Zasekaný notebook

Zpráva

Nela_M · #1 Příspěvek od **Nela_M** » 20 lis 2014 19:53

Dobrý den, prosím o kontrolu logu. Dostali se mi k PC děti naklikali mi co se dalo... Děti jsem zpacifikovala, notebook posléze zahesluji, ale teď mi strašně zlobí. Díky moc Helena

Logfile of random's system information tool 1.10 (written by random/random)
Run by DOMA at 2014-11-20 19:49:58
Microsoft Windows 8.1
System drive C: has 640 GB (68%) free of 936 GB
Total RAM: 5578 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:50:03, on 20. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\LuckyTab\LuckyTab.exe
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Box Rock\bin\BoxRock.BrowserAdapter.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DOMA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... J9DC903821
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... J9DC903821
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... J9DC903821
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Box Rock - {464deeb8-b74f-4117-b8ec-e42f4028f3d1} - C:\Program Files (x86)\Box Rock\BoxRockbho.dll
O2 - BHO: GoSSAve - {db4b88cd-8277-4e35-9f9b-202b4d9e854f} - C:\Program Files (x86)\GoSSAve\pnYLQZYtr87kzJ.dll
O2 - BHO: YoutubeAdBloCke - {e3d953e2-e8f0-4cca-9f02-5747e84e4b75} - C:\Program Files (x86)\YoutubeAdBloCke\X1psquMYV4FmM5.dll
O2 - BHO: GoSSave - {e6bdcc55-1477-4a1d-9890-e91af636f9f0} - C:\Program Files (x86)\GoSSave\nBL2HGcyqYqFgC.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Helena\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Helena\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-21-1667220345-2820352928-2493023320-500\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe -h (User 'Administrator')
O4 - HKUS\S-1-5-21-1667220345-2820352928-2493023320-500\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Administrator')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Box Rock - Unknown owner - C:\Program Files (x86)\Box Rock\updateBoxRock.exe
O23 - Service: Util Box Rock - Unknown owner - C:\Program Files (x86)\Box Rock\bin\utilBoxRock.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 10462 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Box Rock\updateBoxRock.exe"
"C:\Program Files (x86)\Box Rock\bin\utilBoxRock.exe"

"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {fe073094-fc94-43f9-97c911bf0b5e2469}
atieclxx
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\LuckyTab\LuckyTab.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Box Rock\bin\BoxRock.PurBrowse64.exe" /l false /s false /c "Box Rock" /t "C:\Program Files (x86)\Box Rock\bin\TEMP" /i "http://apiboxrockinfo-a.akamaihd.net/gs ... 0000000000" /d {615d5210-230f-43a8-ac9f-a2b30581c6d7}Gw64 /p 754cb2b9-ad34-4abc-8076-1187ab428bc5:firefox /p ce8edf60-38ec-440c-ac81-477b31f7777c:iexplore /h cdn.sharedaddomain.com,cdn.sharedaddomain2.com 0 10 "C:\Program Files (x86)\Box Rock\bin\bau" true
\??\C:\WINDOWS\system32\conhost.exe 0x4
/i ce8edf60-38ec-440c-ac81-477b31f7777c /f 754cb2b9-ad34-4abc-8076-1187ab428bc5 /z "n=BoxRock&is=EF23DDCZ&dpt=20"
/i ce8edf60-38ec-440c-ac81-477b31f7777c /f 754cb2b9-ad34-4abc-8076-1187ab428bc5 /z "n=BoxRock&is=EF23DDCZ&dpt=20"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"

"C:\WINDOWS\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 839B34D9-BCFA-800A-0B45-B4B22BDD34DB -Reinvoke
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe" http://istart.webssearches.com/?type=sc ... J9DC903821
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1667220345-2820352928-2493023320-10013_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1667220345-2820352928-2493023320-10013 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6892 CREDAT:1250589 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6892 CREDAT:2102550 /prefetch:2
"C:\Users\Helena\AppData\Local\Microsoft\Windows\INetCache\IE\013S9VH7\RSITx64.exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 588 592 600 65536 596

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GS_Booster-S-576482620.job - c:\programdata\trusted publisher\gs_booster\GS_Booster.exe /schedule /profile "c:\programdata\trusted publisher\gs_booster\576482620.ini"

=========Mozilla firefox=========

ProfilePath - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default

prefs.js - "browser.startup.homepage" - "http://istart.webssearches.com/?type=hp ... J9DC903821"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default\extensions\
faststartff@gmail.com
iL@6bA.net
SFPd@aXUPJ.org
staged
tnp7I@u.net
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}]
GoSSAve - C:\Program Files (x86)\GoSSAve\pnYLQZYtr87kzJ.x64.dll [2014-09-22 715264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}]
YoutubeAdBloCke - C:\Program Files (x86)\YoutubeAdBloCke\X1psquMYV4FmM5.x64.dll [2013-09-22 715264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}]
GoSSave - C:\Program Files (x86)\GoSSave\nBL2HGcyqYqFgC.x64.dll [2014-09-22 715264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-11-20 514016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{464deeb8-b74f-4117-b8ec-e42f4028f3d1}]
Box Rock - C:\Program Files (x86)\Box Rock\BoxRockbho.dll [2014-11-20 250088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}]
GoSSAve - C:\Program Files (x86)\GoSSAve\pnYLQZYtr87kzJ.dll [2013-09-22 631296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}]
YoutubeAdBloCke - C:\Program Files (x86)\YoutubeAdBloCke\X1psquMYV4FmM5.dll [2014-09-22 631296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}]
GoSSave - C:\Program Files (x86)\GoSSave\nBL2HGcyqYqFgC.dll [2014-09-22 631296]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-09-14 64640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Helena\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Helena\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-18 642216]
"LManager"= []
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-07-26 508656]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-09-12 366720]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-20 19:49:58 ----D---- C:\rsit
2014-11-20 19:49:58 ----D---- C:\Program Files\trend micro
2014-11-20 19:28:27 ----D---- C:\sh4ldr
2014-11-20 19:27:35 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2014-11-20 19:27:27 ----D---- C:\Program Files\Enigma Software Group
2014-11-20 19:19:54 ----A---- C:\WINDOWS\system32\drivers\{615d5210-230f-43a8-ac9f-a2b30581c6d7}Gw64.sys
2014-11-20 19:10:26 ----D---- C:\ProgramData\IePluginServices
2014-11-20 19:10:20 ----D---- C:\Program Files (x86)\Box Rock
2014-11-20 19:10:14 ----D---- C:\Program Files (x86)\SupTab
2014-11-20 19:10:02 ----D---- C:\ProgramData\WindowsMangerProtect
2014-11-20 19:10:00 ----D---- C:\Users\Helena\AppData\Roaming\337Games
2014-11-20 19:09:49 ----D---- C:\Users\Helena\AppData\Roaming\webssearches
2014-11-20 19:09:15 ----D---- C:\Users\Helena\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
2014-11-20 19:09:13 ----D---- C:\Program Files (x86)\LuckyTab
2014-11-20 19:09:07 ----D---- C:\Program Files (x86)\YourFileDownloaderUpdater
2014-11-20 19:02:45 ----D---- C:\Users\Helena\AppData\Roaming\SurfAnonymousFree
2014-11-20 19:02:45 ----D---- C:\ProgramData\SurfAnonymousFree
2014-11-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2014-11-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-11-18 19:27:58 ----A---- C:\WINDOWS\system32\pku2u.dll
2014-11-18 19:27:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-11-14 20:53:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-14 20:53:16 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-14 20:53:15 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-14 20:53:15 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-14 20:53:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-14 20:53:03 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-14 20:53:03 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-14 20:53:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-14 20:53:02 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-14 20:53:01 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-14 20:53:01 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-14 20:53:00 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-14 20:53:00 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-14 20:53:00 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-14 20:53:00 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-14 20:52:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-14 20:52:55 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-14 20:52:55 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-14 20:52:43 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-14 20:52:42 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-14 20:52:41 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-14 20:52:41 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-14 20:52:40 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-14 20:52:39 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-14 20:52:39 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-14 20:52:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-11-14 20:52:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-11-14 20:51:11 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-11-14 20:51:01 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-11-14 20:50:53 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-11-14 20:50:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-11-14 20:50:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-11-14 20:50:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-11-14 20:50:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-11-14 20:50:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-11-14 20:50:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-14 20:50:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-11-14 20:50:43 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-14 20:50:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-11-14 20:50:42 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\system32\jscript.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-11-14 20:50:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-11-14 20:50:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-14 20:50:36 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-14 20:50:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-11-14 20:50:35 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-11-14 20:50:35 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-11-14 20:50:35 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-11-14 20:50:33 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-14 20:50:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-11-14 20:50:32 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-14 20:50:32 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-14 20:50:32 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-11-14 20:50:32 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\url.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-14 20:50:26 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\devinv.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-11-14 20:49:55 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-14 20:49:55 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-14 20:49:55 ----A---- C:\WINDOWS\system32\aepic.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-14 20:49:51 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-14 20:49:49 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-14 20:49:49 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-14 20:49:47 ----A---- C:\WINDOWS\system32\shell32.dll
2014-11-14 20:49:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-11-14 20:49:44 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-11-14 20:49:41 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-14 20:49:40 ----A---- C:\WINDOWS\system32\twinui.dll
2014-11-14 20:49:40 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-11-14 20:49:39 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-14 20:49:39 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-14 20:49:39 ----A---- C:\WINDOWS\system32\localspl.dll
2014-11-14 20:49:38 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-11-14 20:49:36 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-11-14 20:49:36 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-11-14 20:49:35 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-11-14 20:49:34 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-11-14 20:49:33 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-14 20:49:31 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-11-14 20:49:31 ----A---- C:\WINDOWS\system32\untfs.dll
2014-11-14 20:49:31 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-14 20:49:31 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-11-14 20:49:30 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-11-14 20:49:30 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-11-09 09:12:47 ----D---- C:\Program Files\iPod
2014-11-09 09:12:45 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 09:12:45 ----D---- C:\Program Files\iTunes
2014-11-09 09:12:45 ----D---- C:\Program Files (x86)\iTunes
2014-10-25 08:49:46 ----D---- C:\ProgramData\WinZip
2014-10-25 08:49:40 ----D---- C:\Program Files\WinZip
2014-10-25 08:49:30 ----SHD---- C:\Config.Msi
2014-10-23 17:53:38 ----D---- C:\Users\Helena\AppData\Roaming\Super-Cow
2014-10-23 17:33:27 ----D---- C:\Users\Helena\AppData\Roaming\PhotoScape
2014-10-23 17:33:09 ----D---- C:\Program Files (x86)\PhotoScape
2014-10-23 17:27:28 ----D---- C:\Program Files (x86)\Super Cow

======List of files/folders modified in the last 1 month======

2014-11-20 19:49:58 ----RD---- C:\Program Files
2014-11-20 19:49:52 ----D---- C:\WINDOWS\Prefetch
2014-11-20 19:49:40 ----D---- C:\WINDOWS\Temp
2014-11-20 19:48:30 ----D---- C:\WINDOWS\CbsTemp
2014-11-20 19:47:49 ----D---- C:\Windows
2014-11-20 19:46:31 ----RD---- C:\WINDOWS\System32
2014-11-20 19:46:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-20 19:46:30 ----D---- C:\WINDOWS\Inf
2014-11-20 19:42:04 ----A---- C:\WINDOWS\win.ini
2014-11-20 19:41:13 ----D---- C:\WINDOWS\system32\config
2014-11-20 19:41:09 ----D---- C:\WINDOWS\WinSxS
2014-11-20 19:38:58 ----SD---- C:\WINDOWS\system32\CompatTel
2014-11-20 19:36:32 ----D---- C:\WINDOWS\SysWOW64
2014-11-20 19:36:30 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-20 19:32:37 ----RD---- C:\WINDOWS\ToastData
2014-11-20 19:32:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-20 19:32:35 ----D---- C:\WINDOWS\system32\drivers
2014-11-20 19:32:35 ----D---- C:\WINDOWS\apppatch
2014-11-20 19:32:34 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-20 19:32:30 ----D---- C:\Program Files\Windows Defender
2014-11-20 19:32:29 ----D---- C:\WINDOWS\system32\wbem
2014-11-20 19:32:28 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-11-20 19:32:28 ----D---- C:\WINDOWS\system32\cs-CZ
2014-11-20 19:32:26 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-20 19:32:26 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-20 19:32:25 ----D---- C:\WINDOWS\system32\migration
2014-11-20 19:32:23 ----D---- C:\Program Files\Internet Explorer
2014-11-20 19:32:16 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-20 19:25:20 ----D---- C:\WINDOWS\system32\Tasks
2014-11-20 19:17:19 ----D---- C:\Users\Helena\AppData\Roaming\uTorrent
2014-11-20 19:17:06 ----D---- C:\WINDOWS\debug
2014-11-20 19:15:47 ----RD---- C:\Program Files (x86)
2014-11-20 19:10:26 ----HD---- C:\ProgramData
2014-11-20 19:00:00 ----D---- C:\WINDOWS\system32\sru
2014-11-17 12:07:43 ----RD---- C:\WINDOWS\assembly
2014-11-15 12:04:21 ----D---- C:\WINDOWS\AppReadiness
2014-11-15 12:04:20 ----HD---- C:\Program Files\WindowsApps
2014-11-14 20:58:12 ----D---- C:\WINDOWS\system32\MRT
2014-11-14 20:55:53 ----A---- C:\WINDOWS\system32\MRT.exe
2014-11-14 20:53:30 ----SHD---- C:\System Volume Information
2014-11-14 20:48:50 ----D---- C:\WINDOWS\system32\catroot2
2014-11-09 09:14:13 ----SHD---- C:\WINDOWS\Installer
2014-11-09 09:12:46 ----D---- C:\Program Files\Common Files\Apple
2014-11-09 09:12:39 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-30 12:25:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2014-10-30 01:55:02 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem27.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-06-09 36096]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-10-30 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-10-30 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-10-30 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-06-09 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-06-09 626688]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 AtiHDAudioService;@oem19.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-08-21 91648]
R3 BTATH_BUS;@oem25.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-09-14 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 CnxtHdAudService;@oem24.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2012-06-27 1608864]
R3 ETD;@oem23.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-09-05 319888]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem22.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2012-11-16 26736]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 APXACC;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2012-06-23 199008]
S2 SPDRIVER_1.37.0.202;SPDRIVER_1.37.0.202; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.sys []
S3 AthBTPort;@oem6.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-09-14 88728]
S3 BTATH_A2DP;@oem5.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-09-14 344216]
S3 btath_avdt;@oem5.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-09-14 114840]
S3 BTATH_HCRP;@oem8.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-09-14 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-09-14 76952]
S3 BTATH_RCP;@oem11.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-09-14 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 dg_ssudbus;@oem16.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2014-11-20 22704]
S3 QRDCIO;Quanta Generic IO Access; C:\WINDOWS\System32\drivers\QRDCIO.sys [2009-10-20 9728]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-03-18 167424]
S3 ssudmdm;@oem17.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 USBAAPL64;@oem1.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2014-07-28 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-06-09 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-14 216192]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2012-06-08 201376]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-21 348784]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-20 714208]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-16 93296]
R2 Update Box Rock;Update Box Rock; C:\Program Files (x86)\Box Rock\updateBoxRock.exe [2014-11-20 423144]
R2 Util Box Rock;Util Box Rock; C:\Program Files (x86)\Box Rock\bin\utilBoxRock.exe [2014-11-20 423144]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-11-20 490640]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-09-05 658576]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 4d349a54;GS_Sustainer; C:\WINDOWS\syswow64\rundll32.exe [2013-08-22 49664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-09-21 469648]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-16 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-27 114288]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 20 lis 2014 19:55

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Nela_M · #3 Příspěvek od **Nela_M** » 20 lis 2014 20:08

Díky moc

# AdwCleaner v4.101 - Report created 20/11/2014 at 20:02:12
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : DOMA - DOMA
# Running from : C:\Users\Helena\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
[#] Service Deleted : 4d349a54
[#] Service Deleted : Update Box Rock
[#] Service Deleted : Util Box Rock
Service Deleted : {615d5210-230f-43a8-ac9f-a2b30581c6d7}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\GoSSAve
Folder Deleted : C:\ProgramData\YoutubeAdBloCke
Folder Deleted : C:\ProgramData\1755336f50c98aee
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\YourFileDownloaderUpdater
Folder Deleted : C:\Program Files (x86)\GS_Booster
Folder Deleted : C:\Program Files (x86)\LuckyTab
Folder Deleted : C:\Program Files (x86)\GoSSAve
Folder Deleted : C:\Program Files (x86)\YoutubeAdBloCke
[!] Folder Deleted : C:\Program Files (x86)\Box Rock
Folder Deleted : C:\Users\Helena\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Helena\AppData\Roaming\337Games
Folder Deleted : C:\Users\Helena\AppData\Roaming\webssearches
Folder Deleted : C:\Users\Helena\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
Folder Deleted : C:\Users\Helena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
Folder Deleted : C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default\Extensions\iL@6bA.net
Folder Deleted : C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default\Extensions\SFPd@aXUPJ.org
Folder Deleted : C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default\Extensions\tnp7I@u.net
File Deleted : C:\WINDOWS\System32\\drivers\{615d5210-230f-43a8-ac9f-a2b30581c6d7}Gw64.sys
File Deleted : C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Update Service YourFileDownloader
Task Deleted : LuckyTab

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Helena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Helena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Helena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Helena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Box Rock
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Box Rock
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{464deeb8-b74f-4117-b8ec-e42f4028f3d1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{137fd54f-6407-494f-a222-05db66ec8248}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{464deeb8-b74f-4117-b8ec-e42f4028f3d1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{464deeb8-b74f-4117-b8ec-e42f4028f3d1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{464deeb8-b74f-4117-b8ec-e42f4028f3d1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db4b88cd-8277-4e35-9f9b-202b4d9e854f}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3d953e2-e8f0-4cca-9f02-5747e84e4b75}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6bdcc55-1477-4a1d-9890-e91af636f9f0}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\Box Rock
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\GS_Booster
Key Deleted : HKLM\SOFTWARE\LuckyTab
Key Deleted : HKLM\SOFTWARE\Box Rock
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Box Rock
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istart.webssearches.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.webssearches.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v32.0.3 (x86 cs)

[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1416506976&from=exp&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC903821");
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.5fikJMXQGuFygCWH.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[pof59rso.default\prefs.js] - Line Deleted : user_pref("extensions.x5z7oJxUbBp6VQBZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]

*************************

AdwCleaner[R0].txt - [227787 octets] - [22/09/2014 09:56:31]
AdwCleaner[R1].txt - [23216 octets] - [22/09/2014 18:31:44]
AdwCleaner[R2].txt - [39586 octets] - [20/11/2014 19:59:09]
AdwCleaner[S0].txt - [15795 octets] - [22/09/2014 09:58:42]
AdwCleaner[S1].txt - [8943 octets] - [22/09/2014 18:33:55]
AdwCleaner[S2].txt - [31171 octets] - [20/11/2014 20:02:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [31232 octets] ##########

#4 Příspěvek od **Rudy** » 20 lis 2014 21:11

Dejte nový log RSIT.

Nela_M · #5 Příspěvek od **Nela_M** » 23 lis 2014 08:52

Omlouvám se, nebyla jsem na ntb, ale vypadá, že je v pohodě

Děkuju!!!

Logfile of random's system information tool 1.10 (written by random/random)
Run by DOMA at 2014-11-23 08:50:42
Microsoft Windows 8.1
System drive C: has 636 GB (68%) free of 936 GB
Total RAM: 5578 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:50:46, on 23. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\trend micro\DOMA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Helena\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Helena\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 7939 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {d3772fb0-885c-44dd-81f5932fe06edcaf}

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
taskhost.exe $(Arg0)

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2708 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 570129AE-666A-09B6-B77F-6FD902A15C24 -Reinvoke
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding

"C:\Users\Helena\AppData\Local\Microsoft\Windows\INetCache\IE\013S9VH7\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GS_Booster-S-576482620.job - c:\programdata\trusted publisher\gs_booster\GS_Booster.exe /schedule /profile "c:\programdata\trusted publisher\gs_booster\576482620.ini"

=========Mozilla firefox=========

ProfilePath - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\pof59rso.default\extensions\
staged
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-09-14 64640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Helena\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Helena\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-18 642216]
"LManager"= []
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-07-26 508656]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-09-12 366720]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-22 16:35:39 ----D---- C:\WINDOWS\Downloaded Installations
2014-11-22 16:34:46 ----D---- C:\Program Files (x86)\Turtle Games
2014-11-22 16:29:42 ----D---- C:\Users\Helena\AppData\Roaming\Opera Software
2014-11-22 16:27:42 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2014-11-22 16:27:35 ----D---- C:\Users\Helena\AppData\Roaming\DAEMON Tools Lite
2014-11-22 16:27:31 ----D---- C:\Users\Helena\AppData\Roaming\RHEng
2014-11-22 16:27:27 ----D---- C:\Users\Helena\AppData\Roaming\OpenCandy
2014-11-22 16:27:27 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-11-22 16:26:55 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-11-20 19:49:58 ----D---- C:\rsit
2014-11-20 19:49:58 ----D---- C:\Program Files\trend micro
2014-11-20 19:28:27 ----D---- C:\sh4ldr
2014-11-20 19:27:35 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2014-11-20 19:27:27 ----D---- C:\Program Files\Enigma Software Group
2014-11-20 19:10:20 ----D---- C:\Program Files (x86)\Box Rock
2014-11-20 19:09:15 ----D---- C:\Users\Helena\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
2014-11-20 19:02:45 ----D---- C:\Users\Helena\AppData\Roaming\SurfAnonymousFree
2014-11-20 19:02:45 ----D---- C:\ProgramData\SurfAnonymousFree
2014-11-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2014-11-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-11-18 19:27:58 ----A---- C:\WINDOWS\system32\pku2u.dll
2014-11-18 19:27:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-11-14 20:53:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-14 20:53:16 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-14 20:53:15 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-14 20:53:15 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-14 20:53:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-14 20:53:11 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-14 20:53:10 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-14 20:53:03 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-14 20:53:03 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-14 20:53:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-14 20:53:02 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-14 20:53:01 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-14 20:53:01 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-14 20:53:00 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-14 20:53:00 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-14 20:53:00 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-14 20:53:00 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-14 20:52:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-14 20:52:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-14 20:52:55 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-14 20:52:55 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-14 20:52:55 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-14 20:52:43 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-14 20:52:42 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-14 20:52:41 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-14 20:52:41 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-14 20:52:40 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-14 20:52:39 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-14 20:52:39 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-14 20:52:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-11-14 20:52:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-11-14 20:51:11 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-11-14 20:51:01 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-11-14 20:50:53 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-11-14 20:50:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-11-14 20:50:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-11-14 20:50:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-11-14 20:50:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-11-14 20:50:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-11-14 20:50:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-14 20:50:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-11-14 20:50:43 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-14 20:50:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-11-14 20:50:42 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\system32\jscript.dll
2014-11-14 20:50:41 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-14 20:50:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-11-14 20:50:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-11-14 20:50:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-11-14 20:50:37 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-14 20:50:36 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-14 20:50:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-11-14 20:50:35 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-11-14 20:50:35 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-11-14 20:50:35 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-11-14 20:50:33 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-14 20:50:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-11-14 20:50:32 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-14 20:50:32 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-14 20:50:32 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-11-14 20:50:32 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-11-14 20:50:31 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-14 20:50:30 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-14 20:50:29 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-14 20:50:29 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-14 20:50:28 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\url.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-14 20:50:27 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-14 20:50:26 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-14 20:50:26 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\devinv.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-11-14 20:49:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-11-14 20:49:55 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-14 20:49:55 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-14 20:49:55 ----A---- C:\WINDOWS\system32\aepic.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-14 20:49:53 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-14 20:49:52 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-14 20:49:51 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-14 20:49:50 ----A---- C:\WINDOWS\system32\win32k.sys
2014-11-14 20:49:49 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-14 20:49:49 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-14 20:49:47 ----A---- C:\WINDOWS\system32\shell32.dll
2014-11-14 20:49:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-11-14 20:49:44 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-11-14 20:49:41 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-14 20:49:40 ----A---- C:\WINDOWS\system32\twinui.dll
2014-11-14 20:49:40 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-11-14 20:49:39 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-14 20:49:39 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-14 20:49:39 ----A---- C:\WINDOWS\system32\localspl.dll
2014-11-14 20:49:38 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-11-14 20:49:36 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-11-14 20:49:36 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-11-14 20:49:35 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-11-14 20:49:34 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-11-14 20:49:33 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-11-14 20:49:32 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-14 20:49:31 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-11-14 20:49:31 ----A---- C:\WINDOWS\system32\untfs.dll
2014-11-14 20:49:31 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-14 20:49:31 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-11-14 20:49:30 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-11-14 20:49:30 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-11-09 09:12:47 ----D---- C:\Program Files\iPod
2014-11-09 09:12:45 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 09:12:45 ----D---- C:\Program Files\iTunes
2014-11-09 09:12:45 ----D---- C:\Program Files (x86)\iTunes
2014-10-25 08:49:46 ----D---- C:\ProgramData\WinZip
2014-10-25 08:49:40 ----D---- C:\Program Files\WinZip

======List of files/folders modified in the last 1 month======

2014-11-23 08:45:32 ----RD---- C:\WINDOWS\System32
2014-11-23 08:45:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-23 08:45:31 ----D---- C:\WINDOWS\Inf
2014-11-23 08:44:40 ----D---- C:\WINDOWS\Temp
2014-11-23 08:44:39 ----D---- C:\WINDOWS\Prefetch
2014-11-23 08:42:20 ----D---- C:\WINDOWS\system32\sru
2014-11-22 17:06:01 ----D---- C:\Users\Helena\AppData\Roaming\uTorrent
2014-11-22 16:36:59 ----SHD---- C:\WINDOWS\Installer
2014-11-22 16:36:55 ----D---- C:\WINDOWS\SysWOW64
2014-11-22 16:36:39 ----SHD---- C:\System Volume Information
2014-11-22 16:35:39 ----D---- C:\Windows
2014-11-22 16:34:46 ----RD---- C:\Program Files (x86)
2014-11-22 16:34:25 ----D---- C:\WINDOWS\system32\config
2014-11-22 16:29:41 ----D---- C:\WINDOWS\system32\Tasks
2014-11-22 16:27:52 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-22 16:27:52 ----D---- C:\WINDOWS\system32\drivers
2014-11-22 16:27:52 ----D---- C:\WINDOWS\system32\catroot
2014-11-22 16:26:55 ----HD---- C:\ProgramData
2014-11-22 16:06:07 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-22 15:54:57 ----D---- C:\WINDOWS\WinSxS
2014-11-21 21:13:53 ----D---- C:\WINDOWS\AppReadiness
2014-11-21 16:27:35 ----HD---- C:\Program Files\WindowsApps
2014-11-20 20:36:45 ----D---- C:\WINDOWS\CbsTemp
2014-11-20 20:33:11 ----D---- C:\WINDOWS\debug
2014-11-20 20:13:10 ----D---- C:\WINDOWS\LiveKernelReports
2014-11-20 20:03:05 ----D---- C:\AdwCleaner
2014-11-20 20:02:21 ----A---- C:\WINDOWS\win.ini
2014-11-20 19:49:58 ----RD---- C:\Program Files
2014-11-20 19:38:58 ----SD---- C:\WINDOWS\system32\CompatTel
2014-11-20 19:32:37 ----RD---- C:\WINDOWS\ToastData
2014-11-20 19:32:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-20 19:32:35 ----D---- C:\WINDOWS\apppatch
2014-11-20 19:32:34 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-20 19:32:30 ----D---- C:\Program Files\Windows Defender
2014-11-20 19:32:29 ----D---- C:\WINDOWS\system32\wbem
2014-11-20 19:32:28 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-11-20 19:32:28 ----D---- C:\WINDOWS\system32\cs-CZ
2014-11-20 19:32:26 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-20 19:32:26 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-20 19:32:25 ----D---- C:\WINDOWS\system32\migration
2014-11-20 19:32:23 ----D---- C:\Program Files\Internet Explorer
2014-11-17 12:07:43 ----RD---- C:\WINDOWS\assembly
2014-11-14 20:58:12 ----D---- C:\WINDOWS\system32\MRT
2014-11-14 20:55:53 ----A---- C:\WINDOWS\system32\MRT.exe
2014-11-14 20:48:50 ----D---- C:\WINDOWS\system32\catroot2
2014-11-09 09:12:46 ----D---- C:\Program Files\Common Files\Apple
2014-11-09 09:12:39 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-30 12:25:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2014-10-30 01:55:02 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem27.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-06-09 36096]
R1 dtsoftbus01;@oem30.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-11-22 283064]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-10-30 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-10-30 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-10-30 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-06-09 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-06-09 626688]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 AtiHDAudioService;@oem19.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-08-21 91648]
R3 BTATH_BUS;@oem25.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-09-14 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 CnxtHdAudService;@oem24.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2012-06-27 1608864]
R3 ETD;@oem23.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-09-05 319888]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem22.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2012-11-16 26736]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 APXACC;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2012-06-23 199008]
S2 SPDRIVER_1.37.0.202;SPDRIVER_1.37.0.202; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.202\jsdrv.sys []
S3 AthBTPort;@oem6.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-09-14 88728]
S3 BTATH_A2DP;@oem5.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-09-14 344216]
S3 btath_avdt;@oem5.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-09-14 114840]
S3 BTATH_HCRP;@oem8.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-09-14 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-09-14 76952]
S3 BTATH_RCP;@oem11.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-09-14 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 dg_ssudbus;@oem16.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2014-11-20 22704]
S3 QRDCIO;Quanta Generic IO Access; C:\WINDOWS\System32\drivers\QRDCIO.sys [2009-10-20 9728]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-03-18 167424]
S3 ssudmdm;@oem17.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 USBAAPL64;@oem1.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-06-09 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-14 216192]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2012-06-08 201376]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-21 348784]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-16 93296]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-09-05 658576]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-09-21 469648]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-16 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-27 114288]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 23 lis 2014 11:36

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

:services
McComponentHostService

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

VIRY.CZ

Zasekaný notebook

Zasekaný notebook

Re: Zasekaný notebook

Re: Zasekaný notebook

Re: Zasekaný notebook

Re: Zasekaný notebook

Re: Zasekaný notebook