Kontrola

Zpráva

Mia93 · #1 Příspěvek od **Mia93** » 10 bře 2015 18:53

Prosím o kontrolu notebooku.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-03-2015
Ran by Michaela (administrator) on MICHAELA-PC on 10-03-2015 18:41:08
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available profiles: Michaela)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Oceanis) C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
() C:\Windows\System32\AsusService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(ASUS) C:\Program Files\EeePC\CapsHook\CapsHook.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
() C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1242544 2010-06-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [412600 2010-06-09] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [751592 2010-01-29] ()
HKLM\...\Run: [CapsHook] => C:\Program Files\EeePC\CapsHook\CapsHook.exe [445344 2010-05-29] (ASUS)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9177632 2010-04-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2010-04-13] (Synaptics Incorporated)
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-06-28] (ASUSTek Computer Inc.)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2010-04-13] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3710416 2015-02-19] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-514566112-454109390-4073295194-1000\...\MountPoints2: {92a78911-1b67-11e1-9303-bcaec50ab669} - E:\AutoRun.exe
HKU\S-1-5-21-514566112-454109390-4073295194-1000\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION
HKU\S-1-5-21-514566112-454109390-4073295194-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [221184 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {CC5FC992-B0AA-47CD-9DC2-83445083CBB8} => C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {618A47A2-528B-4D9A-AFC8-97D3233511E2} => C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-514566112-454109390-4073295194-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKU\S-1-5-21-514566112-454109390-4073295194-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-514566112-454109390-4073295194-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
URLSearchHook: HKU\S-1-5-21-514566112-454109390-4073295194-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\S-1-5-21-514566112-454109390-4073295194-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-514566112-454109390-4073295194-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 193.84.32.93 193.84.47.225
Tcpip\..\Interfaces\{ABA66127-AA2B-416C-8B5A-30A540C85A6E}: [NameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\9s4nqf6l.default-1365777304040
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\9s4nqf6l.default-1365777304040\user.js [2014-08-27]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\9s4nqf6l.default-1365777304040\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-19] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-19] (AVG Technologies CZ, s.r.o.)
S2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2009-05-15] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2009-05-15] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11520 2010-03-31] ()
R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [217568 2015-02-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [107488 2015-01-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [210400 2015-01-16] (AVG Technologies CZ, s.r.o.)
S3 Huawei; C:\windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2010-04-13] ( )
R3 mcdbus; C:\windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\DRIVERS\btwrchid.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-01 12:31 - 2010-11-20 13:40 - 00383786 __RSH () C:\bootmgr
2015-03-10 18:41 - 2015-03-10 18:45 - 00013604 _____ () C:\Users\Michaela\Desktop\FRST.txt
2015-03-10 18:39 - 2015-03-10 18:41 - 00000000 ____D () C:\FRST
2015-03-10 18:37 - 2015-03-10 18:37 - 01134592 _____ (Farbar) C:\Users\Michaela\Desktop\FRST.exe
2015-03-09 09:34 - 2015-03-09 11:47 - 1191069696 _____ () C:\Users\Michaela\Downloads\Divergence-(2014)-CZ-dabing.avi
2015-03-08 20:23 - 2015-03-09 10:01 - 1291609604 _____ () C:\Users\Michaela\Downloads\HUNGER-GAMES-SÍLA-VZDORU-1.-část-2014-BDRip-DD5.1-CZ-titulky.avi
2015-03-05 21:41 - 2015-03-05 21:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-01 09:03 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-27 14:24 - 2015-02-27 14:24 - 00000000 ____D () C:\ProgramData\Avg_Update_0215av
2015-02-22 16:09 - 2015-02-22 16:09 - 00000000 ____D () C:\ProgramData\Motorola
2015-02-22 16:04 - 2015-02-22 16:06 - 00000000 ____D () C:\Program Files\Motorola Mobility
2015-02-22 16:04 - 2015-02-22 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2015-02-22 16:04 - 2015-02-22 16:04 - 00000000 ____D () C:\Program Files\Motorola
2015-02-22 16:04 - 2015-02-22 16:04 - 00000000 ____D () C:\Program Files\Common Files\MSSoap
2015-02-22 16:02 - 2015-02-22 16:02 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2015-02-22 15:58 - 2015-02-22 15:58 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Motorola
2015-02-19 21:28 - 2015-02-19 21:28 - 00217568 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdriverx.sys
2015-02-13 12:30 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-13 12:30 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-13 12:30 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-13 12:30 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-13 12:30 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-13 12:30 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-13 12:30 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-13 12:30 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-13 12:30 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-02-13 12:30 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-02-13 12:30 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-02-13 12:30 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-13 12:30 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-13 12:29 - 2015-01-13 06:02 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-13 12:29 - 2015-01-13 06:01 - 01762816 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-13 12:29 - 2015-01-13 06:01 - 01181696 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-13 12:29 - 2015-01-13 06:01 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 14373376 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 13761024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 02861568 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 02055168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-13 12:29 - 2015-01-13 06:00 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-13 12:29 - 2015-01-13 06:00 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-13 12:29 - 2015-01-13 05:10 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-13 12:29 - 2015-01-13 04:43 - 00361984 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-02-13 12:29 - 2015-01-13 04:19 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2015-02-13 12:28 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-02-13 12:28 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-13 12:25 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-13 12:25 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-13 12:25 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-13 12:25 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-13 12:25 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-13 12:25 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-13 12:25 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-13 12:25 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-13 12:25 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-13 12:25 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-13 12:25 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-13 12:25 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-13 12:21 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-13 12:21 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-13 12:21 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-13 12:15 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-13 12:14 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-01 12:31 - 2009-07-14 05:57 - 00029696 ___SH () C:\windows\system32\config\BCD-Template.LOG
2030-01-01 12:31 - 2009-07-14 05:52 - 00032768 _____ () C:\windows\system32\config\BCD-Template
2015-03-10 18:42 - 2009-07-14 05:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-10 18:42 - 2009-07-14 05:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-10 18:30 - 2013-04-01 10:43 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Google
2015-03-10 18:27 - 2014-02-20 20:32 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-10 18:00 - 2014-11-25 20:16 - 01142242 ____N () C:\windows\WindowsUpdate.log
2015-03-10 13:11 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-10 12:48 - 2009-07-25 08:50 - 01584626 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-10 12:12 - 2011-05-01 19:16 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-09 12:18 - 2014-04-06 08:31 - 00000000 ____D () C:\ProgramData\AlawarWrapper
2015-03-07 11:15 - 2012-05-04 14:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-06 21:53 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\NDF
2015-03-01 09:15 - 2009-07-14 05:33 - 00406912 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-01 08:50 - 2014-04-06 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-02-28 10:30 - 2011-05-02 15:53 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Skype
2015-02-24 15:05 - 2014-12-28 20:31 - 00000000 ____D () C:\Users\Michaela\Documents\Google Talk Received Files
2015-02-23 12:45 - 2013-11-01 22:04 - 00000000 ____D () C:\Users\Michaela\.FBReader
2015-02-22 16:01 - 2010-06-28 18:09 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-19 16:42 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2015-02-13 14:02 - 2014-12-11 22:24 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-13 14:02 - 2014-05-02 11:27 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-13 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\tracing
2015-02-13 14:01 - 2013-08-25 10:07 - 00000000 ____D () C:\windows\system32\MRT
2015-02-13 13:10 - 2011-05-08 19:55 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-13 13:01 - 2011-05-01 19:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-10 17:52 - 2012-11-08 17:34 - 00000000 ____D () C:\GRAND22

==================== Files in the root of some directories =======

2014-05-22 07:28 - 2014-06-30 11:23 - 0506453 _____ () C:\Users\Michaela\AppData\Roaming\log.sflog
2011-07-22 13:41 - 2014-11-28 14:48 - 0005120 _____ () C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-04 16:41 - 2011-05-04 16:41 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-06-28 18:18 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-07 11:52

==================== End Of Log ============================

#2 Příspěvek od **Márty84** » 11 bře 2015 10:22

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Mia93 · #3 Příspěvek od **Mia93** » 11 bře 2015 20:33

AdwCleaner

# AdwCleaner v4.112 - Logfile created 11/03/2015 at 20:09:51
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : Michaela - MICHAELA-PC
# Running from : C:\Users\Michaela\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Michaela\AppData\Local\genienext
Folder Deleted : C:\Users\Michaela\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Michaela\AppData\Roaming\newnext.me
File Deleted : C:\Users\Michaela\daemonprocess.txt
File Deleted : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\9s4nqf6l.default-1365777304040\user.js

***** [ Scheduled tasks ] *****

Task Deleted : Torntv 2-codedownloader
Task Deleted : Torntv 2-enabler
Task Deleted : Torntv 2-updater

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.17229

-\\ Mozilla Firefox v36.0.1 (x86 cs)

*************************

AdwCleaner[R1].txt - [1699 bytes] - [11/03/2015 19:53:07]
AdwCleaner[S1].txt - [1654 bytes] - [11/03/2015 20:09:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1713 bytes] ##########

#4 Příspěvek od **Márty84** » 12 bře 2015 07:32

Fajn, tak jeste MBAM a podle vysledku se zaridime dale

Mia93 · #5 Příspěvek od **Mia93** » 12 bře 2015 13:41

Dala bych to dříve, ale večer jsem to měla puštěné hodinu a nedokončilo se to a dnes to jelo ještě 5 hodin

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.3.2015
Čas skenování: 21:04:02
Protokol: malwarebytes.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.11.05
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Michaela

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 519392
Uplynulý čas: 16 hod, 31 min, 38 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 3
PUP.Optional.TornTV.A, HKLM\SOFTWARE\Torntv 2, , [132e4202c1c9a78f92dd487e52b15fa1],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv 2, , [3908b391cbbf90a67bf6517544bfde22],
PUP.Optional.TornTV.A, HKU\S-1-5-21-514566112-454109390-4073295194-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv 2, , [66dbcb797c0ee5515d14a12509fa59a7],

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 14
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Constrain 350, Make JPG 30.exe, , [77ca7dc777132511f20b874c4bb611ef],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Constrain to 200x200 pixels.exe, , [93ae0f35becc3006a657ad26e81944bc],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Constrain to 64X64 pixels.exe, , [9ca588bc0d7d82b451ac6271c53c32ce],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Make Button.exe, , [4bf646fe83079c9a41bc5281ad546b95],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Make GIF (128 colors).exe, , [1928fb497317f343b8457f54a35ee41c],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Make GIF (32, no dither).exe, , [c77ab78d4d3d8aac20dd4291b54c06fa],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Make GIF (64 colors).exe, , [67da23214248171f5e9fe9eafe03639d],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Make JPEG (quality 10).exe, , [f64b5aea305a57dfb24b0ec5f01147b9],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Make JPEG (quality 30).exe, , [2f12162e4d3dc5719f5e3e9515eccd33],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Make JPEG (quality 60).exe, , [0041b68e503a59dded100bc85ba6837d],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Multi-Size Save.exe, , [8fb23e064f3be0562bd2557efa076b95],
Spyware.Zbot.VXGen, C:\Program Files\Adobe\Photoshop 6.0.1 CE\Samples\Droplets\ImageReady Droplets\Unsharp Mask.exe, , [6dd4ef55ddad81b5cb325e757a87718f],
PUP.Optional.OpenCandy, C:\Program Files\ICQ7.5\upgrade\2dcd1d63cb45e6613582211c3d5f4b23, , [51f0bb89325805319ed240cb2cda857b],
PUP.Optional.OpenCandy, C:\Program Files\ICQ7.5\upgrade\53e83dd5315bfb1f928441c9b4618b68, , [6fd256eef5952e08551bc3487492ab55],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#6 Příspěvek od **Márty84** » 12 bře 2015 17:51

Nalezy hodte do karanteny. Po dalsim restartu pc test s MBAM zopakujte (staci Sken hrozeb - je rychlejsi) a napiste vysledek. Podle nej zvolim dalsi postup

Mia93 · #7 Příspěvek od **Mia93** » 12 bře 2015 21:19

Mám menší problém. Přejížděla, takže jsem notebook vypla a nyní se již netuším jak dostat k výsledkům skenu v tom programu. Nevím zda to vůbec jde nebo musím znovu spustit sken, aby mi tam naskočili.

#8 Příspěvek od **Márty84** » 13 bře 2015 10:39

Pokud jste to vypla, musite bohuzel udelat novy sken. Vysledky sice najit muzete, ale uz s nimi nejde pracovat.

Mia93 · #9 Příspěvek od **Mia93** » 13 bře 2015 21:52

Sken hrozep píše: 0 identifikovaných objektů

#10 Příspěvek od **Márty84** » 14 bře 2015 09:12

Vyborne, MBAM muzete odinstalovat.

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=30&t=130787

Mia93 · #11 Příspěvek od **Mia93** » 14 bře 2015 10:09

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michaela at 2015-03-14 09:56:38
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 57 GB (56%) free of 102 GB
Total RAM: 1014 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:57:39, on 14.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.17229)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
C:\windows\Explorer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\ctfmon.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Michaela\Desktop\RSIT.exe
C:\Program Files\trend micro\Michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [ASUS WebStorage] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABA66127-AA2B-416C-8B5A-30A540C85A6E}: NameServer = 8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8370 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\9s4nqf6l.default-1365777304040

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\9s4nqf6l.default-1365777304040\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"ASUS WebStorage"=C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-27 9177632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-13 1594664]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2010-06-28 2018032]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2010-04-13 83240]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-10-25 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-10-25 173592]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-10-25 150552]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2015-02-19 3710416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michaela^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michaela^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\SYSTEM32\igfxdev.dll [2010-10-25 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2030-01-01 12:31:53 ----SHD---- C:\Boot
2015-03-14 09:56:38 ----D---- C:\rsit
2015-03-11 21:01:41 ----D---- C:\ProgramData\Malwarebytes
2015-03-11 19:52:55 ----D---- C:\AdwCleaner
2015-03-10 18:39:57 ----D---- C:\FRST
2015-03-05 21:41:37 ----D---- C:\Program Files\Mozilla Firefox
2015-02-27 14:24:28 ----D---- C:\ProgramData\Avg_Update_0215av
2015-02-22 16:09:01 ----D---- C:\ProgramData\Motorola
2015-02-22 16:04:54 ----D---- C:\Program Files\Motorola Mobility
2015-02-22 16:04:54 ----D---- C:\Program Files\Motorola
2015-02-22 16:04:54 ----D---- C:\Program Files\Common Files\MSSoap
2015-02-22 16:02:02 ----D---- C:\Program Files\Common Files\Motorola Shared
2015-02-22 15:58:58 ----D---- C:\Users\Michaela\AppData\Roaming\Motorola
2015-02-19 21:28:38 ----A---- C:\windows\system32\drivers\avgidsdriverx.sys

======List of files/folders modified in the last 1 month======

2015-03-14 09:57:39 ----D---- C:\Program Files\trend micro
2015-03-14 09:56:58 ----D---- C:\windows\Prefetch
2015-03-14 09:53:58 ----RD---- C:\Program Files
2015-03-14 09:53:57 ----D---- C:\windows\system32\drivers
2015-03-14 09:50:01 ----D---- C:\windows\Temp
2015-03-14 09:31:00 ----D---- C:\ProgramData\MFAData
2015-03-13 21:16:58 ----D---- C:\windows\system32\config
2015-03-13 20:44:42 ----D---- C:\Windows
2015-03-13 20:44:05 ----D---- C:\windows\Speech
2015-03-13 13:39:55 ----D---- C:\windows\system32\NDF
2015-03-13 10:15:40 ----D---- C:\windows\System32
2015-03-13 10:15:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-13 10:15:39 ----D---- C:\windows\inf
2015-03-11 21:01:41 ----HD---- C:\ProgramData
2015-03-11 20:10:20 ----D---- C:\windows\system32\Tasks
2015-03-11 19:31:20 ----SHD---- C:\windows\Installer
2015-03-11 19:30:59 ----SHD---- C:\Config.Msi
2015-03-10 18:30:13 ----D---- C:\Users\Michaela\AppData\Roaming\Google
2015-03-09 12:18:24 ----D---- C:\ProgramData\AlawarWrapper
2015-03-07 11:15:05 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-03 13:57:17 ----D---- C:\windows\system32\catroot2
2015-03-01 09:16:41 ----D---- C:\windows\winsxs
2015-03-01 09:03:35 ----SHD---- C:\System Volume Information
2015-02-28 10:30:44 ----D---- C:\Users\Michaela\AppData\Roaming\Skype
2015-02-27 14:24:40 ----D---- C:\windows\Tasks
2015-02-22 16:04:54 ----D---- C:\Program Files\Common Files
2015-02-22 16:04:34 ----D---- C:\windows\system32\DriverStore
2015-02-22 16:01:14 ----HD---- C:\Program Files\InstallShield Installation Information
2015-02-19 16:42:22 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\windows\system32\DRIVERS\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver; C:\windows\system32\DRIVERS\avglogx.sys [2015-02-03 265184]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx86.sys [2015-01-23 107488]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 Avgdiskx;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdriverx.sys [2015-02-19 217568]
R1 AVGIDSShim;AVGIDSShim; C:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdix.sys [2015-01-16 210400]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-04-27 3084256]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2010-04-13 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-13 51712]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-04-13 230448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-13 43944]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2015-02-19 3411408]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2015-02-19 308720]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 PST Service;PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-05 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#12 Příspěvek od **Márty84** » 14 bře 2015 11:08

Napiste mi velikost adresare plochy (C:\Users\Michaela\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-514566112-454109390-4073295194-1000\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION

URLSearchHook: HKU\S-1-5-21-514566112-454109390-4073295194-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\S-1-5-21-514566112-454109390-4073295194-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-514566112-454109390-4073295194-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22] (Microsoft Corporation)
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22] (Microsoft Corporation)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {0B5F84EB-5F2F-40BD-80FC-FA34F55FE400} - System32\Tasks\Torntv 2-updater => C:\Program Files\Torntv 2\Torntv 2-updater.exe <==== ATTENTION
Task: {7C4B8759-6442-4F3E-AFAC-484504FF4ABF} - System32\Tasks\Torntv 2-enabler => C:\Program Files\Torntv 2\Torntv 2-enabler.exe <==== ATTENTION
Task: {8C08993A-7D7D-41B7-B849-BF2133425057} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {95972F19-8A83-4A3C-9E2B-6FF98C3309FB} - System32\Tasks\{D30AE240-C48C-4668-84A9-AAB8CFA1AE37} => pcalua.exe -a "C:\Program Files\AVG\AVG10\avgmfapx.exe" -d C:\windows\system32 -c /AppMode=DOWNLOADMANAGER /VersionUpgrade /OldLicenseKey=4U7HG-YLUVU-ES2EG-QF7XC-VLC9W-Q
Task: {AC04A715-C358-45C0-A183-ECC8A42C85AC} - System32\Tasks\Torntv 2-codedownloader => C:\Program Files\Torntv 2\Torntv 2-codedownloader.exe <==== ATTENTION

AlternateDataStreams: C:\ProgramData\TEMP:3D36932D
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Mia93 · #13 Příspěvek od **Mia93** » 14 bře 2015 11:11

Velikost mi to hlásí 4,70 MB

#14 Příspěvek od **Márty84** » 14 bře 2015 11:15

Mia93 píše:Velikost mi to hlásí 4,70 MB

Mia93 · #15 Příspěvek od **Mia93** » 14 bře 2015 11:26

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-03-2015
Ran by Michaela at 2015-03-14 11:14:35 Run:1
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available profiles: Michaela)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-514566112-454109390-4073295194-1000\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION

URLSearchHook: HKU\S-1-5-21-514566112-454109390-4073295194-1000 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\S-1-5-21-514566112-454109390-4073295194-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-514566112-454109390-4073295194-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22] (Microsoft Corporation)
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22] (Microsoft Corporation)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {0B5F84EB-5F2F-40BD-80FC-FA34F55FE400} - System32\Tasks\Torntv 2-updater => C:\Program Files\Torntv 2\Torntv 2-updater.exe <==== ATTENTION
Task: {7C4B8759-6442-4F3E-AFAC-484504FF4ABF} - System32\Tasks\Torntv 2-enabler => C:\Program Files\Torntv 2\Torntv 2-enabler.exe <==== ATTENTION
Task: {8C08993A-7D7D-41B7-B849-BF2133425057} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {95972F19-8A83-4A3C-9E2B-6FF98C3309FB} - System32\Tasks\{D30AE240-C48C-4668-84A9-AAB8CFA1AE37} => pcalua.exe -a "C:\Program Files\AVG\AVG10\avgmfapx.exe" -d C:\windows\system32 -c /AppMode=DOWNLOADMANAGER /VersionUpgrade /OldLicenseKey=4U7HG-YLUVU-ES2EG-QF7XC-VLC9W-Q
Task: {AC04A715-C358-45C0-A183-ECC8A42C85AC} - System32\Tasks\Torntv 2-codedownloader => C:\Program Files\Torntv 2\Torntv 2-codedownloader.exe <==== ATTENTION

AlternateDataStreams: C:\ProgramData\TEMP:3D36932D
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value deleted successfully.
HKU\S-1-5-21-514566112-454109390-4073295194-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-21-514566112-454109390-4073295194-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKU\S-1-5-21-514566112-454109390-4073295194-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-514566112-454109390-4073295194-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key not found.
HKCR\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
"HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B5F84EB-5F2F-40BD-80FC-FA34F55FE400} => Key not found.
C:\Windows\System32\Tasks\Torntv 2-updater not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv 2-updater => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C4B8759-6442-4F3E-AFAC-484504FF4ABF} => Key not found.
C:\Windows\System32\Tasks\Torntv 2-enabler not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv 2-enabler => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C08993A-7D7D-41B7-B849-BF2133425057}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C08993A-7D7D-41B7-B849-BF2133425057}" => Key deleted successfully.
C:\Windows\System32\Tasks\ROC_REG_JAN_DELETE => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROC_REG_JAN_DELETE" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95972F19-8A83-4A3C-9E2B-6FF98C3309FB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95972F19-8A83-4A3C-9E2B-6FF98C3309FB}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D30AE240-C48C-4668-84A9-AAB8CFA1AE37} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D30AE240-C48C-4668-84A9-AAB8CFA1AE37}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC04A715-C358-45C0-A183-ECC8A42C85AC} => Key not found.
C:\Windows\System32\Tasks\Torntv 2-codedownloader not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv 2-codedownloader => Key not found.
C:\ProgramData\TEMP => ":3D36932D" ADS removed successfully.
C:\ProgramData\TEMP => ":AB689DEA" ADS removed successfully.
AdobeARMservice => Service deleted successfully.
SeaPort => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gusvc => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 29.8 MB temporary data.

The system needed a reboot.

==== End of Fixlog 11:16:27 ====

VIRY.CZ

Kontrola

Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola