---- C:\ProgramData\GFACE
2016-05-31 01:46:34 ----D---- C:\Users\M\AppData\Roaming\avidemux
2016-05-30 23:51:25 ----D---- C:\Program Files\AviSynth 2.5
2016-05-30 22:37:40 ----D---- C:\Program Files\Internet Explorer
2016-05-30 22:19:43 ----D---- C:\Windows\winsxs
2016-05-29 19:38:06 ----SD---- C:\Users\M\AppData\Roaming\Microsoft
2016-05-24 21:01:27 ----A---- C:\Windows\wininit.ini
2016-05-21 19:29:31 ----D---- C:\Users\M\AppData\Roaming\AVI ReComp
2016-05-19 19:25:12 ----D---- C:\Program Files\Handbrake
2016-05-19 19:25:07 ----D---- C:\Users\M\AppData\Roaming\HandBrake
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2013-10-26 43184]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-21 58776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-21 221368]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 nhcDriverDevice;Notebook Hardware Control Driver; C:\Windows\system32\drivers\nhcDriver.sys [2014-01-19 71680]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-03-04 18992]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-11-11 324096]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-21 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2016-05-21 64272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-21 815792]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-21 449640]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-10 243128]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2015-11-02 23840]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-21 32792]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-21 91168]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-03-01 279712]
R2 Int15;Int 15; \??\C:\Windows\System32\drivers\int15.sys [2007-01-26 69632]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-03-01 25888]
R2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys [2015-10-12 36600]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2016-05-21 187208]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2008-04-25 146688]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2016-01-06 415000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2016-01-05 3629312]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2015-11-02 140376]
R3 NETwNv32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwNv32.sys [2015-11-02 7346176]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2015-11-02 162592]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-04-23 10718264]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2016-05-21 67216]
S3 aupd48ms;aupd48ms; C:\Windows\system32\drivers\aupd48ms.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-02-26 84248]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2013-03-07 9160]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2015-11-02 56832]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 PAC7302;Telescope Driver; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-11-08 458752]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 181912]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WiseHDInfo;WiseHDInfo; \??\C:\Windows\WiseHDInfo32.dll [2015-12-24 13264]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-21 243296]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 678968]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2013-12-28 76888]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files\System Explorer\service\SystemExplorerService.exe [2014-12-20 567008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12 269504]
S3 BEService;BattlEye Service; C:\Program Files\Common Files\BattlEye\BEService.exe [2016-02-11 1089056]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-14 107848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-14 107848]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2016-05-08 68096]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-05 146888]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-11-19 489256]
S3 WiseBootAssistant;Wise Boot Assistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [2015-08-06 580144]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2013-10-26 3471360]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Notebook 50%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Notebook 50%
ahoj,
xvchost je systemovy nesnaz sa ho nicit
Vycisti registre CCleanerom - ak po restarte budu stale problemy, vloz log FRST
xvchost je systemovy nesnaz sa ho nicit
Vycisti registre CCleanerom - ak po restarte budu stale problemy, vloz log FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Notebook 50%
Tak ccleaner něco smazal, ale stále to běží a bere 50%...
Log FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-06-2016
Ran by M (administrator) on M-PC (15-06-2016 22:40:43)
Running from C:\Users\M\Desktop
Loaded Profiles: M & UpdatusUser (Available Profiles: M & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\ACER\Mobility Center\MobilityService.exe
(Mister Group) C:\Program Files\System Explorer\SystemExplorer.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mister Group) C:\Program Files\System Explorer\service\SystemExplorerService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\M\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-12] (AVAST Software)
HKLM\...\Run: [SystemExplorerAutoStart] => "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2013-10-26] (Arachnoid Biometrics Identification Group Corp.)
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {0e128b00-98c6-11e4-8ac5-00238b31066e} - F:\setup.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {c55c0dc0-5517-11e3-953b-806e6f6e6963} - F:\SaboteurLauncher.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1003\...\RunOnce: [AcerScrSav] => C:\Windows\Acer\run_NB.exe [24576 2007-08-21] ()
HKU\S-1-5-21-3634129065-144307380-22897537-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [83554304 2007-04-19] ()
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-05-21] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (Egis Incorporated)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3634129065-144307380-22897537-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{E6F04CBD-EA0B-421A-9854-1216716F6FAB}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{FCFE238E-CEA1-4864-8404-B34A64FA7D91}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-02] (Oracle Corporation)
BHO: No Name -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-21] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-02] (Oracle Corporation)
Toolbar: HKLM - No Name - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default
FF DefaultSearchUrl: hxxps://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxps://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin: @esn/npbattlelog,version=2.3.2 -> C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Greasemonkey - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-29] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-12]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Tampermonkey) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-26]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (电脑管家上网防护) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-21] (AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [1089056 2016-02-11] ()
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S4 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2013-10-26] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2016-05-08] () [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-28] ()
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2013-10-26] (Alfa Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-05-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-05-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-05-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-05-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-05-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-05-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-05-21] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [187208 2016-05-21] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67216 2016-05-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-05-21] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2015-03-01] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-01-10] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2015-11-02] (GenesysLogic)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-11-02] (REALiX(tm))
R2 Int15; C:\Windows\System32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2015-03-01] ()
R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [7346176 2015-11-02] (Intel Corporation)
R0 nhcDriverDevice; C:\Windows\System32\drivers\nhcDriver.sys [71680 2014-01-19] (Notebook Hardware Control) [File not signed]
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-10-12] (Riverbed Technology, Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2015-11-11] (Duplex Secure Ltd.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-12-24] (wisecleaner.com)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-05-09] (Cyberlink Corp.)
S3 DKbFltr; system32\DRIVERS\DKbFltr.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
U3 a8h2tbg1; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-15 22:40 - 2016-06-15 22:41 - 00018392 _____ C:\Users\M\Desktop\FRST.txt
2016-06-15 22:40 - 2016-06-15 22:40 - 00000000 ____D C:\FRST
2016-06-15 22:39 - 2016-06-15 22:39 - 00112640 _____ (forum.viry.cz) C:\Users\M\Desktop\FRSTLauncher.exe
2016-06-15 22:38 - 2016-06-15 22:38 - 01736192 _____ (Farbar) C:\Users\M\Desktop\FRST.exe
2016-06-15 00:39 - 2016-06-15 00:39 - 01107968 _____ C:\Users\M\Desktop\RSIT.exe
2016-06-14 23:57 - 2016-06-14 23:57 - 03703360 _____ C:\Users\M\Desktop\adwcleaner_5.200.exe
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ___RD C:\Program Files\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-06-13 00:40 - 2016-06-13 00:40 - 00089808 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-13 00:38 - 2016-06-13 00:39 - 00343160 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 20:16 - 2016-05-21 13:57 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-05 20:58 - 2016-06-05 20:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-04 23:36 - 2016-06-04 23:37 - 00000000 ____D C:\Users\M\Desktop\prevodniky
2016-06-04 21:22 - 2016-06-04 22:42 - 00000000 ____D C:\Users\M\AppData\Local\u-launcher
2016-06-01 23:01 - 2016-06-13 22:42 - 00000038 _____ C:\Windows\AviSplitter.INI
2016-05-31 19:11 - 2016-05-31 19:11 - 00000000 ____D C:\Program Files\Apple Software Update
2016-05-31 01:51 - 2016-05-31 01:51 - 00001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Edit Master.lnk
2016-05-31 01:51 - 2016-05-31 01:51 - 00000000 ____D C:\Program Files\Hazem Osman
2016-05-31 00:55 - 2016-05-31 00:55 - 00000000 ____D C:\Users\M\AppData\Roaming\Apple Computer
2016-05-31 00:49 - 2016-05-31 00:49 - 00000000 ____D C:\Users\M\AppData\Roaming\RecoolTec
2016-05-30 23:52 - 2016-05-30 23:52 - 00000000 ____D C:\Users\M\Documents\Free SWF to AVI Converter
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\Program Files\Free SWF to AVI Converter
2016-05-30 23:51 - 2011-04-12 21:43 - 00219136 _____ (SWF Converter) C:\Windows\system32\frvSource.ax
2016-05-30 23:26 - 2016-05-30 23:26 - 00000000 ____D C:\Users\M\Documents\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Program Files\Apowersoft
2016-05-30 23:24 - 2015-10-12 12:05 - 00282360 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00098040 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00053299 _____ C:\Windows\system32\pthreadVC.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2016-05-30 22:37 - 2016-06-04 15:35 - 00054156 ____H C:\Windows\QTFont.qfn
2016-05-30 22:37 - 2016-05-30 22:37 - 00000850 _____ C:\Users\UpdatusUser\Desktop\QuickTime Player.lnk
2016-05-30 22:37 - 2016-05-30 22:37 - 00000607 _____ C:\Windows\system32\QuickTime.qtp
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Windows\system32\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Program Files\QuickTime
2016-05-30 22:37 - 1999-11-10 12:05 - 00086016 _____ (MindVision) C:\Windows\unvise32qt.exe
2016-05-30 22:36 - 2016-05-30 22:36 - 00000000 ____D C:\oldver
2016-05-30 22:20 - 2016-05-30 22:20 - 00000000 ____D C:\Users\M\AppData\Local\Apple
2016-05-30 22:19 - 2016-05-31 19:11 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\ProgramData\Apple
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-30 22:17 - 2016-05-30 22:17 - 00000000 ____D C:\Users\M\AppData\LocalLow\Apple Computer
2016-05-27 23:34 - 2016-05-27 23:53 - 00000000 ____D C:\FFOutput
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Program Files\FormatFactory
2016-05-25 19:19 - 2016-05-25 19:19 - 00141189 _____ C:\Users\M\Desktop\vop.pdf
2016-05-22 00:35 - 2016-05-22 00:35 - 00000816 _____ C:\Users\UpdatusUser\Desktop\MP3 to WAV Converter.lnk
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 to WAV Converter
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\Program Files\MP3 to WAV Converter
2016-05-22 00:34 - 2016-05-22 00:35 - 00908861 _____ (AbyssMedia.com ) C:\Users\M\Desktop\mp3towav.exe
2016-05-21 13:57 - 2016-05-21 13:57 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-15 22:28 - 2013-10-26 21:47 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-15 22:26 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-15 22:26 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-15 22:20 - 2013-12-17 19:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-15 20:26 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-15 20:24 - 2013-12-22 16:20 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-15 20:24 - 2006-11-02 15:01 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-15 20:23 - 2015-05-20 22:16 - 00000000 ____D C:\AdwCleaner
2016-06-15 00:40 - 2014-07-20 23:25 - 00000000 ____D C:\Program Files\trend micro
2016-06-15 00:19 - 2008-01-21 08:47 - 01531394 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-15 00:19 - 2008-01-21 08:46 - 00644980 _____ C:\Windows\system32\perfh005.dat
2016-06-15 00:19 - 2008-01-21 08:46 - 00137618 _____ C:\Windows\system32\perfc005.dat
2016-06-15 00:19 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-14 23:36 - 2014-10-22 22:16 - 00000000 ____D C:\Users\M\AppData\Roaming\uTorrent
2016-06-14 22:25 - 2015-12-24 23:34 - 00001366 _____ C:\Users\M\AppData\Roaming\wpulog.txt
2016-06-14 20:30 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Roaming\Skype
2016-06-14 20:28 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Local\Skype
2016-06-14 20:28 - 2014-07-24 22:41 - 00000000 ____D C:\ProgramData\Skype
2016-06-12 21:54 - 2015-12-24 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Wise Care 365
2016-06-12 21:50 - 2013-12-29 12:29 - 00000000 ____D C:\Users\M\AppData\Roaming\Winamp
2016-06-12 21:37 - 2015-12-27 02:31 - 00172032 _____ C:\Windows\system32\config\DEFAULT.rhk
2016-06-12 21:37 - 2015-12-27 02:31 - 00053248 _____ C:\Windows\system32\config\SAM.rhk
2016-06-12 21:37 - 2015-12-27 02:29 - 45576192 _____ C:\Windows\system32\config\SOFTWARE.rhk
2016-06-12 21:36 - 2015-12-27 02:29 - 00024576 _____ C:\Windows\system32\config\SECURITY.rhk
2016-06-12 21:26 - 2015-12-25 19:55 - 00000000 ____D C:\Users\M\Desktop\Nová složka (3)
2016-06-12 20:37 - 2013-10-27 00:03 - 00151552 _____ C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-12 20:11 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-12 20:09 - 2006-11-02 12:22 - 47185920 _____ C:\Windows\system32\config\software_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 43778048 _____ C:\Windows\system32\config\components_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 36962304 _____ C:\Windows\system32\config\system_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00176128 _____ C:\Windows\system32\config\default_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00053248 _____ C:\Windows\system32\config\sam_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00024576 _____ C:\Windows\system32\config\security_previous
2016-06-12 20:02 - 2014-02-09 17:00 - 00000000 ____D C:\Users\UpdatusUser
2016-06-12 20:01 - 2015-11-17 01:40 - 00000000 ____D C:\Users\M\AppData\Local\GamersFirst LIVE!
2016-06-12 20:01 - 2015-07-10 22:29 - 00000000 ____D C:\ProgramData\SystemExplorer
2016-06-12 20:01 - 2014-10-26 23:03 - 00000000 ____D C:\Users\M\AppData\Local\Glyph
2016-06-12 20:01 - 2013-10-26 22:43 - 00000000 ____D C:\Program Files\Steam
2016-06-12 20:01 - 2013-10-26 20:57 - 00000000 ____D C:\Users\M
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2016-06-06 19:30 - 2014-06-12 00:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-04 23:37 - 2016-01-31 22:00 - 00000000 ____D C:\Users\M\Desktop\gif
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\Users\M\AppData\Local\wf-launcher
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\ProgramData\GFACE
2016-06-04 15:41 - 2013-12-21 16:06 - 00000000 ____D C:\Users\M\AppData\Local\ArmA 2 OA
2016-05-31 01:46 - 2016-02-28 20:07 - 00000000 ____D C:\Users\M\AppData\Roaming\avidemux
2016-05-30 23:51 - 2013-11-09 20:55 - 00000000 ____D C:\Program Files\AviSynth 2.5
2016-05-28 23:11 - 2015-04-05 14:37 - 00001292 _____ C:\Users\M\Desktop\lokace.txt
2016-05-24 21:01 - 2015-12-22 19:34 - 00001210 _____ C:\Windows\wininit.ini
2016-05-21 19:29 - 2013-11-09 20:57 - 00000000 ____D C:\Users\M\AppData\Roaming\AVI ReComp
2016-05-21 13:57 - 2016-03-27 15:48 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-05-21 13:57 - 2015-07-23 20:41 - 00187208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00815792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00449640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00221368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00067216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-05-19 19:25 - 2015-05-13 21:15 - 00000000 ____D C:\Users\M\AppData\Roaming\HandBrake
2016-05-19 19:25 - 2015-05-13 21:13 - 00000000 ____D C:\Program Files\Handbrake
==================== Files in the root of some directories =======
2015-12-06 22:44 - 2016-02-28 21:18 - 0000551 _____ () C:\Users\M\AppData\Roaming\AutoGK.ini
2016-03-25 20:47 - 2016-03-25 20:47 - 0005120 _____ () C:\Users\M\AppData\Roaming\GiftBag.db
2015-11-17 02:58 - 2015-11-17 02:58 - 0101734 _____ () C:\Users\M\AppData\Roaming\icarus-dxdiag.xml
2005-04-08 04:16 - 2005-04-08 04:16 - 2071301 ____H () C:\Users\M\AppData\Roaming\Mv1.18.0 - Trial versionlog.dat
2013-12-28 15:15 - 2013-12-28 15:15 - 0138056 _____ () C:\Users\M\AppData\Roaming\PnkBstrK.sys
2015-12-24 23:34 - 2016-06-14 22:25 - 0001366 _____ () C:\Users\M\AppData\Roaming\wpulog.txt
2013-10-26 20:57 - 2013-10-26 21:57 - 0000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2013-10-27 00:03 - 2016-06-12 20:37 - 0151552 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-05 23:05 - 2015-01-11 18:23 - 0067799 _____ () C:\Users\M\AppData\Local\HWVendorDetection.log
2014-01-28 20:11 - 2014-02-22 15:16 - 0002728 _____ () C:\Users\M\AppData\Local\SRDownloader.nast
2015-11-02 01:30 - 2015-11-02 01:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\M\avidemux_2.6.10_win32.exe
C:\Users\M\BioniX Wallpaper Setup.exe
C:\Users\M\instsf450 (1).exe
C:\Users\M\mbam-setup-2.1.4.1018.exe
C:\Users\M\mp3DC221.exe
Some files in TEMP:
====================
C:\Users\M\AppData\Local\Temp\libeay32.dll
C:\Users\M\AppData\Local\Temp\msvcr120.dll
C:\Users\M\AppData\Local\Temp\Quarantine.exe
C:\Users\M\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\M\Desktop" je 7871 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9
"C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
C:\Windows\AutoKMS.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray
"C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"E:\hry\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe
C:\Windows\ehome\ehTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw
"E:\hry\Warface\Warface Launcher\live\nw.exe" --autostart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor
C:\Windows\PixArt\PAC7302\Monitor.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie
"C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI
C:\Windows\PLFSetI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg
"C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
"C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScreenGif
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemExplorerAutoStart
c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trigger New Acer AlaunchX
C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter
C:\Program Files\Xvid\CheckUpdate.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
"C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk
C:\PROGRA~1\UNIVER~1\UMS.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^M^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk
C:\Users\M\AppData\Local\GAMERS~1\LIVE\Live.exe /silent [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Addition.txt je v příloze.
Log FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-06-2016
Ran by M (administrator) on M-PC (15-06-2016 22:40:43)
Running from C:\Users\M\Desktop
Loaded Profiles: M & UpdatusUser (Available Profiles: M & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\ACER\Mobility Center\MobilityService.exe
(Mister Group) C:\Program Files\System Explorer\SystemExplorer.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mister Group) C:\Program Files\System Explorer\service\SystemExplorerService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\M\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-12] (AVAST Software)
HKLM\...\Run: [SystemExplorerAutoStart] => "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2013-10-26] (Arachnoid Biometrics Identification Group Corp.)
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {0e128b00-98c6-11e4-8ac5-00238b31066e} - F:\setup.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {c55c0dc0-5517-11e3-953b-806e6f6e6963} - F:\SaboteurLauncher.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1003\...\RunOnce: [AcerScrSav] => C:\Windows\Acer\run_NB.exe [24576 2007-08-21] ()
HKU\S-1-5-21-3634129065-144307380-22897537-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [83554304 2007-04-19] ()
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-05-21] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (Egis Incorporated)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3634129065-144307380-22897537-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{E6F04CBD-EA0B-421A-9854-1216716F6FAB}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{FCFE238E-CEA1-4864-8404-B34A64FA7D91}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-02] (Oracle Corporation)
BHO: No Name -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-21] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-02] (Oracle Corporation)
Toolbar: HKLM - No Name - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default
FF DefaultSearchUrl: hxxps://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxps://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin: @esn/npbattlelog,version=2.3.2 -> C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Greasemonkey - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-29] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-12]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Tampermonkey) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-26]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (电脑管家上网防护) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-21] (AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [1089056 2016-02-11] ()
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S4 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2013-10-26] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2016-05-08] () [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-28] ()
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2013-10-26] (Alfa Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-05-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-05-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-05-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-05-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-05-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-05-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-05-21] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [187208 2016-05-21] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67216 2016-05-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-05-21] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2015-03-01] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-01-10] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2015-11-02] (GenesysLogic)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-11-02] (REALiX(tm))
R2 Int15; C:\Windows\System32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2015-03-01] ()
R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [7346176 2015-11-02] (Intel Corporation)
R0 nhcDriverDevice; C:\Windows\System32\drivers\nhcDriver.sys [71680 2014-01-19] (Notebook Hardware Control) [File not signed]
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-10-12] (Riverbed Technology, Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2015-11-11] (Duplex Secure Ltd.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-12-24] (wisecleaner.com)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-05-09] (Cyberlink Corp.)
S3 DKbFltr; system32\DRIVERS\DKbFltr.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
U3 a8h2tbg1; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-15 22:40 - 2016-06-15 22:41 - 00018392 _____ C:\Users\M\Desktop\FRST.txt
2016-06-15 22:40 - 2016-06-15 22:40 - 00000000 ____D C:\FRST
2016-06-15 22:39 - 2016-06-15 22:39 - 00112640 _____ (forum.viry.cz) C:\Users\M\Desktop\FRSTLauncher.exe
2016-06-15 22:38 - 2016-06-15 22:38 - 01736192 _____ (Farbar) C:\Users\M\Desktop\FRST.exe
2016-06-15 00:39 - 2016-06-15 00:39 - 01107968 _____ C:\Users\M\Desktop\RSIT.exe
2016-06-14 23:57 - 2016-06-14 23:57 - 03703360 _____ C:\Users\M\Desktop\adwcleaner_5.200.exe
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ___RD C:\Program Files\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-06-13 00:40 - 2016-06-13 00:40 - 00089808 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-13 00:38 - 2016-06-13 00:39 - 00343160 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 20:16 - 2016-05-21 13:57 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-05 20:58 - 2016-06-05 20:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-04 23:36 - 2016-06-04 23:37 - 00000000 ____D C:\Users\M\Desktop\prevodniky
2016-06-04 21:22 - 2016-06-04 22:42 - 00000000 ____D C:\Users\M\AppData\Local\u-launcher
2016-06-01 23:01 - 2016-06-13 22:42 - 00000038 _____ C:\Windows\AviSplitter.INI
2016-05-31 19:11 - 2016-05-31 19:11 - 00000000 ____D C:\Program Files\Apple Software Update
2016-05-31 01:51 - 2016-05-31 01:51 - 00001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Edit Master.lnk
2016-05-31 01:51 - 2016-05-31 01:51 - 00000000 ____D C:\Program Files\Hazem Osman
2016-05-31 00:55 - 2016-05-31 00:55 - 00000000 ____D C:\Users\M\AppData\Roaming\Apple Computer
2016-05-31 00:49 - 2016-05-31 00:49 - 00000000 ____D C:\Users\M\AppData\Roaming\RecoolTec
2016-05-30 23:52 - 2016-05-30 23:52 - 00000000 ____D C:\Users\M\Documents\Free SWF to AVI Converter
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\Program Files\Free SWF to AVI Converter
2016-05-30 23:51 - 2011-04-12 21:43 - 00219136 _____ (SWF Converter) C:\Windows\system32\frvSource.ax
2016-05-30 23:26 - 2016-05-30 23:26 - 00000000 ____D C:\Users\M\Documents\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Program Files\Apowersoft
2016-05-30 23:24 - 2015-10-12 12:05 - 00282360 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00098040 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00053299 _____ C:\Windows\system32\pthreadVC.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2016-05-30 22:37 - 2016-06-04 15:35 - 00054156 ____H C:\Windows\QTFont.qfn
2016-05-30 22:37 - 2016-05-30 22:37 - 00000850 _____ C:\Users\UpdatusUser\Desktop\QuickTime Player.lnk
2016-05-30 22:37 - 2016-05-30 22:37 - 00000607 _____ C:\Windows\system32\QuickTime.qtp
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Windows\system32\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Program Files\QuickTime
2016-05-30 22:37 - 1999-11-10 12:05 - 00086016 _____ (MindVision) C:\Windows\unvise32qt.exe
2016-05-30 22:36 - 2016-05-30 22:36 - 00000000 ____D C:\oldver
2016-05-30 22:20 - 2016-05-30 22:20 - 00000000 ____D C:\Users\M\AppData\Local\Apple
2016-05-30 22:19 - 2016-05-31 19:11 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\ProgramData\Apple
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-30 22:17 - 2016-05-30 22:17 - 00000000 ____D C:\Users\M\AppData\LocalLow\Apple Computer
2016-05-27 23:34 - 2016-05-27 23:53 - 00000000 ____D C:\FFOutput
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Program Files\FormatFactory
2016-05-25 19:19 - 2016-05-25 19:19 - 00141189 _____ C:\Users\M\Desktop\vop.pdf
2016-05-22 00:35 - 2016-05-22 00:35 - 00000816 _____ C:\Users\UpdatusUser\Desktop\MP3 to WAV Converter.lnk
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 to WAV Converter
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\Program Files\MP3 to WAV Converter
2016-05-22 00:34 - 2016-05-22 00:35 - 00908861 _____ (AbyssMedia.com ) C:\Users\M\Desktop\mp3towav.exe
2016-05-21 13:57 - 2016-05-21 13:57 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-15 22:28 - 2013-10-26 21:47 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-15 22:26 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-15 22:26 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-15 22:20 - 2013-12-17 19:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-15 20:26 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-15 20:24 - 2013-12-22 16:20 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-15 20:24 - 2006-11-02 15:01 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-15 20:23 - 2015-05-20 22:16 - 00000000 ____D C:\AdwCleaner
2016-06-15 00:40 - 2014-07-20 23:25 - 00000000 ____D C:\Program Files\trend micro
2016-06-15 00:19 - 2008-01-21 08:47 - 01531394 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-15 00:19 - 2008-01-21 08:46 - 00644980 _____ C:\Windows\system32\perfh005.dat
2016-06-15 00:19 - 2008-01-21 08:46 - 00137618 _____ C:\Windows\system32\perfc005.dat
2016-06-15 00:19 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-14 23:36 - 2014-10-22 22:16 - 00000000 ____D C:\Users\M\AppData\Roaming\uTorrent
2016-06-14 22:25 - 2015-12-24 23:34 - 00001366 _____ C:\Users\M\AppData\Roaming\wpulog.txt
2016-06-14 20:30 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Roaming\Skype
2016-06-14 20:28 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Local\Skype
2016-06-14 20:28 - 2014-07-24 22:41 - 00000000 ____D C:\ProgramData\Skype
2016-06-12 21:54 - 2015-12-24 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Wise Care 365
2016-06-12 21:50 - 2013-12-29 12:29 - 00000000 ____D C:\Users\M\AppData\Roaming\Winamp
2016-06-12 21:37 - 2015-12-27 02:31 - 00172032 _____ C:\Windows\system32\config\DEFAULT.rhk
2016-06-12 21:37 - 2015-12-27 02:31 - 00053248 _____ C:\Windows\system32\config\SAM.rhk
2016-06-12 21:37 - 2015-12-27 02:29 - 45576192 _____ C:\Windows\system32\config\SOFTWARE.rhk
2016-06-12 21:36 - 2015-12-27 02:29 - 00024576 _____ C:\Windows\system32\config\SECURITY.rhk
2016-06-12 21:26 - 2015-12-25 19:55 - 00000000 ____D C:\Users\M\Desktop\Nová složka (3)
2016-06-12 20:37 - 2013-10-27 00:03 - 00151552 _____ C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-12 20:11 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-12 20:09 - 2006-11-02 12:22 - 47185920 _____ C:\Windows\system32\config\software_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 43778048 _____ C:\Windows\system32\config\components_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 36962304 _____ C:\Windows\system32\config\system_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00176128 _____ C:\Windows\system32\config\default_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00053248 _____ C:\Windows\system32\config\sam_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00024576 _____ C:\Windows\system32\config\security_previous
2016-06-12 20:02 - 2014-02-09 17:00 - 00000000 ____D C:\Users\UpdatusUser
2016-06-12 20:01 - 2015-11-17 01:40 - 00000000 ____D C:\Users\M\AppData\Local\GamersFirst LIVE!
2016-06-12 20:01 - 2015-07-10 22:29 - 00000000 ____D C:\ProgramData\SystemExplorer
2016-06-12 20:01 - 2014-10-26 23:03 - 00000000 ____D C:\Users\M\AppData\Local\Glyph
2016-06-12 20:01 - 2013-10-26 22:43 - 00000000 ____D C:\Program Files\Steam
2016-06-12 20:01 - 2013-10-26 20:57 - 00000000 ____D C:\Users\M
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2016-06-06 19:30 - 2014-06-12 00:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-04 23:37 - 2016-01-31 22:00 - 00000000 ____D C:\Users\M\Desktop\gif
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\Users\M\AppData\Local\wf-launcher
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\ProgramData\GFACE
2016-06-04 15:41 - 2013-12-21 16:06 - 00000000 ____D C:\Users\M\AppData\Local\ArmA 2 OA
2016-05-31 01:46 - 2016-02-28 20:07 - 00000000 ____D C:\Users\M\AppData\Roaming\avidemux
2016-05-30 23:51 - 2013-11-09 20:55 - 00000000 ____D C:\Program Files\AviSynth 2.5
2016-05-28 23:11 - 2015-04-05 14:37 - 00001292 _____ C:\Users\M\Desktop\lokace.txt
2016-05-24 21:01 - 2015-12-22 19:34 - 00001210 _____ C:\Windows\wininit.ini
2016-05-21 19:29 - 2013-11-09 20:57 - 00000000 ____D C:\Users\M\AppData\Roaming\AVI ReComp
2016-05-21 13:57 - 2016-03-27 15:48 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-05-21 13:57 - 2015-07-23 20:41 - 00187208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00815792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00449640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00221368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00067216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-05-21 13:57 - 2014-07-25 01:12 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-05-19 19:25 - 2015-05-13 21:15 - 00000000 ____D C:\Users\M\AppData\Roaming\HandBrake
2016-05-19 19:25 - 2015-05-13 21:13 - 00000000 ____D C:\Program Files\Handbrake
==================== Files in the root of some directories =======
2015-12-06 22:44 - 2016-02-28 21:18 - 0000551 _____ () C:\Users\M\AppData\Roaming\AutoGK.ini
2016-03-25 20:47 - 2016-03-25 20:47 - 0005120 _____ () C:\Users\M\AppData\Roaming\GiftBag.db
2015-11-17 02:58 - 2015-11-17 02:58 - 0101734 _____ () C:\Users\M\AppData\Roaming\icarus-dxdiag.xml
2005-04-08 04:16 - 2005-04-08 04:16 - 2071301 ____H () C:\Users\M\AppData\Roaming\Mv1.18.0 - Trial versionlog.dat
2013-12-28 15:15 - 2013-12-28 15:15 - 0138056 _____ () C:\Users\M\AppData\Roaming\PnkBstrK.sys
2015-12-24 23:34 - 2016-06-14 22:25 - 0001366 _____ () C:\Users\M\AppData\Roaming\wpulog.txt
2013-10-26 20:57 - 2013-10-26 21:57 - 0000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2013-10-27 00:03 - 2016-06-12 20:37 - 0151552 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-05 23:05 - 2015-01-11 18:23 - 0067799 _____ () C:\Users\M\AppData\Local\HWVendorDetection.log
2014-01-28 20:11 - 2014-02-22 15:16 - 0002728 _____ () C:\Users\M\AppData\Local\SRDownloader.nast
2015-11-02 01:30 - 2015-11-02 01:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\M\avidemux_2.6.10_win32.exe
C:\Users\M\BioniX Wallpaper Setup.exe
C:\Users\M\instsf450 (1).exe
C:\Users\M\mbam-setup-2.1.4.1018.exe
C:\Users\M\mp3DC221.exe
Some files in TEMP:
====================
C:\Users\M\AppData\Local\Temp\libeay32.dll
C:\Users\M\AppData\Local\Temp\msvcr120.dll
C:\Users\M\AppData\Local\Temp\Quarantine.exe
C:\Users\M\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\M\Desktop" je 7871 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9
"C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
C:\Windows\AutoKMS.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray
"C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"E:\hry\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray
C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe
C:\Windows\ehome\ehTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw
"E:\hry\Warface\Warface Launcher\live\nw.exe" --autostart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor
C:\Windows\PixArt\PAC7302\Monitor.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie
"C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI
C:\Windows\PLFSetI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg
"C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
"C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScreenGif
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemExplorerAutoStart
c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trigger New Acer AlaunchX
C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter
C:\Program Files\Xvid\CheckUpdate.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
"C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk
C:\PROGRA~1\UNIVER~1\UMS.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^M^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk
C:\Users\M\AppData\Local\GAMERS~1\LIVE\Live.exe /silent [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Addition.txt je v příloze.
- Přílohy
-
- Addition.rar
- (4.63 KiB) Staženo 46 x
Re: Notebook 50%
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
BHO: No Name -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> No File
CHR Extension: (电脑管家上网防护) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-15]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9
"C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
C:\Windows\AutoKMS.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"E:\hry\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw
"E:\hry\Warface\Warface Launcher\live\nw.exe" --autostart [x]
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Notebook 50%
Fix result of Farbar Recovery Scan Tool (x86) Version:15-06-2016
Ran by M (2016-06-16 19:43:27) Run:1
Running from C:\Users\M\Desktop
Loaded Profiles: M & UpdatusUser (Available Profiles: M & UpdatusUser)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
BHO: No Name -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> No File
CHR Extension: (????????) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-15]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9
"C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
C:\Windows\AutoKMS.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"E:\hry\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw
"E:\hry\Warface\Warface Launcher\live\nw.exe" --autostart [x]
EmptyTemp:
Reboot:
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}" => key removed successfully.
HKCR\CLSID\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} => key not found.
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9 => Error: No automatic fix found for this entry.
"C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe /Auto [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS => Error: No automatic fix found for this entry.
"C:\Windows\AutoKMS.exe [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate => Error: No automatic fix found for this entry.
"C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe -c [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop => Error: No automatic fix found for this entry.
"C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Error: No automatic fix found for this entry.
"C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM => Error: No automatic fix found for this entry.
"E:\hry\Origin\Origin.exe -AutoStart [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe => Error: No automatic fix found for this entry.
"C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw => Error: No automatic fix found for this entry.
"E:\hry\Warface\Warface Launcher\live\nw.exe --autostart [x]" => not found.
EmptyTemp: => 680.4 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:45:11 ====
Mohu ještě poprosit, jestli by se z toho všeho nedalo nějak zjistit, co všechno se děje při startu, že trvá skoro 3 minuty? Dříve start trval daleko kratší dobu, ale časem se dost prodloužil...
Ran by M (2016-06-16 19:43:27) Run:1
Running from C:\Users\M\Desktop
Loaded Profiles: M & UpdatusUser (Available Profiles: M & UpdatusUser)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
BHO: No Name -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> No File
CHR Extension: (????????) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-15]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9
"C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
C:\Windows\AutoKMS.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"E:\hry\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw
"E:\hry\Warface\Warface Launcher\live\nw.exe" --autostart [x]
EmptyTemp:
Reboot:
End
*****************
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}" => key removed successfully.
HKCR\CLSID\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} => key not found.
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9 => Error: No automatic fix found for this entry.
"C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe /Auto [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS => Error: No automatic fix found for this entry.
"C:\Windows\AutoKMS.exe [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate => Error: No automatic fix found for this entry.
"C:\Users\M\AppData\Roaming\Seznam.cz\szninstall.exe -c [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop => Error: No automatic fix found for this entry.
"C:\Users\M\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Error: No automatic fix found for this entry.
"C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM => Error: No automatic fix found for this entry.
"E:\hry\Origin\Origin.exe -AutoStart [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe => Error: No automatic fix found for this entry.
"C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nw => Error: No automatic fix found for this entry.
"E:\hry\Warface\Warface Launcher\live\nw.exe --autostart [x]" => not found.
EmptyTemp: => 680.4 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:45:11 ====
Mohu ještě poprosit, jestli by se z toho všeho nedalo nějak zjistit, co všechno se děje při startu, že trvá skoro 3 minuty? Dříve start trval daleko kratší dobu, ale časem se dost prodloužil...
Re: Notebook 50%
Velkost adresara plocha mas cca 7,8GB 
Nemal by presahovat 300MB- poupratuj
Nemal by presahovat 300MB- poupratuj
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Notebook 50%
Tak jsem pouklízel, ale start se zlepšil jen o pár vteřin, stále je to skoro 3 minuty.
Ten svchost.exe se stále spouští. Nevím jestli to má s tím něco společného, ale těsně předtím než naběhne, tak ve spuštěných procesech problikne pokaždé: SZ_instal autoupdate.exe (nebo tak nějak)
Ten svchost.exe se stále spouští. Nevím jestli to má s tím něco společného, ale těsně předtím než naběhne, tak ve spuštěných procesech problikne pokaždé: SZ_instal autoupdate.exe (nebo tak nějak)
Re: Notebook 50%
spust msconfig a v casti startup
odskrtni nasledovne:
Advanced SystemCare 9
AutoKMS
cz.seznam.software.autoupdate
cz.seznam.software.szndesktop
mcagent_exe
nw
+ restart PC
odskrtni nasledovne:
Advanced SystemCare 9
AutoKMS
cz.seznam.software.autoupdate
cz.seznam.software.szndesktop
mcagent_exe
nw
+ restart PC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Notebook 50%
Ale já je tam zaškrtnuté nemám, takže by se spouštět neměli
Re: Notebook 50%
Odinstaluj SW od seznam.cz
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Notebook 50%
Ale kde to prosím najdu? V seznamu nainstalovaných programů nic takového není
Re: Notebook 50%
Vycisti PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Notebook 50%
Tak vyčištěno, MBAM nic nenašel, ale vzápětí po dokončení kontroly se najednou spustila aktualizace Windows. Po jejím dokončení se svchost už neobjevil Budu sledovat.
Ještě něco s tím zrychlením startu by prosím vymyslet nešlo?
Budu sledovat.Ještě něco s tím zrychlením startu by prosím vymyslet nešlo?
Re: Notebook 50%
vloz aktualny log FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Notebook 50%
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2016 01
Ran by M (administrator) on M-PC (21-06-2016 21:58:50)
Running from C:\Users\M\Desktop
Loaded Profiles: M & UpdatusUser (Available Profiles: M & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\ACER\Mobility Center\MobilityService.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-12] (AVAST Software)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2013-10-26] (Arachnoid Biometrics Identification Group Corp.)
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {0e128b00-98c6-11e4-8ac5-00238b31066e} - F:\setup.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {c55c0dc0-5517-11e3-953b-806e6f6e6963} - F:\SaboteurLauncher.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1003\...\RunOnce: [AcerScrSav] => C:\Windows\Acer\run_NB.exe [24576 2007-08-21] ()
HKU\S-1-5-21-3634129065-144307380-22897537-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [83554304 2007-04-19] ()
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-05-21] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (Egis Incorporated)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3634129065-144307380-22897537-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{E6F04CBD-EA0B-421A-9854-1216716F6FAB}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{FCFE238E-CEA1-4864-8404-B34A64FA7D91}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-21] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-02] (Oracle Corporation)
Toolbar: HKLM - No Name - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default
FF DefaultSearchUrl: hxxps://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxps://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin: @esn/npbattlelog,version=2.3.2 -> C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Greasemonkey - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-29] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-12]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Tampermonkey) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-26]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (电脑管家上网防护) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-21] (AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [1089056 2016-02-11] ()
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S4 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2013-10-26] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2016-05-08] () [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-28] ()
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
U3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2013-10-26] (Alfa Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-05-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-05-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-05-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-05-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-05-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-05-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-05-21] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [187208 2016-05-21] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67216 2016-05-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-05-21] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2015-03-01] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-01-10] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2015-11-02] (GenesysLogic)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-11-02] (REALiX(tm))
R2 Int15; C:\Windows\System32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2015-03-01] ()
R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [7346176 2015-11-02] (Intel Corporation)
R0 nhcDriverDevice; C:\Windows\System32\drivers\nhcDriver.sys [71680 2014-01-19] (Notebook Hardware Control) [File not signed]
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-10-12] (Riverbed Technology, Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [25328 2016-06-20] (Synaptics Incorporated)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2015-11-11] (Duplex Secure Ltd.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-12-24] (wisecleaner.com)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-05-09] (Cyberlink Corp.)
S3 DKbFltr; system32\DRIVERS\DKbFltr.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
U3 auqn8pl1; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-21 21:58 - 2016-06-21 21:59 - 00017890 _____ C:\Users\M\Desktop\FRST.txt
2016-06-21 21:58 - 2016-06-21 21:58 - 00000000 ____D C:\Users\M\Desktop\FRST-OlderVersion
2016-06-20 18:49 - 2016-06-20 18:53 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-06-20 18:49 - 2016-06-20 18:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-20 18:48 - 2016-06-20 18:48 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-20 18:48 - 2016-06-20 18:48 - 00025328 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-20 18:42 - 2016-06-20 18:42 - 00000000 ____D C:\Windows\IObit
2016-06-19 20:15 - 2016-05-18 17:33 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-19 20:14 - 2016-05-12 16:21 - 02071040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-19 20:13 - 2016-05-10 17:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-19 20:13 - 2016-05-10 17:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-19 20:13 - 2016-05-10 17:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-19 20:13 - 2016-05-10 16:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-19 20:13 - 2016-05-10 16:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-19 19:46 - 2016-05-12 17:34 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-19 19:46 - 2016-05-12 17:34 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-19 19:46 - 2016-05-12 17:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-19 19:46 - 2016-05-12 17:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-19 19:46 - 2016-05-12 17:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-19 19:46 - 2016-05-12 17:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-19 19:44 - 2016-05-12 16:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-19 19:39 - 2016-05-14 17:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-19 19:39 - 2016-05-14 17:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-06-19 19:39 - 2016-05-14 16:19 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-19 19:39 - 2016-05-14 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-19 19:39 - 2016-05-14 16:18 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-19 19:39 - 2016-05-11 15:09 - 00440552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-19 19:38 - 2016-05-14 17:47 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-19 19:38 - 2016-05-14 17:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-19 19:36 - 2016-05-12 21:11 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-19 19:36 - 2016-05-12 21:10 - 12840960 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-19 19:36 - 2016-05-12 21:08 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-19 19:36 - 2016-05-12 21:06 - 09755136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-19 19:36 - 2016-05-12 21:06 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-19 19:36 - 2016-05-12 21:05 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-19 19:36 - 2016-05-12 21:04 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-19 19:36 - 2016-05-12 21:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-19 19:36 - 2016-05-12 21:03 - 00354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-06-19 19:36 - 2016-05-12 21:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-06-19 17:59 - 2016-06-19 17:59 - 22851472 _____ (Malwarebytes ) C:\Users\M\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-18 15:43 - 2016-06-18 16:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-16 21:20 - 2016-06-16 21:20 - 00000391 _____ C:\Users\M\Desktop\Z plochy.lnk
2016-06-16 21:17 - 2016-06-16 21:23 - 00000000 ____D C:\Z plochy
2016-06-15 22:40 - 2016-06-21 21:58 - 00000000 ____D C:\FRST
2016-06-15 22:38 - 2016-06-21 21:58 - 01738240 _____ (Farbar) C:\Users\M\Desktop\FRST.exe
2016-06-15 00:39 - 2016-06-15 00:39 - 01107968 _____ C:\Users\M\Desktop\RSIT.exe
2016-06-14 23:57 - 2016-06-14 23:57 - 03703360 _____ C:\Users\M\Desktop\adwcleaner_5.200.exe
2016-06-14 20:28 - 2016-06-18 14:45 - 00000000 ___RD C:\Program Files\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-06-13 00:40 - 2016-06-13 00:40 - 00089808 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-13 00:38 - 2016-06-20 18:37 - 00343160 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 20:16 - 2016-05-21 13:57 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-04 21:22 - 2016-06-04 22:42 - 00000000 ____D C:\Users\M\AppData\Local\u-launcher
2016-06-01 23:01 - 2016-06-16 20:47 - 00000038 _____ C:\Windows\AviSplitter.INI
2016-05-31 19:11 - 2016-05-31 19:11 - 00000000 ____D C:\Program Files\Apple Software Update
2016-05-31 01:51 - 2016-05-31 01:51 - 00001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Edit Master.lnk
2016-05-31 01:51 - 2016-05-31 01:51 - 00000000 ____D C:\Program Files\Hazem Osman
2016-05-31 00:55 - 2016-05-31 00:55 - 00000000 ____D C:\Users\M\AppData\Roaming\Apple Computer
2016-05-31 00:49 - 2016-05-31 00:49 - 00000000 ____D C:\Users\M\AppData\Roaming\RecoolTec
2016-05-30 23:52 - 2016-05-30 23:52 - 00000000 ____D C:\Users\M\Documents\Free SWF to AVI Converter
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\Program Files\Free SWF to AVI Converter
2016-05-30 23:51 - 2011-04-12 21:43 - 00219136 _____ (SWF Converter) C:\Windows\system32\frvSource.ax
2016-05-30 23:26 - 2016-05-30 23:26 - 00000000 ____D C:\Users\M\Documents\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Program Files\Apowersoft
2016-05-30 23:24 - 2015-10-12 12:05 - 00282360 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00098040 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00053299 _____ C:\Windows\system32\pthreadVC.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2016-05-30 22:37 - 2016-06-04 15:35 - 00054156 ____H C:\Windows\QTFont.qfn
2016-05-30 22:37 - 2016-05-30 22:37 - 00000850 _____ C:\Users\UpdatusUser\Desktop\QuickTime Player.lnk
2016-05-30 22:37 - 2016-05-30 22:37 - 00000607 _____ C:\Windows\system32\QuickTime.qtp
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Windows\system32\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Program Files\QuickTime
2016-05-30 22:37 - 1999-11-10 12:05 - 00086016 _____ (MindVision) C:\Windows\unvise32qt.exe
2016-05-30 22:36 - 2016-05-30 22:36 - 00000000 ____D C:\oldver
2016-05-30 22:20 - 2016-05-30 22:20 - 00000000 ____D C:\Users\M\AppData\Local\Apple
2016-05-30 22:19 - 2016-05-31 19:11 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\ProgramData\Apple
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-30 22:17 - 2016-05-30 22:17 - 00000000 ____D C:\Users\M\AppData\LocalLow\Apple Computer
2016-05-27 23:34 - 2016-05-27 23:53 - 00000000 ____D C:\FFOutput
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Program Files\FormatFactory
2016-05-22 00:35 - 2016-05-22 00:35 - 00000816 _____ C:\Users\UpdatusUser\Desktop\MP3 to WAV Converter.lnk
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 to WAV Converter
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\Program Files\MP3 to WAV Converter
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-21 21:57 - 2015-12-25 19:55 - 00000000 ____D C:\Users\M\Desktop\Nová složka (3)
2016-06-21 21:28 - 2013-10-26 21:47 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 21:19 - 2013-12-17 19:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 20:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-21 20:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-21 20:00 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-21 00:08 - 2013-12-22 16:20 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-21 00:08 - 2006-11-02 15:01 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-20 23:36 - 2013-10-26 22:43 - 00000000 ____D C:\Program Files\Steam
2016-06-20 19:23 - 2015-12-24 23:34 - 00000000 ____D C:\Users\M\AppData\Roaming\Wise Uninstaller
2016-06-20 19:22 - 2015-12-24 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Wise Care 365
2016-06-20 18:58 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-06-20 18:54 - 2015-11-02 00:46 - 00001935 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-06-20 18:53 - 2013-10-26 20:57 - 00000000 ____D C:\Users\M
2016-06-20 18:53 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-20 18:42 - 2015-11-02 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-06-19 21:18 - 2015-12-22 19:34 - 00001330 _____ C:\Windows\wininit.ini
2016-06-19 20:13 - 2013-11-24 17:18 - 00000000 ____D C:\Windows\system32\MRT
2016-06-19 19:48 - 2006-11-02 12:24 - 139785240 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-06-19 13:56 - 2014-06-12 00:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-18 14:49 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Roaming\Skype
2016-06-18 14:46 - 2014-07-24 22:41 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 22:41 - 2015-05-20 22:16 - 00000000 ____D C:\AdwCleaner
2016-06-17 22:37 - 2015-11-17 01:38 - 00000000 ____D C:\Users\M\AppData\Local\GamersFirst
2016-06-17 22:36 - 2015-11-17 01:38 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2016-06-17 22:33 - 2016-03-27 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PY Software
2016-06-16 23:20 - 2013-10-31 23:02 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-16 23:20 - 2013-10-31 23:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-16 23:19 - 2015-04-05 14:37 - 00001108 _____ C:\Users\M\Desktop\lokace.txt
2016-06-16 20:59 - 2014-10-22 22:16 - 00000000 ____D C:\Users\M\AppData\Roaming\uTorrent
2016-06-16 20:51 - 2014-10-22 22:16 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-06-16 20:09 - 2008-01-21 08:47 - 01531394 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-16 20:09 - 2008-01-21 08:46 - 00644980 _____ C:\Windows\system32\perfh005.dat
2016-06-16 20:09 - 2008-01-21 08:46 - 00137618 _____ C:\Windows\system32\perfc005.dat
2016-06-15 00:40 - 2014-07-20 23:25 - 00000000 ____D C:\Program Files\trend micro
2016-06-14 22:25 - 2015-12-24 23:34 - 00001366 _____ C:\Users\M\AppData\Roaming\wpulog.txt
2016-06-14 20:28 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Local\Skype
2016-06-12 21:50 - 2013-12-29 12:29 - 00000000 ____D C:\Users\M\AppData\Roaming\Winamp
2016-06-12 21:37 - 2015-12-27 02:31 - 00172032 _____ C:\Windows\system32\config\DEFAULT.rhk
2016-06-12 21:37 - 2015-12-27 02:31 - 00053248 _____ C:\Windows\system32\config\SAM.rhk
2016-06-12 21:37 - 2015-12-27 02:29 - 45576192 _____ C:\Windows\system32\config\SOFTWARE.rhk
2016-06-12 21:36 - 2015-12-27 02:29 - 00024576 _____ C:\Windows\system32\config\SECURITY.rhk
2016-06-12 20:37 - 2013-10-27 00:03 - 00151552 _____ C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-12 20:11 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-12 20:09 - 2006-11-02 12:22 - 47185920 _____ C:\Windows\system32\config\software_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 43778048 _____ C:\Windows\system32\config\components_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 36962304 _____ C:\Windows\system32\config\system_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00176128 _____ C:\Windows\system32\config\default_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00053248 _____ C:\Windows\system32\config\sam_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00024576 _____ C:\Windows\system32\config\security_previous
2016-06-12 20:02 - 2014-02-09 17:00 - 00000000 ____D C:\Users\UpdatusUser
2016-06-12 20:01 - 2015-07-10 22:29 - 00000000 ____D C:\ProgramData\SystemExplorer
2016-06-12 20:01 - 2014-10-26 23:03 - 00000000 ____D C:\Users\M\AppData\Local\Glyph
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\Users\M\AppData\Local\wf-launcher
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\ProgramData\GFACE
2016-06-04 15:41 - 2013-12-21 16:06 - 00000000 ____D C:\Users\M\AppData\Local\ArmA 2 OA
2016-05-31 01:46 - 2016-02-28 20:07 - 00000000 ____D C:\Users\M\AppData\Roaming\avidemux
2016-05-30 23:51 - 2013-11-09 20:55 - 00000000 ____D C:\Program Files\AviSynth 2.5
==================== Files in the root of some directories =======
2015-12-06 22:44 - 2016-02-28 21:18 - 0000551 _____ () C:\Users\M\AppData\Roaming\AutoGK.ini
2016-03-25 20:47 - 2016-03-25 20:47 - 0005120 _____ () C:\Users\M\AppData\Roaming\GiftBag.db
2015-11-17 02:58 - 2015-11-17 02:58 - 0101734 _____ () C:\Users\M\AppData\Roaming\icarus-dxdiag.xml
2005-04-08 04:16 - 2005-04-08 04:16 - 2071301 ____H () C:\Users\M\AppData\Roaming\Mv1.18.0 - Trial versionlog.dat
2013-12-28 15:15 - 2013-12-28 15:15 - 0138056 _____ () C:\Users\M\AppData\Roaming\PnkBstrK.sys
2015-12-24 23:34 - 2016-06-14 22:25 - 0001366 _____ () C:\Users\M\AppData\Roaming\wpulog.txt
2013-10-26 20:57 - 2013-10-26 21:57 - 0000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2013-10-27 00:03 - 2016-06-12 20:37 - 0151552 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-05 23:05 - 2015-01-11 18:23 - 0067799 _____ () C:\Users\M\AppData\Local\HWVendorDetection.log
2014-01-28 20:11 - 2014-02-22 15:16 - 0002728 _____ () C:\Users\M\AppData\Local\SRDownloader.nast
2015-11-02 01:30 - 2015-11-02 01:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\M\avidemux_2.6.10_win32.exe
C:\Users\M\BioniX Wallpaper Setup.exe
C:\Users\M\instsf450 (1).exe
C:\Users\M\mbam-setup-2.1.4.1018.exe
C:\Users\M\mp3DC221.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-21 20:07
==================== End of FRST.txt ============================
Ran by M (administrator) on M-PC (21-06-2016 21:58:50)
Running from C:\Users\M\Desktop
Loaded Profiles: M & UpdatusUser (Available Profiles: M & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\ACER\Mobility Center\MobilityService.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-12] (AVAST Software)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2013-10-26] (Arachnoid Biometrics Identification Group Corp.)
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {0e128b00-98c6-11e4-8ac5-00238b31066e} - F:\setup.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1000\...\MountPoints2: {c55c0dc0-5517-11e3-953b-806e6f6e6963} - F:\SaboteurLauncher.exe
HKU\S-1-5-21-3634129065-144307380-22897537-1003\...\RunOnce: [AcerScrSav] => C:\Windows\Acer\run_NB.exe [24576 2007-08-21] ()
HKU\S-1-5-21-3634129065-144307380-22897537-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [83554304 2007-04-19] ()
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-05-21] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (Egis Incorporated)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3634129065-144307380-22897537-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{E6F04CBD-EA0B-421A-9854-1216716F6FAB}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Tcpip\..\Interfaces\{FCFE238E-CEA1-4864-8404-B34A64FA7D91}: [DhcpNameServer] 192.168.1.254 0.0.0.0
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1013&m=aspire_7730g
HKU\S-1-5-21-3634129065-144307380-22897537-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-21] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-02] (Oracle Corporation)
Toolbar: HKLM - No Name - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default
FF DefaultSearchUrl: hxxps://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxps://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin: @esn/npbattlelog,version=2.3.2 -> C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Greasemonkey - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\awh4qb0r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-29] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-12]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Tampermonkey) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-26]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (电脑管家上网防护) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-21] (AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [1089056 2016-02-11] ()
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S4 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2013-10-26] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2016-05-08] () [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-28] ()
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
U3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2013-10-26] (Alfa Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-05-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-05-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-05-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-05-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-05-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-05-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-05-21] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [187208 2016-05-21] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67216 2016-05-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-05-21] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2015-03-01] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-01-10] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [56832 2015-11-02] (GenesysLogic)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-11-02] (REALiX(tm))
R2 Int15; C:\Windows\System32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2015-03-01] ()
R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [7346176 2015-11-02] (Intel Corporation)
R0 nhcDriverDevice; C:\Windows\System32\drivers\nhcDriver.sys [71680 2014-01-19] (Notebook Hardware Control) [File not signed]
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-10-12] (Riverbed Technology, Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [25328 2016-06-20] (Synaptics Incorporated)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2015-11-11] (Duplex Secure Ltd.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-12-24] (wisecleaner.com)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-05-09] (Cyberlink Corp.)
S3 DKbFltr; system32\DRIVERS\DKbFltr.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
U3 auqn8pl1; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-21 21:58 - 2016-06-21 21:59 - 00017890 _____ C:\Users\M\Desktop\FRST.txt
2016-06-21 21:58 - 2016-06-21 21:58 - 00000000 ____D C:\Users\M\Desktop\FRST-OlderVersion
2016-06-20 18:49 - 2016-06-20 18:53 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-06-20 18:49 - 2016-06-20 18:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-20 18:48 - 2016-06-20 18:48 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-20 18:48 - 2016-06-20 18:48 - 00025328 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-20 18:42 - 2016-06-20 18:42 - 00000000 ____D C:\Windows\IObit
2016-06-19 20:15 - 2016-05-18 17:33 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-19 20:14 - 2016-05-12 16:21 - 02071040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-19 20:13 - 2016-05-10 17:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-19 20:13 - 2016-05-10 17:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-19 20:13 - 2016-05-10 17:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-19 20:13 - 2016-05-10 16:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-19 20:13 - 2016-05-10 16:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-19 19:46 - 2016-05-12 17:34 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-19 19:46 - 2016-05-12 17:34 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-19 19:46 - 2016-05-12 17:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-19 19:46 - 2016-05-12 17:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-19 19:46 - 2016-05-12 17:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-19 19:46 - 2016-05-12 17:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-19 19:44 - 2016-05-12 16:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-19 19:39 - 2016-05-14 17:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-19 19:39 - 2016-05-14 17:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-06-19 19:39 - 2016-05-14 16:19 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-19 19:39 - 2016-05-14 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-19 19:39 - 2016-05-14 16:18 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-19 19:39 - 2016-05-11 15:09 - 00440552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-19 19:38 - 2016-05-14 17:47 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-19 19:38 - 2016-05-14 17:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-19 19:36 - 2016-05-12 21:11 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-19 19:36 - 2016-05-12 21:10 - 12840960 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-19 19:36 - 2016-05-12 21:08 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-19 19:36 - 2016-05-12 21:06 - 09755136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-19 19:36 - 2016-05-12 21:06 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-19 19:36 - 2016-05-12 21:05 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-19 19:36 - 2016-05-12 21:04 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-19 19:36 - 2016-05-12 21:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-19 19:36 - 2016-05-12 21:04 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-19 19:36 - 2016-05-12 21:03 - 00354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-19 19:36 - 2016-05-12 21:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-06-19 19:36 - 2016-05-12 21:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-06-19 17:59 - 2016-06-19 17:59 - 22851472 _____ (Malwarebytes ) C:\Users\M\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-18 15:43 - 2016-06-18 16:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-16 21:20 - 2016-06-16 21:20 - 00000391 _____ C:\Users\M\Desktop\Z plochy.lnk
2016-06-16 21:17 - 2016-06-16 21:23 - 00000000 ____D C:\Z plochy
2016-06-15 22:40 - 2016-06-21 21:58 - 00000000 ____D C:\FRST
2016-06-15 22:38 - 2016-06-21 21:58 - 01738240 _____ (Farbar) C:\Users\M\Desktop\FRST.exe
2016-06-15 00:39 - 2016-06-15 00:39 - 01107968 _____ C:\Users\M\Desktop\RSIT.exe
2016-06-14 23:57 - 2016-06-14 23:57 - 03703360 _____ C:\Users\M\Desktop\adwcleaner_5.200.exe
2016-06-14 20:28 - 2016-06-18 14:45 - 00000000 ___RD C:\Program Files\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-14 20:28 - 2016-06-14 20:28 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-06-13 00:40 - 2016-06-13 00:40 - 00089808 _____ C:\Users\M\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-13 00:38 - 2016-06-20 18:37 - 00343160 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 20:16 - 2016-05-21 13:57 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-04 21:22 - 2016-06-04 22:42 - 00000000 ____D C:\Users\M\AppData\Local\u-launcher
2016-06-01 23:01 - 2016-06-16 20:47 - 00000038 _____ C:\Windows\AviSplitter.INI
2016-05-31 19:11 - 2016-05-31 19:11 - 00000000 ____D C:\Program Files\Apple Software Update
2016-05-31 01:51 - 2016-05-31 01:51 - 00001928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Edit Master.lnk
2016-05-31 01:51 - 2016-05-31 01:51 - 00000000 ____D C:\Program Files\Hazem Osman
2016-05-31 00:55 - 2016-05-31 00:55 - 00000000 ____D C:\Users\M\AppData\Roaming\Apple Computer
2016-05-31 00:49 - 2016-05-31 00:49 - 00000000 ____D C:\Users\M\AppData\Roaming\RecoolTec
2016-05-30 23:52 - 2016-05-30 23:52 - 00000000 ____D C:\Users\M\Documents\Free SWF to AVI Converter
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecoolTec
2016-05-30 23:51 - 2016-05-30 23:51 - 00000000 ____D C:\Program Files\Free SWF to AVI Converter
2016-05-30 23:51 - 2011-04-12 21:43 - 00219136 _____ (SWF Converter) C:\Windows\system32\frvSource.ax
2016-05-30 23:26 - 2016-05-30 23:26 - 00000000 ____D C:\Users\M\Documents\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\ProgramData\Apowersoft
2016-05-30 23:24 - 2016-05-30 23:24 - 00000000 ____D C:\Program Files\Apowersoft
2016-05-30 23:24 - 2015-10-12 12:05 - 00282360 _____ (Riverbed Technology, Inc.) C:\Windows\system32\wpcap.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00098040 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Packet.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00053299 _____ C:\Windows\system32\pthreadVC.dll
2016-05-30 23:24 - 2015-10-12 12:05 - 00036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2016-05-30 22:37 - 2016-06-04 15:35 - 00054156 ____H C:\Windows\QTFont.qfn
2016-05-30 22:37 - 2016-05-30 22:37 - 00000850 _____ C:\Users\UpdatusUser\Desktop\QuickTime Player.lnk
2016-05-30 22:37 - 2016-05-30 22:37 - 00000607 _____ C:\Windows\system32\QuickTime.qtp
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Windows\system32\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-30 22:37 - 2016-05-30 22:37 - 00000000 ____D C:\Program Files\QuickTime
2016-05-30 22:37 - 1999-11-10 12:05 - 00086016 _____ (MindVision) C:\Windows\unvise32qt.exe
2016-05-30 22:36 - 2016-05-30 22:36 - 00000000 ____D C:\oldver
2016-05-30 22:20 - 2016-05-30 22:20 - 00000000 ____D C:\Users\M\AppData\Local\Apple
2016-05-30 22:19 - 2016-05-31 19:11 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\ProgramData\Apple
2016-05-30 22:18 - 2016-05-30 22:18 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-30 22:17 - 2016-05-30 22:17 - 00000000 ____D C:\Users\M\AppData\LocalLow\Apple Computer
2016-05-27 23:34 - 2016-05-27 23:53 - 00000000 ____D C:\FFOutput
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-05-27 23:34 - 2016-05-27 23:34 - 00000000 ____D C:\Program Files\FormatFactory
2016-05-22 00:35 - 2016-05-22 00:35 - 00000816 _____ C:\Users\UpdatusUser\Desktop\MP3 to WAV Converter.lnk
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 to WAV Converter
2016-05-22 00:35 - 2016-05-22 00:35 - 00000000 ____D C:\Program Files\MP3 to WAV Converter
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-21 21:57 - 2015-12-25 19:55 - 00000000 ____D C:\Users\M\Desktop\Nová složka (3)
2016-06-21 21:28 - 2013-10-26 21:47 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 21:19 - 2013-12-17 19:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 20:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-21 20:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-21 20:00 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-21 00:08 - 2013-12-22 16:20 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-21 00:08 - 2006-11-02 15:01 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-20 23:36 - 2013-10-26 22:43 - 00000000 ____D C:\Program Files\Steam
2016-06-20 19:23 - 2015-12-24 23:34 - 00000000 ____D C:\Users\M\AppData\Roaming\Wise Uninstaller
2016-06-20 19:22 - 2015-12-24 23:24 - 00000000 ____D C:\Users\M\AppData\Roaming\Wise Care 365
2016-06-20 18:58 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-06-20 18:54 - 2015-11-02 00:46 - 00001935 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-06-20 18:53 - 2013-10-26 20:57 - 00000000 ____D C:\Users\M
2016-06-20 18:53 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-20 18:42 - 2015-11-02 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-06-19 21:18 - 2015-12-22 19:34 - 00001330 _____ C:\Windows\wininit.ini
2016-06-19 20:13 - 2013-11-24 17:18 - 00000000 ____D C:\Windows\system32\MRT
2016-06-19 19:48 - 2006-11-02 12:24 - 139785240 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-06-19 13:56 - 2014-06-12 00:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-18 14:49 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Roaming\Skype
2016-06-18 14:46 - 2014-07-24 22:41 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 22:41 - 2015-05-20 22:16 - 00000000 ____D C:\AdwCleaner
2016-06-17 22:37 - 2015-11-17 01:38 - 00000000 ____D C:\Users\M\AppData\Local\GamersFirst
2016-06-17 22:36 - 2015-11-17 01:38 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2016-06-17 22:33 - 2016-03-27 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PY Software
2016-06-16 23:20 - 2013-10-31 23:02 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-16 23:20 - 2013-10-31 23:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-16 23:19 - 2015-04-05 14:37 - 00001108 _____ C:\Users\M\Desktop\lokace.txt
2016-06-16 20:59 - 2014-10-22 22:16 - 00000000 ____D C:\Users\M\AppData\Roaming\uTorrent
2016-06-16 20:51 - 2014-10-22 22:16 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-06-16 20:09 - 2008-01-21 08:47 - 01531394 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-16 20:09 - 2008-01-21 08:46 - 00644980 _____ C:\Windows\system32\perfh005.dat
2016-06-16 20:09 - 2008-01-21 08:46 - 00137618 _____ C:\Windows\system32\perfc005.dat
2016-06-15 00:40 - 2014-07-20 23:25 - 00000000 ____D C:\Program Files\trend micro
2016-06-14 22:25 - 2015-12-24 23:34 - 00001366 _____ C:\Users\M\AppData\Roaming\wpulog.txt
2016-06-14 20:28 - 2014-07-24 22:42 - 00000000 ____D C:\Users\M\AppData\Local\Skype
2016-06-12 21:50 - 2013-12-29 12:29 - 00000000 ____D C:\Users\M\AppData\Roaming\Winamp
2016-06-12 21:37 - 2015-12-27 02:31 - 00172032 _____ C:\Windows\system32\config\DEFAULT.rhk
2016-06-12 21:37 - 2015-12-27 02:31 - 00053248 _____ C:\Windows\system32\config\SAM.rhk
2016-06-12 21:37 - 2015-12-27 02:29 - 45576192 _____ C:\Windows\system32\config\SOFTWARE.rhk
2016-06-12 21:36 - 2015-12-27 02:29 - 00024576 _____ C:\Windows\system32\config\SECURITY.rhk
2016-06-12 20:37 - 2013-10-27 00:03 - 00151552 _____ C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-12 20:11 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-12 20:09 - 2006-11-02 12:22 - 47185920 _____ C:\Windows\system32\config\software_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 43778048 _____ C:\Windows\system32\config\components_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 36962304 _____ C:\Windows\system32\config\system_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00176128 _____ C:\Windows\system32\config\default_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00053248 _____ C:\Windows\system32\config\sam_previous
2016-06-12 20:09 - 2006-11-02 12:22 - 00024576 _____ C:\Windows\system32\config\security_previous
2016-06-12 20:02 - 2014-02-09 17:00 - 00000000 ____D C:\Users\UpdatusUser
2016-06-12 20:01 - 2015-07-10 22:29 - 00000000 ____D C:\ProgramData\SystemExplorer
2016-06-12 20:01 - 2014-10-26 23:03 - 00000000 ____D C:\Users\M\AppData\Local\Glyph
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2016-06-12 20:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\Users\M\AppData\Local\wf-launcher
2016-06-04 21:22 - 2015-11-07 15:27 - 00000000 ____D C:\ProgramData\GFACE
2016-06-04 15:41 - 2013-12-21 16:06 - 00000000 ____D C:\Users\M\AppData\Local\ArmA 2 OA
2016-05-31 01:46 - 2016-02-28 20:07 - 00000000 ____D C:\Users\M\AppData\Roaming\avidemux
2016-05-30 23:51 - 2013-11-09 20:55 - 00000000 ____D C:\Program Files\AviSynth 2.5
==================== Files in the root of some directories =======
2015-12-06 22:44 - 2016-02-28 21:18 - 0000551 _____ () C:\Users\M\AppData\Roaming\AutoGK.ini
2016-03-25 20:47 - 2016-03-25 20:47 - 0005120 _____ () C:\Users\M\AppData\Roaming\GiftBag.db
2015-11-17 02:58 - 2015-11-17 02:58 - 0101734 _____ () C:\Users\M\AppData\Roaming\icarus-dxdiag.xml
2005-04-08 04:16 - 2005-04-08 04:16 - 2071301 ____H () C:\Users\M\AppData\Roaming\Mv1.18.0 - Trial versionlog.dat
2013-12-28 15:15 - 2013-12-28 15:15 - 0138056 _____ () C:\Users\M\AppData\Roaming\PnkBstrK.sys
2015-12-24 23:34 - 2016-06-14 22:25 - 0001366 _____ () C:\Users\M\AppData\Roaming\wpulog.txt
2013-10-26 20:57 - 2013-10-26 21:57 - 0000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2013-10-27 00:03 - 2016-06-12 20:37 - 0151552 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-05 23:05 - 2015-01-11 18:23 - 0067799 _____ () C:\Users\M\AppData\Local\HWVendorDetection.log
2014-01-28 20:11 - 2014-02-22 15:16 - 0002728 _____ () C:\Users\M\AppData\Local\SRDownloader.nast
2015-11-02 01:30 - 2015-11-02 01:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\M\avidemux_2.6.10_win32.exe
C:\Users\M\BioniX Wallpaper Setup.exe
C:\Users\M\instsf450 (1).exe
C:\Users\M\mbam-setup-2.1.4.1018.exe
C:\Users\M\mp3DC221.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-21 20:07
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (11.94 KiB) Staženo 52 x
Přispějete na provoz fóra?