Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalení notebooku a Avast hlásí viry

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
hayabusa
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 bře 2015 14:13

Zpomalení notebooku a Avast hlásí viry

#1 Příspěvek od hayabusa »

Ahoj,
prosím o kontrolu logu, notebook je totálně zasekaný a Avast pořád hlásí nějaké viry (především v Chrome). Předem děkuji :)

Logfile of random's system information tool 1.10 (written by random/random)
Run by acer at 2015-03-29 15:19:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 83 GB (14%) free of 596 GB
Total RAM: 3764 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:35, on 29.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\acer\AppData\Local\Temp\C5A8.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\acer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid ... Z&unqvl=85
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.coolsearches.info/?pid ... Z&unqvl=85
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: SalePlus - {28666dd8-7399-4008-93db-06b56bceffd8} - C:\Program Files (x86)\SalePlus\1zAjOqLrxw8IP7.dll (file missing)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101214024032.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: youtubeadblocker - {f1322296-0d2c-4b3f-8971-5df9ae79f091} - C:\Program Files (x86)\youtubeadblocker\2ePk6G49k6MZzg.dll (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [Spotify] "C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: IBM-SPSS-Statistics-20---x86.exe
O4 - Startup: Universal Keygen Generator 2015.lnk = C:\ProgramData\{ecded016-be2e-d4ee-ecde-ed016be2405a}\Universal Keygen Generator 2015.exe
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13563 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "-803196696169684271-597435939-1505805204468681541128156434-13055211131837064725
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "1206153329-1551361057-819988220257470210-130860811-78721575-356189222731688834
"C:\Program Files\Apoint2K\HidFind.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files\Microsoft Office\Office15\WINWORD.EXE" /restore
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Microsoft Office\Office15\EXCEL.EXE" /restore
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
C:\Windows\system32\svchost.exe -k SDRSVC

"C:\Windows\system32\wuauclt.exe"
C:\Users\acer\AppData\Local\Temp\C5A8.exe
"C:\Program Files\IBM\SPSS\Statistics\22\stats.exe"
C:\PROGRA~1\IBM\SPSS\STATIS~1\22\JRE\bin\java -classpath C:\PROGRA~1\IBM\SPSS\STATIS~1\22\eclipse\plugins\org.eclipse.help.base_3.5.0.v201006080911\helpbase.jar org.eclipse.help.standalone.Help -eclipsehome eclipse -plugincustomization plugins/com.ibm.spss.statistics.help/plugin_customization.ini -command start -host 192.168.1.34 -noexec -clean -nl en_US -configuration C:\Users\acer\AppData\Local\IBM\SPSS\Statistics\22\Eclipse\configuration\nl\en_US -data C:\Users\acer\AppData\Local\Temp\IBM\SPSS\Statistics\22\Eclipse\temp\en_US -vmargs -Dorg.eclipse.equinox.http.jetty.context.path=/help -Xshareclasses:name=statistics_%u -Xshareclasses:nonfatal -Xscmx32M -Xms128M -Xmx256M -Xrs
\??\C:\Windows\system32\conhost.exe "-1436454133703996811-2540304593688841179951992391066838541-758410811818049771
C:\PROGRA~1\IBM\SPSS\STATIS~1\22\JRE\bin\javaw.exe -Dorg.eclipse.equinox.http.jetty.context.path=/help -Xshareclasses:name=statistics_%u -Xshareclasses:nonfatal -Xscmx32M -Xms128M -Xmx256M -Xrs -Dserver_host=192.168.1.34 -cp plugins/org.eclipse.equinox.launcher_1.1.0.v20100507.jar org.eclipse.core.launcher.Main -nosplash -application org.eclipse.help.base.helpApplication -data C:\Users\acer\AppData\Local\Temp\IBM\SPSS\Statistics\22\Eclipse\temp\en_US -plugincustomization plugins/com.ibm.spss.statistics.help/plugin_customization.ini -clean -nl en_US -configuration C:\Users\acer\AppData\Local\IBM\SPSS\Statistics\22\Eclipse\configuration\nl\en_US
C:\PROGRA~1\IBM\SPSS\STATIS~1\22\spssengine
\??\C:\Windows\system32\conhost.exe "211176403420647802911096298500-539033935175635468-227479056-21376739502068636423
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3252.0.271399778\221532694" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Control_PostPeriod/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Enabled/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3252.2.1877619160\635270824" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Control_PostPeriod/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Enabled/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3252.3.543941914\1081503338" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Control_PostPeriod/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Enabled/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3252.4.1111006639\1640187195" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Control_PostPeriod/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Enabled/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3252.5.1253479609\342357471" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Control_PostPeriod/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Enabled/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3252.8.1440502507\118302435" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3252.9.969990259\961828651" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Control_PostPeriod/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Enabled/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3252.14.554431319\1388981930" /prefetch:673131151
"C:\Users\acer\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Control_PostPeriod/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Enabled/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3252 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3252.27.528133663\1670163680" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe18_ Global\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\Windows\tasks\Acer Registration - Reminder Recall task.job - C:\Program Files (x86)\Acer\Registration\GREG.exe /RR
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "http://websearch.coolsearches.info/?pid ... Z&unqvl=85"
prefs.js - "keyword.URL" - "http://websearch.coolsearches.info/?pid ... =85&l=1&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\extensions\
3@beQs2R4i.org
foxyproxy@eric.h.jung
JLTz@wqHs.org
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\searchplugins\
google-avast.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28666dd8-7399-4008-93db-06b56bceffd8}]
SalePlus - C:\Program Files (x86)\SalePlus\1zAjOqLrxw8IP7.x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101214024032.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-28 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-01-23 2333400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1322296-0d2c-4b3f-8971-5df9ae79f091}]
youtubeadblocker - C:\Program Files (x86)\youtubeadblocker\2ePk6G49k6MZzg.x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28666dd8-7399-4008-93db-06b56bceffd8}]
SalePlus - C:\Program Files (x86)\SalePlus\1zAjOqLrxw8IP7.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-01-21 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-09 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101214024032.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-28 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL [2014-01-21 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL [2014-01-21 1728216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-09 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1322296-0d2c-4b3f-8971-5df9ae79f091}]
youtubeadblocker - C:\Program Files (x86)\youtubeadblocker\2ePk6G49k6MZzg.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-06-30 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-06-30 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-06-30 414744]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-29 11101800]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-29 2120808]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-05-25 585376]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-05-25 354464]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2010-03-09 345648]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2010-06-11 496160]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-06-10 324608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2012-08-17 3345408]
"Spotify Web Helper"=C:\Users\acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-03-23 1964088]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]
"Spotify"=C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe [2015-03-23 6701624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch]
C:\Program Files (x86)\Connectify\DispatchUI.exe [2014-12-26 2381560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot]
C:\Program Files (x86)\Connectify\Connectify.exe [2014-12-26 4330232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2012-08-17 3345408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe [2015-03-23 6701624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-29 265984]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-11 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-01 5227112]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IBM-SPSS-Statistics-20---x86.exe
Universal Keygen Generator 2015.lnk - C:\ProgramData\{ecded016-be2e-d4ee-ecde-ed016be2405a}\Universal Keygen Generator 2015.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-06-30 271360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-29 15:19:48 ----D---- C:\Program Files\trend micro
2015-03-29 15:19:47 ----D---- C:\rsit
2015-03-29 14:29:47 ----D---- C:\Windows\SYSWOW64\X86
2015-03-29 14:29:47 ----D---- C:\Windows\SYSWOW64\AMD64
2015-03-29 14:27:47 ----D---- C:\ProgramData\12363579864293752999
2015-03-29 14:26:56 ----D---- C:\ProgramData\fonbbmgdbbhhajhfejndofkbdmegjmgh
2015-03-29 14:26:17 ----D---- C:\ProgramData\{ecded016-be2e-d4ee-ecde-ed016be2405a}
2015-03-29 13:45:55 ----D---- C:\ProgramData\SPSS
2015-03-29 13:42:33 ----D---- C:\Program Files\IBM
2015-03-28 16:52:42 ----D---- C:\Windows\Sun
2015-03-26 23:59:12 ----D---- C:\Users\acer\AppData\Roaming\QuickScan
2015-03-26 22:53:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-18 16:37:16 ----D---- C:\Users\acer\AppData\Roaming\GHISLER
2015-03-18 16:37:16 ----D---- C:\totalcmd
2015-03-18 16:37:16 ----A---- C:\Windows\UC.PIF
2015-03-18 16:37:16 ----A---- C:\Windows\RAR.PIF
2015-03-18 16:37:16 ----A---- C:\Windows\PKZIP.PIF
2015-03-18 16:37:16 ----A---- C:\Windows\PKUNZIP.PIF
2015-03-18 16:37:16 ----A---- C:\Windows\LHA.PIF
2015-03-18 16:37:16 ----A---- C:\Windows\ARJ.PIF
2015-03-18 15:17:42 ----D---- C:\Users\acer\AppData\Roaming\Thunderbird
2015-03-18 15:17:26 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-03-11 11:48:11 ----A---- C:\Windows\system32\drivers\amdkmpfd.sys
2015-03-10 01:24:59 ----D---- C:\Users\acer\AppData\Roaming\Seznam.cz
2015-03-06 16:13:40 ----D---- C:\Users\acer\AppData\Roaming\library_dir
2015-03-06 16:11:51 ----D---- C:\ProgramData\AMD
2015-03-06 16:11:46 ----D---- C:\Program Files (x86)\AMD AVT
2015-03-06 16:10:04 ----D---- C:\Program Files (x86)\AMD
2015-03-06 16:08:30 ----D---- C:\ProgramData\ATI
2015-03-06 15:58:32 ----D---- C:\Program Files\Common Files\ATI Technologies
2015-03-06 15:55:20 ----D---- C:\ProgramData\Package Cache
2015-03-06 15:53:30 ----D---- C:\Program Files\AMD
2015-03-06 11:54:47 ----D---- C:\AMD
2015-03-04 15:05:01 ----D---- C:\Windows\system32\MRT
2015-03-04 15:04:57 ----A---- C:\Windows\system32\MRT.exe
2015-03-01 20:14:57 ----D---- C:\Users\acer\AppData\Roaming\AVAST Software

======List of files/folders modified in the last 1 month======

2015-03-29 15:28:11 ----D---- C:\Windows\Temp
2015-03-29 15:27:41 ----D---- C:\Users\acer\AppData\Roaming\Skype
2015-03-29 15:19:48 ----RD---- C:\Program Files
2015-03-29 14:31:57 ----RD---- C:\Program Files (x86)
2015-03-29 14:29:47 ----D---- C:\Windows\SysWOW64
2015-03-29 14:27:47 ----HD---- C:\ProgramData
2015-03-29 14:18:29 ----D---- C:\Windows\system32\config
2015-03-29 14:01:09 ----D---- C:\Users\acer\AppData\Roaming\Spotify
2015-03-29 13:55:09 ----SHD---- C:\Windows\Installer
2015-03-29 13:55:09 ----SHD---- C:\Config.Msi
2015-03-29 13:54:14 ----A---- C:\Windows\SYSWOW64\log.txt
2015-03-29 13:49:25 ----D---- C:\Windows\System32
2015-03-29 13:49:25 ----D---- C:\Windows\inf
2015-03-29 13:49:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-29 13:43:49 ----D---- C:\Windows\winsxs
2015-03-29 13:42:05 ----A---- C:\Windows\SYSWOW64\lsprst7.dll
2015-03-29 13:40:06 ----SHD---- C:\System Volume Information
2015-03-29 12:39:57 ----D---- C:\ProgramData\boost_interprocess
2015-03-29 12:00:35 ----D---- C:\Windows\Prefetch
2015-03-28 16:52:42 ----AD---- C:\Windows
2015-03-27 01:04:06 ----D---- C:\Users\acer\AppData\Roaming\omiga-plus
2015-03-27 01:01:57 ----D---- C:\Windows\Tasks
2015-03-27 01:01:57 ----D---- C:\Windows\system32\Tasks
2015-03-26 23:57:03 ----D---- C:\Users\acer\AppData\Roaming\UpdaterService
2015-03-25 23:08:33 ----D---- C:\Users\acer\AppData\Roaming\vlc
2015-03-25 10:48:26 ----D---- C:\Windows\system32\catroot
2015-03-25 10:48:22 ----D---- C:\Windows\system32\catroot2
2015-03-19 01:21:15 ----D---- C:\Windows\system32\NDF
2015-03-11 11:49:01 ----D---- C:\Windows\system32\drivers
2015-03-11 11:48:44 ----D---- C:\Windows\system32\DriverStore
2015-03-11 11:38:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-03-06 20:15:42 ----D---- C:\Windows\Microsoft.NET
2015-03-06 16:11:43 ----D---- C:\Program Files (x86)\Common Files
2015-03-06 16:09:57 ----D---- C:\Program Files (x86)\ATI Technologies
2015-03-06 15:58:32 ----D---- C:\Program Files\Common Files
2015-03-05 18:04:15 ----D---- C:\Windows\rescache
2015-03-05 11:00:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-05 11:00:21 ----D---- C:\Windows\system32\cs-CZ
2015-03-04 15:24:22 ----D---- C:\ProgramData\Microsoft Help
2015-03-04 15:22:38 ----RSD---- C:\Windows\assembly
2015-03-04 15:05:00 ----D---- C:\Windows\debug
2015-03-02 17:52:03 ----D---- C:\Program Files\Nitro

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2014-10-28 62152]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-28 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-28 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-28 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-01 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-28 436624]
R1 cnnctfy3;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2015-01-27 42152]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-09 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-28 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-28 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-28 116728]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-02-27 299568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-12 2229608]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-05-20 32296]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-06-30 10342240]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-29 2445672]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-25 76912]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-06-10 40448]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-05-20 38248]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-05-20 55336]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-05-20 294760]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-05-20 52584]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-05-20 156392]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-05-25 264040]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-06-30 10342240]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 PCDSRVC{91725DDC-8AF44900-06020200}_0;PCDSRVC{91725DDC-8AF44900-06020200}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\em7b8wgaiba5\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 PCDSRVC{D1725DDC-E6B223E4-06020200}_0;PCDSRVC{D1725DDC-E6B223E4-06020200}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\6vruwjgjxipq\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\drivers\usb80236.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-05-25 47776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-28 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2014-12-26 487936]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-11 321104]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-19 116648]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-19 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-16 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe []
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-01-23 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-12-19 485888]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zpomalení notebooku a Avast hlásí viry

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
hayabusa
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 bře 2015 14:13

Re: Zpomalení notebooku a Avast hlásí viry

#3 Příspěvek od hayabusa »

# AdwCleaner v4.113 - Logfile created 29/03/2015 at 18:35:35
# Updated 22/03/2015 by Xplode
# Database : 2015-03-28.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : acer - ACER-PC
# Running from : C:\Users\acer\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : WindowsMangerProtect

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\acer\AppData\Local\Temp\focusbase
Folder Deleted : C:\Users\acer\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\acer\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\acer\AppData\Roaming\updaterservice
Folder Deleted : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\3@beQs2R4i.org
Folder Deleted : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\JLTz@wqHs.org
Folder Deleted : C:\ProgramData\fonbbmgdbbhhajhfejndofkbdmegjmgh
File Deleted : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\searchplugins\WebSearch.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
File Deleted : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage
File Deleted : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : FSSUpdaterService

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\P28666dd8_7399_4008_93db_06b56bceffd8_.P28666dd8_7399_4008_93db_06b56bceffd8_
Key Deleted : HKLM\SOFTWARE\Classes\P28666dd8_7399_4008_93db_06b56bceffd8_.P28666dd8_7399_4008_93db_06b56bceffd8_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pf1322296_0d2c_4b3f_8971_5df9ae79f091_.Pf1322296_0d2c_4b3f_8971_5df9ae79f091_
Key Deleted : HKLM\SOFTWARE\Classes\Pf1322296_0d2c_4b3f_8971_5df9ae79f091_.Pf1322296_0d2c_4b3f_8971_5df9ae79f091_.9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28666dd8-7399-4008-93db-06b56bceffd8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f1322296-0d2c-4b3f-8971-5df9ae79f091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28666dd8-7399-4008-93db-06b56bceffd8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1322296-0d2c-4b3f-8971-5df9ae79f091}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{28666dd8-7399-4008-93db-06b56bceffd8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f1322296-0d2c-4b3f-8971-5df9ae79f091}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{28666dd8-7399-4008-93db-06b56bceffd8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{f1322296-0d2c-4b3f-8971-5df9ae79f091}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28666dd8-7399-4008-93db-06b56bceffd8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1322296-0d2c-4b3f-8971-5df9ae79f091}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v36.0.4 (x86 cs)

[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.coolsearches.info/?pid=22497&r=2015/03/29&hid=15081082675545846381&lg=EN&cc=CZ&unqvl=85&l=1&q=");
[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.coolsearches.info/?pid=22497&r=2015/03/29&hid=15081082675545846381&lg=EN&cc=CZ&unqvl=85");
[3pji1eo2.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.coolsearches.info/?pid=22497&r=2015/03/29&hid=15081082675545846381&lg=EN&cc=CZ&unqvl=85&l=1&q=");

-\\ Google Chrome v41.0.2272.101

[C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.coolsearches.info/?l=1&q={searchTerms}&pid=22497&r=2015/03/29&hid=15081082675545846381&lg=EN&cc=CZ&unqvl=85

*************************

AdwCleaner[R0].txt - [8990 bytes] - [29/03/2015 18:22:10]
AdwCleaner[R1].txt - [9049 bytes] - [29/03/2015 18:32:52]
AdwCleaner[S0].txt - [8777 bytes] - [29/03/2015 18:35:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8836 bytes] ##########


Zoek.exe v5.0.0.0 Updated 28-March-2015
Tool run by acer on ne 29.03.2015 at 18:48:53,78.
Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 WMI=failure
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\acer\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29.3.2015 18:54:12 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\Nitro deleted successfully
C:\PROGRA~3\GS deleted successfully
C:\Users\acer\AppData\Roaming\QuickScan deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\prefs.js:
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.suggest.enabled", false);

Added to C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\acer\AppData\Roaming\Thunderbird\Profiles\m4alumd7.default\prefs.js:

Added to C:\Users\acer\AppData\Roaming\Thunderbird\Profiles\m4alumd7.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default

user.js not found
---- Lines extensions.J1rBz9bLzrpqeBBr removed from prefs.js ----
user_pref("extensions.J1rBz9bLzrpqeBBr.epoch", "1");
user_pref("extensions.J1rBz9bLzrpqeBBr.scode", "void(0);");
user_pref("extensions.J1rBz9bLzrpqeBBr.url", "http://setgroupsuper.info/sync/?q=C6qUo ... qTr5rihGhe
---- Lines extensions.MPuahdU2tfWmkWI0 removed from prefs.js ----
user_pref("extensions.MPuahdU2tfWmkWI0.epoch", "1");
user_pref("extensions.MPuahdU2tfWmkWI0.scode", "void(0);");
user_pref("extensions.MPuahdU2tfWmkWI0.url", "http://downloads-friend.com/sync/?q=C6q ... Y9qTr5rihG
---- FireFox user.js and prefs.js backups ----

prefs_29.03.2015_1908_.backup

ProfilePath: C:\Users\acer\AppData\Roaming\Thunderbird\Profiles\m4alumd7.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_29.03.2015_1908_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Windows Live SkyDrive deleted
C:\Users\acer\AppData\Roaming\calibre deleted
C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\Universal Keygen Generator 2015.lnk deleted
C:\PROGRA~3\12363579864293752999 deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\acer\AppData\Local\Thinstall deleted
C:\Users\acer\Downloads\bsplayer263.1071.exe deleted
C:\Users\acer\Downloads\bsplayer269.1078.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\PROGRA~3\{ecded016-be2e-d4ee-ecde-ed016be2405a}\1300019c8f35e5dc" not deleted
"C:\PROGRA~3\{ecded016-be2e-d4ee-ecde-ed016be2405a}\defda7c9a8e10208" not deleted
"C:\PROGRA~3\{ecded016-be2e-d4ee-ecde-ed016be2405a}\Universal Keygen Generator 2015.exe" deleted
"C:\PROGRA~3\{ecded016-be2e-d4ee-ecde-ed016be2405a}" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\acer\AppData\Roaming\Thunderbird\Profiles\m4alumd7.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03.03.2015 11:35]

==== Firefox Extensions ======================

ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default
- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.02.2015 19:23]

AdBlock - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Tag Assistant by Google - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk

==== Chromium Startpages ======================

C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://isearch.omiga-plus.com/?type=hp& ... T5508T5508",
"startup_urls": [ "http://isearch.omiga-plus.com/?type=hp& ... T5508T5508" ]


==== Chromium Fix ======================

C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk deleted successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kejbdjndbnbjgmefkgdddjlbokphdefk_0.localstorage deleted successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kejbdjndbnbjgmefkgdddjlbokphdefk_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF8a654c1.TMP was reset successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C: deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\acer\AppData\Local\Mozilla\Firefox\Profiles\3pji1eo2.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=76 folders=28 36569706 bytes)

==== Empty Temp Folders ======================

C:\Users\acer\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\acer\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~3\{ecded016-be2e-d4ee-ecde-ed016be2405a}\1300019c8f35e5dc" not found
"C:\PROGRA~3\{ecded016-be2e-d4ee-ecde-ed016be2405a}\defda7c9a8e10208" not found
"C:\PROGRA~3\{ecded016-be2e-d4ee-ecde-ed016be2405a}" not found

==== EOF on ne 29.03.2015 at 19:24:45,59 ======================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zpomalení notebooku a Avast hlásí viry

#4 Příspěvek od vyosek »

:arrow: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Ulozte nejlepe na Plochu a rozbalte
  • Spustte kliknutim na mbar
  • Nyni postupne kliknete na Next a Update
  • Po dokonceni update (aktualizace) databaze kliknete opet na Next
  • Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
  • Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
  • Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
  • Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
  • PC bude restartovan
  • Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
hayabusa
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 bře 2015 14:13

Re: Zpomalení notebooku a Avast hlásí viry

#5 Příspěvek od hayabusa »

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17501

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.527000 GHz
Memory total: 3947286528, free: 2179948544

Downloaded database version: v2015.04.02.02
Downloaded database version: v2015.03.31.01
Downloaded database version: v2015.03.09.01
=======================================
Initializing...
------------ Kernel report ------------
04/02/2015 12:34:45
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\amdkmpfd.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\cnnctfy3.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\??\C:\Windows\system32\drivers\UBHelper.sys
\SystemRoot\system32\drivers\cdrom.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\setupapi.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\comdlg32.dll
\Windows\System32\difxapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\imagehlp.dll
\Windows\System32\shell32.dll
\Windows\System32\iertutil.dll
\Windows\System32\oleaut32.dll
\Windows\System32\imm32.dll
\Windows\System32\advapi32.dll
\Windows\System32\sechost.dll
\Windows\System32\psapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\ws2_32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\lpk.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\msctf.dll
\Windows\System32\gdi32.dll
\Windows\System32\kernel32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
main: v2015.04.02.02
rootkit: v2015.03.31.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005224790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80052242c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005224790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80051bf050, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A1077641

Partition information:

Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 28672000

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 28674048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 28878848 Numsec = 1221382144

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Done!
Infected: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IBM-SPSS-Statistics-20---x86.exe --> [Trojan.Agent.ED]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-28674048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zpomalení notebooku a Avast hlásí viry

#6 Příspěvek od vyosek »

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
hayabusa
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 bře 2015 14:13

Re: Zpomalení notebooku a Avast hlásí viry

#7 Příspěvek od hayabusa »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by acer (administrator) on ACER-PC on 02-04-2015 14:40:07
Running from C:\Users\acer\Desktop
Loaded Profiles: acer (Available profiles: acer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
(Spotify Ltd) C:\Users\acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-29] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [585376 2010-05-25] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [354464 2010-05-25] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [345648 2010-03-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-11] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [3345408 2012-08-17] ()
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Spotify Web Helper] => C:\Users\acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Spotify] => C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\MountPoints2: {12085643-58d3-11e2-a7f5-206a8a13ff2d} - E:\SETUP.EXE
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\MountPoints2: {bb1e4822-6c64-11e2-9f22-206a8a13ff2d} - D:\SETUP.EXE
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1201002671-3057367122-1116211431-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1201002671-3057367122-1116211431-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-28] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-28] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-09] (Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.192.60.5 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default
FF DefaultSearchEngine: Google (avast)
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF SearchPlugin: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\searchplugins\google-avast.xml [2015-03-09]
FF Extension: FoxyProxy Standard - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\foxyproxy@eric.h.jung [2015-03-23]
FF Extension: Adblock Plus - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-18]
CHR Extension: (Google Docs) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-18]
CHR Extension: (Google Drive) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-19]
CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-19]
CHR Extension: (Google Search) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-19]
CHR Extension: (Google Sheets) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-18]
CHR Extension: (Avast Online Security) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-01]
CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [47776 2010-05-25] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-28] (AVAST Software)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-12-26] (Connectify) [File not signed]
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [821792 2010-06-11] (Acer Incorporated)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-03-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-28] ()
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2015-01-27] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-09] (DT Soft Ltd)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 PCDSRVC{91725DDC-8AF44900-06020200}_0; \??\c:\users\acer\appdata\local\temp\em7b8wgaiba5\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{D1725DDC-E6B223E4-06020200}_0; \??\c:\users\acer\appdata\local\temp\6vruwjgjxipq\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-02 14:40 - 2015-04-02 14:41 - 00020162 _____ () C:\Users\acer\Desktop\FRST.txt
2015-04-02 14:39 - 2015-04-02 14:41 - 00000000 ____D () C:\FRST
2015-04-02 14:38 - 2015-04-02 14:38 - 02095616 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2015-04-02 14:35 - 2015-04-02 14:35 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher (1).exe
2015-04-02 14:30 - 2015-04-02 14:30 - 02095616 _____ (Farbar) C:\Users\acer\Desktop\FRST64 (1).exe
2015-04-02 14:30 - 2015-04-02 14:30 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe
2015-04-02 12:35 - 2015-04-02 12:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-02 12:34 - 2015-04-02 13:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-02 12:34 - 2015-04-02 12:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 12:33 - 2015-04-02 13:07 - 00000000 ____D () C:\Users\acer\Desktop\mbar
2015-04-02 12:33 - 2015-04-02 12:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-02 12:29 - 2015-04-02 12:29 - 00394180 _____ () C:\Users\acer\Documents\Output33.spv
2015-04-02 12:24 - 2015-04-02 12:24 - 00110817 _____ () C:\Users\acer\Desktop\tabulky_spss.xlsx
2015-04-01 21:51 - 2015-04-01 21:52 - 138053635 _____ () C:\Users\acer\Legendy.rar
2015-04-01 21:47 - 2015-04-01 21:56 - 138615016 _____ () C:\Users\acer\Downloads\Legendy.wmv
2015-04-01 00:29 - 2015-04-01 00:29 - 00043115 _____ () C:\Users\acer\Downloads\320198141911.xlsx
2015-04-01 00:21 - 2015-04-01 00:21 - 00012081 _____ () C:\Users\acer\Downloads\1417103 (2).xlsx
2015-04-01 00:07 - 2015-04-01 00:07 - 00039936 _____ () C:\Users\acer\Downloads\Zivnostenska-opravneni-ve-sluzbach-cestovniho-ruchu.xls
2015-03-31 23:58 - 2015-03-31 23:59 - 02498048 _____ () C:\Users\acer\Downloads\tabulky_grafy.xls
2015-03-31 22:43 - 2015-03-31 22:43 - 00336951 _____ () C:\Users\acer\Downloads\VY_III2_INOVACE_8_1_1220.pptx
2015-03-30 22:29 - 2015-04-02 12:28 - 00092770 _____ () C:\Users\acer\Desktop\dotazniktt.sav
2015-03-30 22:27 - 2015-03-30 22:29 - 16502728 _____ (Malwarebytes Corp.) C:\Users\acer\Desktop\mbar-1.09.1.1004.exe
2015-03-30 19:57 - 2015-04-02 13:39 - 00004948 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for acer-PC-acer acer-PC
2015-03-30 13:39 - 2015-03-30 21:01 - 00095482 _____ () C:\Users\acer\Downloads\dotazniktt.sav
2015-03-30 12:15 - 2015-03-30 12:15 - 00122039 _____ () C:\Users\acer\Downloads\data (4).sav
2015-03-29 19:14 - 2015-03-29 18:46 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-29 18:52 - 2015-03-29 19:24 - 00015975 _____ () C:\zoek-results.log
2015-03-29 18:49 - 2015-03-29 18:49 - 01305600 _____ () C:\Users\acer\Downloads\zoek.exe
2015-03-29 18:47 - 2015-03-29 18:47 - 00008960 _____ () C:\Users\acer\Desktop\AdwCleaner[S0].txt
2015-03-29 18:46 - 2015-03-29 19:10 - 00000000 ____D () C:\zoek_backup
2015-03-29 18:22 - 2015-03-29 18:36 - 00000000 ____D () C:\AdwCleaner
2015-03-29 18:20 - 2015-03-29 18:20 - 01305600 _____ () C:\Users\acer\Desktop\zoek.exe
2015-03-29 18:16 - 2015-03-30 13:11 - 00072573 _____ () C:\Users\acer\Desktop\dotaznik.sav
2015-03-29 18:00 - 2015-03-29 18:01 - 02168320 _____ () C:\Users\acer\Desktop\adwcleaner_4.113.exe
2015-03-29 16:43 - 2015-03-29 16:44 - 00122039 _____ () C:\Users\acer\Downloads\data (3).sav
2015-03-29 16:13 - 2015-03-29 16:24 - 00000000 ____D () C:\Users\acer\AppData\OICE_15_974FA576_32C1D314_820
2015-03-29 16:11 - 2015-03-29 16:11 - 00723983 _____ () C:\Users\acer\Downloads\analyza_dotazniku.pptx
2015-03-29 15:34 - 2015-03-29 15:34 - 00000090 _____ () C:\Users\acer\Desktop\SPSS_kod.txt
2015-03-29 15:19 - 2015-03-29 15:37 - 00000000 ____D () C:\rsit
2015-03-29 15:19 - 2015-03-29 15:36 - 00000000 ____D () C:\Program Files\trend micro
2015-03-29 15:18 - 2015-03-29 15:18 - 01222144 _____ () C:\Users\acer\Downloads\RSITx64.exe
2015-03-29 15:16 - 2015-03-29 15:16 - 02095616 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe
2015-03-29 14:29 - 2015-03-29 14:29 - 00000000 ____D () C:\Windows\SysWOW64\X86
2015-03-29 14:29 - 2015-03-29 14:29 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2015-03-29 13:45 - 2015-03-29 13:45 - 00000000 ____D () C:\ProgramData\SPSS
2015-03-29 13:45 - 2015-03-29 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2015-03-29 13:42 - 2015-03-29 13:42 - 00000000 ____D () C:\Program Files\IBM
2015-03-29 13:27 - 2015-03-29 13:29 - 05344528 _____ (Piriform Ltd) C:\Users\acer\Downloads\ccsetup504.exe
2015-03-28 16:55 - 2015-03-28 18:11 - 539191456 _____ (IBM Corp. ) C:\Users\acer\Downloads\SPSS_TAFS_TRIAL_64B_4.0.1_WIN_ML.exe
2015-03-28 16:53 - 2015-03-28 19:14 - 812131760 _____ (IBM Corp) C:\Users\acer\Downloads\SPSS_Statistics_22_TR_win64_ (1).exe
2015-03-28 16:52 - 2015-03-28 16:52 - 00000000 ____D () C:\Windows\Sun
2015-03-28 15:14 - 2015-03-29 18:17 - 00572749 _____ () C:\Users\acer\Desktop\dotazni_prekod.xlsx
2015-03-28 11:56 - 2015-03-28 11:56 - 07772673 _____ () C:\Users\acer\Desktop\Bez názvu.wma
2015-03-28 11:40 - 2015-03-28 11:40 - 00012195 _____ () C:\Users\acer\Downloads\Poptávka po příležitostné autobusové dopravě v Královéhradeckém kraji – kopie (Odpovědi) (2).xlsx
2015-03-27 16:20 - 2015-03-27 16:20 - 00030967 _____ () C:\Users\acer\Downloads\Poptávka po příležitostné autobusové dopravě v Královéhradeckém kraji – kopie (Odpovědi) - Odpovědi formuláře 1.tsv
2015-03-27 16:20 - 2015-03-27 16:20 - 00012444 _____ () C:\Users\acer\Downloads\Poptávka po příležitostné autobusové dopravě v Královéhradeckém kraji – kopie (Odpovědi) (1).xlsx
2015-03-27 16:05 - 2015-03-27 16:05 - 00013923 _____ () C:\Users\acer\Downloads\Poptávka po příležitostné autobusové dopravě v Královéhradeckém kraji – kopie (Odpovědi).xlsx
2015-03-26 22:53 - 2015-03-26 22:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-25 12:08 - 2015-03-25 12:08 - 00108182 _____ () C:\Users\acer\Downloads\26490_480x360_a3d3e8f33bf3eedcbb2af03a2b268555
2015-03-25 12:08 - 2015-03-25 12:08 - 00075427 _____ () C:\Users\acer\Downloads\36691_480x360_eb5ae1718afa1df2240d1ba7c76df695 (1)
2015-03-25 12:07 - 2015-03-25 12:08 - 00075427 _____ () C:\Users\acer\Downloads\36691_480x360_eb5ae1718afa1df2240d1ba7c76df695
2015-03-24 21:49 - 2015-03-24 21:49 - 00014608 _____ () C:\Users\acer\Downloads\Motivacne stipendia za prospech v AR 2013-2014.xlsx
2015-03-23 19:12 - 2015-03-23 19:12 - 00013049 _____ () C:\Users\acer\Downloads\330089141601.xlsx
2015-03-23 19:05 - 2015-03-23 19:05 - 00012899 _____ () C:\Users\acer\Downloads\1416109.xlsx
2015-03-23 19:05 - 2015-03-23 19:05 - 00012081 _____ () C:\Users\acer\Downloads\1417103 (1).xlsx
2015-03-23 19:05 - 2015-03-23 19:05 - 00010785 _____ () C:\Users\acer\Downloads\1417102.xlsx
2015-03-23 19:04 - 2015-03-23 19:05 - 00010795 _____ () C:\Users\acer\Downloads\330089141702.xlsx
2015-03-23 18:39 - 2015-03-23 18:40 - 03908334 _____ () C:\Users\acer\Downloads\Nahrávka číslo 15 - K Independent Samples Test (2).wmv
2015-03-22 22:11 - 2015-03-22 22:11 - 00005372 _____ () C:\Users\acer\Downloads\members_Diplomka_Finalni_not_opened_Mar_22_2015.csv
2015-03-19 18:31 - 2015-03-19 18:31 - 00034816 _____ () C:\Users\acer\Downloads\Ceník 17.4.2014 (1).xls
2015-03-18 16:42 - 2015-03-18 16:42 - 00016220 _____ () C:\Users\acer\Desktop\mime003.txt
2015-03-18 16:42 - 2015-03-18 16:42 - 00016220 _____ () C:\Users\acer\Desktop\mime001.txt
2015-03-18 16:42 - 2015-03-18 16:42 - 00003284 _____ () C:\Users\acer\Desktop\mime002.txt
2015-03-18 16:42 - 2015-03-18 16:42 - 00003284 _____ () C:\Users\acer\Desktop\mime000.txt
2015-03-18 16:37 - 2015-03-18 16:38 - 00000000 ____D () C:\totalcmd
2015-03-18 16:37 - 2015-03-18 16:37 - 00000000 ____D () C:\Users\acer\AppData\Roaming\GHISLER
2015-03-18 16:37 - 2014-04-23 09:51 - 00000545 _____ () C:\Windows\UC.PIF
2015-03-18 16:37 - 2014-04-23 09:51 - 00000545 _____ () C:\Windows\RAR.PIF
2015-03-18 16:37 - 2014-04-23 09:51 - 00000545 _____ () C:\Windows\PKZIP.PIF
2015-03-18 16:37 - 2014-04-23 09:51 - 00000545 _____ () C:\Windows\PKUNZIP.PIF
2015-03-18 16:37 - 2014-04-23 09:51 - 00000545 _____ () C:\Windows\LHA.PIF
2015-03-18 16:37 - 2014-04-23 09:51 - 00000545 _____ () C:\Windows\ARJ.PIF
2015-03-18 16:36 - 2015-03-18 16:36 - 03722264 _____ (Ghisler Software GmbH) C:\Users\acer\Downloads\tcm851x32.exe
2015-03-18 15:17 - 2015-03-18 15:17 - 00002106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-03-18 15:17 - 2015-03-18 15:17 - 00002094 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-03-18 15:17 - 2015-03-18 15:17 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Thunderbird
2015-03-18 15:17 - 2015-03-18 15:17 - 00000000 ____D () C:\Users\acer\AppData\Local\Thunderbird
2015-03-18 15:17 - 2015-03-18 15:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-18 15:15 - 2015-03-18 15:16 - 28768448 _____ (Mozilla) C:\Users\acer\Downloads\Thunderbird Setup 31.5.0.exe
2015-03-18 15:12 - 2015-03-18 21:36 - 00000000 ____D () C:\Users\acer\Documents\Soubory aplikace Outlook
2015-03-18 15:10 - 2015-03-18 15:10 - 00032999 _____ () C:\Users\acer\Desktop\RE Diplomová práce Možnosti rozvoje příležitostné autobusové d = utf-8 Q opravy_v_Kr=C3=A1lov=C3=A9hradeck=C3=A9m_kraji – Seznam Email.html
2015-03-14 19:39 - 2015-03-14 19:40 - 00034816 _____ () C:\Users\acer\Downloads\Ceník 17.4.2014.xls
2015-03-13 22:10 - 2015-03-13 22:36 - 1435369196 _____ () C:\Users\acer\Downloads\Jackass.Presents.Bad.Grandpa.0.5.2014.480p.BRRip.XviD.AC3.CZ.titulky.avi
2015-03-13 21:27 - 2015-03-13 21:40 - 732530174 _____ () C:\Users\acer\Downloads\Jackass.Presents.Bad.Grandpa.2013HDRip.XviD-SaM.avi
2015-03-11 11:48 - 2014-10-28 01:46 - 00062152 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2015-03-10 01:25 - 2015-03-10 01:25 - 00002263 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2015-03-10 01:25 - 2015-03-10 01:25 - 00002263 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2015-03-10 01:24 - 2015-03-27 01:02 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Seznam.cz
2015-03-09 19:03 - 2015-03-09 19:03 - 00022016 _____ () C:\Users\acer\Downloads\mv_mpo_106.xls
2015-03-09 13:58 - 2015-03-09 13:58 - 01780402 _____ () C:\Users\acer\Documents\Smartphone Lenovo P70 s bonusem.mp4
2015-03-08 16:11 - 2015-03-08 16:17 - 106840528 _____ () C:\Users\acer\Downloads\4D---4-(2014).zip
2015-03-06 21:37 - 2015-03-06 21:45 - 507021478 _____ () C:\Users\acer\Downloads\05-08 - Butik.avi
2015-03-06 20:27 - 2015-03-06 20:55 - 1591037006 _____ () C:\Users\acer\Downloads\Kod.Enigmy.2014.BRRip.XviD.AC3.CZ.titulky.avi
2015-03-06 16:15 - 2015-03-06 16:16 - 02333416 _____ (Intel) C:\Users\acer\Downloads\Intel Driver Update Utility Installer.exe
2015-03-06 16:13 - 2015-03-06 16:13 - 00000000 ____D () C:\Users\acer\AppData\Roaming\library_dir
2015-03-06 16:11 - 2015-03-06 16:11 - 00053392 _____ () C:\Windows\SysWOW64\CCCInstall_201503061511368513.log
2015-03-06 16:11 - 2015-03-06 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-03-06 16:11 - 2015-03-06 16:11 - 00000000 ____D () C:\ProgramData\AMD
2015-03-06 16:11 - 2015-03-06 16:11 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-03-06 16:10 - 2015-03-06 16:10 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-03-06 16:08 - 2015-03-06 16:08 - 00000000 ____D () C:\ProgramData\ATI
2015-03-06 15:58 - 2015-03-06 15:58 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-06 15:53 - 2015-03-06 16:05 - 00000000 ____D () C:\Program Files\AMD
2015-03-06 11:54 - 2015-03-06 11:54 - 00000000 ____D () C:\AMD
2015-03-06 11:40 - 2015-03-06 11:41 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\acer\Downloads\autodetectutility.exe
2015-03-06 11:40 - 2015-03-06 11:41 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\acer\Downloads\autodetectutility (1).exe
2015-03-05 14:05 - 2015-03-05 14:05 - 00003332 _____ () C:\Users\acer\Downloads\Organizace- Poptávka po příležitostné autobusové dopravě v Královéhradeckém kraji – kopie.csv
2015-03-04 21:29 - 2015-03-04 21:38 - 498677892 _____ () C:\Users\acer\Downloads\05-07 - Nová Televize.avi
2015-03-04 15:05 - 2015-03-04 15:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-04 15:04 - 2015-01-29 18:49 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-03 23:08 - 2015-03-03 23:08 - 00012081 _____ () C:\Users\acer\Downloads\1417103.xlsx
2015-03-03 23:07 - 2015-03-03 23:07 - 00018586 _____ () C:\Users\acer\Downloads\330089141701.xlsx
2015-03-03 17:36 - 2015-03-03 17:37 - 00000000 ____D () C:\Users\acer\Desktop\Nová složka
2015-03-03 15:29 - 2015-03-03 15:29 - 00076288 _____ () C:\Users\acer\Downloads\Dotaznik-a-metodika-k-doprave.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-02 14:34 - 2009-07-14 06:45 - 00022896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-02 14:34 - 2009-07-14 06:45 - 00022896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-02 14:30 - 2012-12-19 13:07 - 00000384 _____ () C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2015-04-02 14:25 - 2012-12-19 15:53 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 14:22 - 2013-12-27 19:38 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Skype
2015-04-02 13:20 - 2012-12-14 14:16 - 01079268 _____ () C:\Windows\WindowsUpdate.log
2015-04-02 13:16 - 2013-12-18 21:52 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Spotify
2015-04-02 13:14 - 2013-12-18 21:53 - 00000000 ____D () C:\Users\acer\AppData\Local\Spotify
2015-04-02 13:14 - 2013-01-07 10:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-02 13:13 - 2012-12-14 15:56 - 00000043 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-04-02 13:12 - 2012-12-19 15:53 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 13:11 - 2012-12-14 14:12 - 00345236 _____ () C:\Windows\PFRO.log
2015-04-02 13:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-02 13:11 - 2009-07-14 06:51 - 00198176 _____ () C:\Windows\setupact.log
2015-04-01 21:51 - 2012-12-14 15:54 - 00000000 ____D () C:\Users\acer
2015-04-01 21:13 - 2013-09-30 23:47 - 00000000 ____D () C:\Users\acer\UMB
2015-04-01 18:17 - 2013-09-28 21:01 - 00000000 ____D () C:\Users\acer\AppData\Roaming\vlc
2015-04-01 18:13 - 2012-12-14 23:08 - 00668890 _____ () C:\Windows\system32\perfh005.dat
2015-04-01 18:13 - 2012-12-14 23:08 - 00141518 _____ () C:\Windows\system32\perfc005.dat
2015-04-01 18:13 - 2009-07-14 07:13 - 01583642 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-30 19:54 - 2013-02-06 18:12 - 00000000 ____D () C:\Users\acer\AppData\Local\CrashDumps
2015-03-29 18:36 - 2012-12-19 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-29 18:36 - 2012-12-14 15:56 - 00001158 _____ () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-29 15:34 - 2014-02-10 01:56 - 00000000 ____D () C:\Users\acer\.gimp-2.8
2015-03-29 13:54 - 2009-07-14 06:45 - 00429872 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-29 13:48 - 2012-12-14 15:55 - 00111160 _____ () C:\Users\acer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-29 13:42 - 2014-12-09 17:24 - 00000219 _____ () C:\Windows\SysWOW64\lsprst7.tgz
2015-03-29 13:42 - 2014-12-09 17:24 - 00000205 _____ () C:\Windows\SysWOW64\lsprst7.dll
2015-03-29 13:42 - 2014-12-09 17:24 - 00000016 ____H () C:\Windows\SysWOW64\servdat.slm
2015-03-29 12:39 - 2012-12-19 22:39 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-23 13:09 - 2013-12-18 21:53 - 00001766 _____ () C:\Users\acer\Desktop\Spotify.lnk
2015-03-23 13:09 - 2013-12-18 21:53 - 00001752 _____ () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-22 01:25 - 2014-11-02 16:02 - 00000000 ____D () C:\Users\acer\Desktop\Star
2015-03-21 00:34 - 2014-07-23 14:29 - 00000000 ____D () C:\Users\acer\Documents\Bluetooth Folder
2015-03-19 01:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-13 22:02 - 2014-01-26 18:35 - 00000000 ____D () C:\Users\acer\Downloads\Subs
2015-03-11 11:39 - 2013-01-07 01:58 - 00000000 ____D () C:\Users\acer\AppData\Local\Adobe
2015-03-11 11:38 - 2013-10-10 12:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-11 11:38 - 2013-10-10 12:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-09 18:59 - 2014-10-10 13:41 - 00000000 ____D () C:\Users\acer\Desktop\Diplomka
2015-03-09 01:09 - 2013-09-28 19:07 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-07 00:04 - 2013-10-16 22:38 - 00000000 ____D () C:\Users\acer\Documents\SelfMV
2015-03-06 16:09 - 2012-12-14 14:24 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-03-05 18:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-04 15:24 - 2013-01-08 16:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-04 15:22 - 2015-02-04 18:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

==================== Files in the root of some directories =======

2014-12-01 21:23 - 2014-12-01 21:23 - 0000058 _____ () C:\Users\acer\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-02-10 03:50 - 2014-02-10 03:50 - 0002137 _____ () C:\Users\acer\AppData\Local\recently-used.xbel
2015-02-24 22:09 - 2015-02-24 22:09 - 0007605 _____ () C:\Users\acer\AppData\Local\Resmon.ResmonCfg
2012-12-14 14:33 - 2012-12-14 14:37 - 0016020 _____ () C:\ProgramData\ArcadeDeluxe4.log
2010-12-14 13:21 - 2010-03-03 01:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2013-01-05 22:51 - 2013-01-05 22:53 - 0000090 _____ () C:\ProgramData\PS.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\acer\Desktop" je 386 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch
C:\Program Files (x86)\Connectify\DispatchUI.exe autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot
C:\Program Files (x86)\Connectify\Connectify.exe autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor
"C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zpomalení notebooku a Avast hlásí viry

#8 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [3345408 2012-08-17] ()
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Spotify Web Helper] => C:\Users\acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Spotify] => C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\MountPoints2: {12085643-58d3-11e2-a7f5-206a8a13ff2d} - E:\SETUP.EXE
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\MountPoints2: {bb1e4822-6c64-11e2-9f22-206a8a13ff2d} - D:\SETUP.EXE
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)


HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: FoxyProxy Standard - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\foxyproxy@eric.h.jung [2015-03-23]

S3 PCDSRVC{91725DDC-8AF44900-06020200}_0; \??\c:\users\acer\appdata\local\temp\em7b8wgaiba5\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{D1725DDC-E6B223E4-06020200}_0; \??\c:\users\acer\appdata\local\temp\6vruwjgjxipq\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

2015-04-02 14:40 - 2015-04-02 14:41 - 00020162 _____ () C:\Users\acer\Desktop\FRST.txt
2015-04-02 14:35 - 2015-04-02 14:35 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher (1).exe
2015-04-02 14:30 - 2015-04-02 14:30 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe
2015-04-02 12:35 - 2015-04-02 12:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-02 12:34 - 2015-04-02 13:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-02 12:34 - 2015-04-02 12:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 12:33 - 2015-04-02 13:07 - 00000000 ____D () C:\Users\acer\Desktop\mbar
2015-04-02 12:33 - 2015-04-02 12:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-29 19:14 - 2015-03-29 18:46 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-29 18:52 - 2015-03-29 19:24 - 00015975 _____ () C:\zoek-results.log
2015-03-29 18:49 - 2015-03-29 18:49 - 01305600 _____ () C:\Users\acer\Downloads\zoek.exe
2015-03-29 18:47 - 2015-03-29 18:47 - 00008960 _____ () C:\Users\acer\Desktop\AdwCleaner[S0].txt
2015-03-29 18:46 - 2015-03-29 19:10 - 00000000 ____D () C:\zoek_backup
2015-03-29 18:22 - 2015-03-29 18:36 - 00000000 ____D () C:\AdwCleaner
2015-03-29 18:20 - 2015-03-29 18:20 - 01305600 _____ () C:\Users\acer\Desktop\zoek.exe
2015-03-29 18:00 - 2015-03-29 18:01 - 02168320 _____ () C:\Users\acer\Desktop\adwcleaner_4.113.exe
2015-03-29 15:19 - 2015-03-29 15:37 - 00000000 ____D () C:\rsit
2015-03-29 15:19 - 2015-03-29 15:36 - 00000000 ____D () C:\Program Files\trend micro
2015-03-29 15:18 - 2015-03-29 15:18 - 01222144 _____ () C:\Users\acer\Downloads\RSITx64.exe
2015-03-29 15:16 - 2015-03-29 15:16 - 02095616 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe

Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
hayabusa
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 bře 2015 14:13

Re: Zpomalení notebooku a Avast hlásí viry

#9 Příspěvek od hayabusa »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by acer at 2015-04-02 23:52:08 Run:1
Running from C:\Users\acer\Desktop
Loaded Profiles: acer (Available profiles: acer)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [3345408 2012-08-17] ()
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Spotify Web Helper] => C:\Users\acer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Spotify] => C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\MountPoints2: {12085643-58d3-11e2-a7f5-206a8a13ff2d} - E:\SETUP.EXE
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\...\MountPoints2: {bb1e4822-6c64-11e2-9f22-206a8a13ff2d} - D:\SETUP.EXE
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)


HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: FoxyProxy Standard - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\foxyproxy@eric.h.jung [2015-03-23]

S3 PCDSRVC{91725DDC-8AF44900-06020200}_0; \??\c:\users\acer\appdata\local\temp\em7b8wgaiba5\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{D1725DDC-E6B223E4-06020200}_0; \??\c:\users\acer\appdata\local\temp\6vruwjgjxipq\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

2015-04-02 14:40 - 2015-04-02 14:41 - 00020162 _____ () C:\Users\acer\Desktop\FRST.txt
2015-04-02 14:35 - 2015-04-02 14:35 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher (1).exe
2015-04-02 14:30 - 2015-04-02 14:30 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe
2015-04-02 12:35 - 2015-04-02 12:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-02 12:34 - 2015-04-02 13:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-02 12:34 - 2015-04-02 12:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 12:33 - 2015-04-02 13:07 - 00000000 ____D () C:\Users\acer\Desktop\mbar
2015-04-02 12:33 - 2015-04-02 12:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-29 19:14 - 2015-03-29 18:46 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-29 18:52 - 2015-03-29 19:24 - 00015975 _____ () C:\zoek-results.log
2015-03-29 18:49 - 2015-03-29 18:49 - 01305600 _____ () C:\Users\acer\Downloads\zoek.exe
2015-03-29 18:47 - 2015-03-29 18:47 - 00008960 _____ () C:\Users\acer\Desktop\AdwCleaner[S0].txt
2015-03-29 18:46 - 2015-03-29 19:10 - 00000000 ____D () C:\zoek_backup
2015-03-29 18:22 - 2015-03-29 18:36 - 00000000 ____D () C:\AdwCleaner
2015-03-29 18:20 - 2015-03-29 18:20 - 01305600 _____ () C:\Users\acer\Desktop\zoek.exe
2015-03-29 18:00 - 2015-03-29 18:01 - 02168320 _____ () C:\Users\acer\Desktop\adwcleaner_4.113.exe
2015-03-29 15:19 - 2015-03-29 15:37 - 00000000 ____D () C:\rsit
2015-03-29 15:19 - 2015-03-29 15:36 - 00000000 ____D () C:\Program Files\trend micro
2015-03-29 15:18 - 2015-03-29 15:18 - 01222144 _____ () C:\Users\acer\Downloads\RSITx64.exe
2015-03-29 15:16 - 2015-03-29 15:16 - 02095616 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe

Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OscarEditor => value deleted successfully.
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value deleted successfully.
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify => value deleted successfully.
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
"HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12085643-58d3-11e2-a7f5-206a8a13ff2d}" => Key deleted successfully.
HKCR\CLSID\{12085643-58d3-11e2-a7f5-206a8a13ff2d} => Key not found.
"HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb1e4822-6c64-11e2-9f22-206a8a13ff2d}" => Key deleted successfully.
HKCR\CLSID\{bb1e4822-6c64-11e2-9f22-206a8a13ff2d} => Key not found.
HKU\S-1-5-21-1201002671-3057367122-1116211431-1000\Control Panel\Desktop\\SCRNSAVE.EXE => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\3pji1eo2.default\Extensions\foxyproxy@eric.h.jung => Moved successfully.
PCDSRVC{91725DDC-8AF44900-06020200}_0 => Service deleted successfully.
PCDSRVC{D1725DDC-E6B223E4-06020200}_0 => Service deleted successfully.
"C:\Users\acer\Desktop\FRST.txt" => File/Directory not found.
C:\Users\acer\Desktop\FRSTLauncher (1).exe => Moved successfully.
C:\Users\acer\Desktop\FRSTLauncher.exe => Moved successfully.
C:\ProgramData\Malwarebytes => Moved successfully.
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => Moved successfully.
C:\Windows\system32\Drivers\MBAMSwissArmy.sys => Moved successfully.
C:\Users\acer\Desktop\mbar => Moved successfully.
C:\Windows\system32\Drivers\mbamchameleon.sys => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\acer\Downloads\zoek.exe => Moved successfully.
C:\Users\acer\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\acer\Desktop\zoek.exe => Moved successfully.
C:\Users\acer\Desktop\adwcleaner_4.113.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\acer\Downloads\RSITx64.exe => Moved successfully.
C:\Users\acer\Downloads\FRST64.exe => Moved successfully.
C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate => Key Deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 981.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog 23:57:13 ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zpomalení notebooku a Avast hlásí viry

#10 Příspěvek od vyosek »

Jak se chova ntb???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“