Prosím o prohlídku

[peter19500]

Prosim o radu ako vyčistiť môj notebook.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Miriam at 2013-05-15 18:31:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 90 GB (46%) free of 193 GB
Total RAM: 1788 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:32:18, on 15. 5. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Users\Miriam\Downloads\RSIT.exe
C:\Program Files\trend micro\Miriam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.lookforithere.info/?pi ... K&unqvl=14
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Certified Toolbar - {010e44c0-8bda-476c-9cee-e7a8c632e840} - C:\Users\Miriam\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browwsye2suave - {4A2E3E71-21A6-13C3-77C9-B3F7FB48C054} - C:\ProgramData\Browwsye2suave\512cd37aab49b.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)
O2 - BHO: Seaarch-NewTAba - {F8CC2135-819B-8221-A1E6-E1B56BE256A2} - C:\ProgramData\Seaarch-NewTAba\512cd3eb8f95a.dll
O2 - BHO: ccoNtiinuetosavey - {FA30547A-7780-8643-FE4A-942ECF4A13E6} - C:\ProgramData\ccoNtiinuetosavey\518d1cefe4676.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Certified Toolbar - {010e44c0-8bda-476c-9cee-e7a8c632e840} - C:\Users\Miriam\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~2\Datamngr\DATAMN~2.EXE
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {4084ff18-eae8-4d0c-a5cc-e1b3e5711ab9} - C:\Users\Miriam\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\wincert\win32c~1.dll c:\progra~1\search~2\datamngr\mgrldr.dll c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\browse~1\sprote~1.dll c:\progra~1\simple~1\sprote~1.dll c:\progra~1\contin~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

--
End of file - 12566 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\Google Software Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280

prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "keyword.URL" - "http://websearch.lookforithere.info/?pi ... =14&l=1&q="

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"=C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
Cetrumcz_igeared.xml
dunaj-sk.xml
eBay.xml
google.xml
SearchResults.xml
slovnik-sk.xml
Web Search.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\
kqakmnvjmdz@uye-.co.uk
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}

C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\searchplugins\
my-web-search.xml
Search_Results.xml
Web Search.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{010e44c0-8bda-476c-9cee-e7a8c632e840}]
Certified Toolbar - C:\Users\Miriam\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}]
Browwsye2suave - C:\ProgramData\Browwsye2suave\512cd37aab49b.dll [2013-02-26 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\bin\ssv.dll [2013-04-22 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-08-16 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\bin\jp2ssv.dll [2013-04-22 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}]
Seaarch-NewTAba - C:\ProgramData\Seaarch-NewTAba\512cd3eb8f95a.dll [2013-02-26 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA30547A-7780-8643-FE4A-942ECF4A13E6}]
ccoNtiinuetosavey - C:\ProgramData\ccoNtiinuetosavey\518d1cefe4676.dll [2013-05-10 112128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
{010e44c0-8bda-476c-9cee-e7a8c632e840} - Certified Toolbar - C:\Users\Miriam\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-12-17 4114368]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-12-17 6223808]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"DATAMNGR"=C:\PROGRA~1\SEARCH~2\Datamngr\DATAMN~2.EXE []
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-09-07 3673808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ReadyComm5"= []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AdobeBridge"= []
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-03-28 1106288]
"Google Update"=C:\Users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cAudioFilterAgent]
C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [2010-03-10 496184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE [2011-09-15 1700272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_26E26F05662789E00DFEAF36917849F2]
C:\Users\Miriam\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-10-28 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2013-03-20 578560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2013-03-28 1511792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-03-28 310640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-28 1406248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]

C:\Users\Miriam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\wincert\win32c~1.dll c:\progra~1\search~2\datamngr\mgrldr.dll c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\browse~1\sprote~1.dll c:\progra~1\simple~1\sprote~1.dll c:\progra~1\contin~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
"msacm.siren"=sirenacm.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-05-15 18:31:47 ----D---- C:\Program Files\trend micro
2013-05-15 18:31:42 ----D---- C:\rsit
2013-05-15 17:55:50 ----A---- C:\windows\system32\drivers\sp_rsdrv2.sys
2013-05-15 17:55:48 ----D---- C:\Users\Miriam\AppData\Roaming\Spyware Terminator
2013-05-15 17:55:48 ----D---- C:\ProgramData\Spyware Terminator
2013-05-15 17:55:34 ----D---- C:\Program Files\Spyware Terminator
2013-05-12 21:49:13 ----A---- C:\windows\cdplayer.ini
2013-05-12 13:30:50 ----D---- C:\audiograbber
2013-05-10 18:17:02 ----D---- C:\ProgramData\StarApp
2013-05-10 18:15:58 ----D---- C:\Program Files\WebSearch
2013-05-10 18:15:42 ----D---- C:\ProgramData\BetterSoft
2013-05-10 18:15:10 ----D---- C:\Program Files\ContinueToSave
2013-05-10 18:15:01 ----D---- C:\ProgramData\ccoNtiinuetosavey
2013-05-10 17:14:08 ----A---- C:\autoexec.bat
2013-05-10 17:13:07 ----D---- C:\Program Files\Enigma Software Group
2013-05-10 17:11:54 ----D---- C:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
2013-05-10 17:11:44 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-05-07 17:24:14 ----D---- C:\Program Files\uTorrent
2013-05-05 15:29:28 ----D---- C:\ProgramData\Browser Manager
2013-05-05 12:48:44 ----D---- C:\ProgramData\Wincert
2013-05-05 12:47:45 ----D---- C:\Program Files\Search Results Toolbar
2013-05-03 21:29:12 ----D---- C:\android-sdk
2013-04-28 16:33:27 ----A---- C:\windows\system32\WinUSBCoInstaller.dll
2013-04-28 16:33:27 ----A---- C:\windows\system32\WdfCoInstaller01007.dll
2013-04-27 00:47:39 ----D---- C:\windows\system32\no
2013-04-27 00:47:39 ----D---- C:\Program Files\SRSRoot
2013-04-24 19:51:22 ----A---- C:\windows\system32\WinUSBCoInstaller2.dll
2013-04-24 16:57:46 ----A---- C:\windows\system32\drivers\ntfs.sys
2013-04-23 22:05:10 ----D---- C:\Program Files\SimpleSpeedy
2013-04-22 22:10:49 ----D---- C:\windows\Sun
2013-04-22 22:10:35 ----D---- C:\Program Files\Common Files\Java
2013-04-22 22:10:08 ----A---- C:\windows\system32\javaws.exe
2013-04-22 22:09:46 ----A---- C:\windows\system32\WindowsAccessBridge.dll
2013-04-22 22:09:46 ----A---- C:\windows\system32\javaw.exe
2013-04-22 22:09:46 ----A---- C:\windows\system32\java.exe
2013-04-21 21:59:32 ----D---- C:\Odin3 v1.70
2013-04-21 21:00:34 ----D---- C:\Program Files\MarkAny
2013-04-21 20:52:02 ----D---- C:\Users\Miriam\AppData\Roaming\Samsung
2013-04-21 20:39:33 ----D---- C:\Program Files\MyFree Codec
2013-04-21 20:33:13 ----A---- C:\windows\system32\Redemption.dll
2013-04-21 20:32:36 ----A---- C:\windows\system32\dgderapi.dll
2013-04-21 20:31:24 ----D---- C:\ProgramData\Samsung
2013-04-21 20:31:24 ----D---- C:\Program Files\Samsung
2013-04-21 20:25:02 ----SHD---- C:\Config.Msi
2013-04-19 01:01:42 ----A---- C:\windows\wininit.ini
2013-04-18 21:50:04 ----D---- C:\Users\Miriam\AppData\Roaming\vlc

======List of files/folders modified in the last 1 month======

2013-05-15 18:32:20 ----D---- C:\windows\Temp
2013-05-15 18:32:01 ----D---- C:\windows\Prefetch
2013-05-15 18:31:47 ----RD---- C:\Program Files
2013-05-15 17:55:50 ----D---- C:\windows\system32\drivers
2013-05-15 17:55:48 ----HD---- C:\ProgramData
2013-05-15 17:35:55 ----D---- C:\windows\system32\config
2013-05-15 17:22:27 ----D---- C:\windows\system32\catroot
2013-05-15 17:22:26 ----D---- C:\windows\system32\catroot2
2013-05-15 17:22:03 ----D---- C:\windows\winsxs
2013-05-14 23:26:24 ----D---- C:\Program Files\Mozilla Thunderbird
2013-05-14 21:57:58 ----D---- C:\windows\Microsoft.NET
2013-05-14 21:57:54 ----RSD---- C:\windows\assembly
2013-05-14 21:28:48 ----SHD---- C:\windows\Installer
2013-05-14 21:28:32 ----D---- C:\windows\System32
2013-05-14 21:28:32 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-05-14 21:28:06 ----D---- C:\windows\inf
2013-05-13 16:41:37 ----SHD---- C:\System Volume Information
2013-05-12 21:49:13 ----D---- C:\Windows
2013-05-12 14:37:06 ----D---- C:\Users\Miriam\AppData\Roaming\Mozilla
2013-05-12 13:31:35 ----D---- C:\windows\system32\Tasks
2013-05-11 18:32:04 ----D---- C:\windows\Tasks
2013-05-10 23:51:30 ----D---- C:\Users\Miriam\AppData\Roaming\uTorrent
2013-05-10 18:17:03 ----D---- C:\ProgramData\InstallMate
2013-05-10 17:11:44 ----D---- C:\Program Files\Common Files
2013-05-09 17:50:06 ----D---- C:\windows\system32\DriverStore
2013-05-08 18:56:43 ----D---- C:\Users\Miriam\AppData\Roaming\Skype
2013-05-07 18:22:14 ----D---- C:\Program Files\DVDVideoSoft
2013-05-02 02:06:08 ----N---- C:\windows\system32\MpSigStub.exe
2013-04-26 22:50:11 ----D---- C:\windows\Minidump
2013-04-22 22:09:46 ----D---- C:\Program Files\Java
2013-04-22 22:09:16 ----A---- C:\windows\system32\npdeployJava1.dll
2013-04-22 22:09:16 ----A---- C:\windows\system32\deployJava1.dll
2013-04-21 20:32:30 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-21 14:55:31 ----D---- C:\ProgramData\Seaarch-NewTAba
2013-04-21 14:55:26 ----D---- C:\ProgramData\Browwsye2suave
2013-04-19 06:25:10 ----D---- C:\windows\system32\drivers\etc
2013-04-19 03:10:27 ----D---- C:\windows\rescache
2013-04-18 17:36:15 ----A---- C:\windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 14392]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-10-31 20624]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-03-05 45184]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 amdiox86;AMD IO Driver; C:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-07-04 10070016]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-07-04 290304]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2009-09-14 217136]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-12-14 1245696]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-08-29 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2009-08-29 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-08-29 18472]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2010-01-18 514104]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]
R3 usbsmi;Lenovo EasyCamera; C:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 171776]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 ALSysIO;ALSysIO; \??\C:\Users\Miriam\AppData\Local\Temp\ALSysIO.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 dgderdrv;dgderdrv; C:\windows\System32\drivers\dgderdrv.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\windows\system32\DRIVERS\ewusbwwan.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HTCAND32;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver; C:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
S3 KMWDFILTERx86;HIDServiceDesc; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2010-02-17 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2010-02-17 40552]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-12 189984]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\sscdbus.sys [2010-11-11 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 132424]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-07-04 217088]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 291840]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-03-07 45248]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-11 30312]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-09-04 595232]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-02-10 106280]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-16 136176]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-06 194104]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-18 256904]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-04 654848]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-16 136176]
S3 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-15 38152]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-08-16 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[vyosek]

Zdravim

Odinstalujte Spybot - Search & Destroy a i Spyware Terminator - oba jsou uz davno za vrcholem sve slavy

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[peter19500]

Dik, Spyboot a Spyware terminator som odinstaloval a prikladam log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x86
Ran by Miriam on çt 16. 05. 2013 at 22:02:48,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\datamngr
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitengine
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\certifiedtoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\dnsbho.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\facemoodssrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\facemoodssrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59"



~~~ Files

Successfully deleted: [File] "C:\windows\system32\roboot.exe"
Successfully deleted: [File] "C:\windows\s.bat"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\Miriam\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Miriam\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Miriam\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\bittorrentbar"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\certifiedtoolbar"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\imeshbandmltbpi"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\searchqutoolbar"
Successfully deleted: [Folder] "C:\Users\Miriam\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files\bittorrentbar"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduitengine"
Successfully deleted: [Folder] "C:\Program Files\continuetosave"
Successfully deleted: [Folder] "C:\Program Files\imesh applications"
Failed to delete: [Folder] "C:\Program Files\search results toolbar"
Successfully deleted: [Folder] "C:\Program Files\searchcore for browsers"
Successfully deleted: [Folder] "C:\Program Files\SimpleSpeedy"
Successfully deleted: [Folder] "C:\Program Files\websearch"
Successfully deleted: [Folder] "C:\Program Files\wi3c8a~1"
Successfully deleted: [Folder] "C:\Users\Miriam\AppData\Roaming\microsoft\windows\start menu\programs\BrowserProtect"
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{0CB3EA02-0C80-4760-B7B7-09509190DD57}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{12BD3E76-C1E3-4C58-ACCA-FB6DB4E062AD}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{2F9014CA-BC7F-4C5C-AEBC-9A33BD066469}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{38CBDBCF-8427-47CD-AF30-2EE9CDDC55DE}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{47701813-0E16-4461-9605-C478D00542EA}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{4DC764FB-942D-4C75-B701-D62DB6317DA5}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{52E5BED7-0E60-476A-9674-1330C43A1C55}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{532F283B-A299-4C47-9124-F9D362558315}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{5BBA005E-C671-4F4A-8AC4-BDFE1F1935F4}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{6E652A3F-BC9E-45A5-B40D-E29288D86721}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{7247C42E-74CB-4809-A625-0F837C5C1212}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{7309047F-EBD8-4F61-9D29-7DAD960D4F0C}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{79C2364B-B2C6-4E5B-A074-3A082F45BC1B}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{7C2864A1-A8EB-4139-93F2-1711FC459E2A}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{9CFBEFAE-F430-488C-A157-B40A1509C94E}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{9E3BF0F1-4A46-4746-B650-547613DF411D}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{9F73AD47-A94C-406A-AAED-B62F28815AFD}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{A1DE69B6-7AC2-4B99-A987-18A27D86D76E}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{A44E566C-03A4-4748-A775-CFF05E8F6ADA}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{A4A2C09F-68FE-464B-9A16-15E81D7C75C1}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{A70D8BE5-C7E4-43DF-8440-A8254D8B301D}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{AC502095-C42E-48D7-9B4F-F8DC20C57D0B}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{AC816D0A-53A9-4DAE-9DE9-A71DDA1BABD0}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{BAB476B0-35E4-4277-A5FB-5FBACD96D9CB}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{C3747C8E-9C16-41AC-B5B2-C6A818D0C791}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{C4C1C789-2E69-4644-8D35-C20DC0C09918}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{C6D8146F-C2EC-4483-BFE7-D3CD0386DBA8}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{D125DDFA-96A8-4893-AB77-F291F860887C}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{D7119839-97F9-4F2C-A083-FFBD039E1EB4}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{D839DC3D-FDCA-45CD-9876-066D169E8F52}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{E161E086-15CC-4733-B9F3-CE46D6EDABC3}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{E7D1F747-3EDE-4820-9352-5B0B5020CDF9}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{E7D23D3C-BC26-4E72-B4E1-5B4854580A7A}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{E9CA00B3-91BB-4268-9948-041E89FAF7D5}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{EA2700EC-4AA8-4C59-9533-E04D9E0414BA}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{EB79712C-D898-4560-AF51-FBA4527CF2CF}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{F3F208A8-81F7-4FCF-A906-099366CB2138}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{FD7A98B0-6637-475E-9FE8-F5922A50C069}
Successfully deleted: [Empty Folder] C:\Users\Miriam\appdata\local\{FDC55FEC-5BF2-4D9E-848D-11EC7CC3A049}
Successfully deleted: [Folder] "C:\Users\Miriam\AppData\Local\asktoolbar"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\user.js
Successfully deleted: [File] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\bprotector_prefs.js
Successfully deleted: [File] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\searchplugins\my-web-search.xml
Successfully deleted: [File] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\searchplugins\websearch.xml
Successfully deleted: [File] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\searchplugins\web search.xml
Successfully deleted: [Folder] C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\jetpack
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Successfully deleted the following from C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("browser.search.defaultenginename", "WebSearch");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://websearch.lookforithere.info/?pid=518&r=2013/05/10&hid=721079863&lg=EN&cc=SK&unqvl=14&l=1&q=");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("extensions.512cd3b042df0.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.518d1cefe4598.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "44f1095d000000000000c217fee042f3");
user_pref("extensions.delta.instlDay", "15809");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1620:41:59");
user_pref("extensions.delta.vrsni", "1.8.16.16");
user_pref("keyword.URL", "hxxp://websearch.lookforithere.info/?pid=518&r=2013/05/10&hid=721079863&lg=EN&cc=SK&unqvl=14&l=1&q=");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Miriam\AppData\Roaming\mozilla\firefox\profiles\4zz7oigp.default-1360469313280\minidumps [65 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on çt 16. 05. 2013 at 22:08:14,46
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Teraz idem na Adw Cleaner

[peter19500]

# AdwCleaner v2.301 - Log vytvorený 16/05/2013 o 22:20:42
# Aktualizované 16/05/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (32 bits)
# Uživateľ : Miriam - MIRIAM-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Miriam\Desktop\adwcleaner(1).exe
# Voľba [Prehľada?]


***** [Služby] *****


***** [Súbory / Adresáre] *****

Adresár Nájdené : C:\Program Files\Gophoto.it
Adresár Nájdené : C:\Program Files\search results toolbar
Adresár Nájdené : C:\ProgramData\Browser Manager
Adresár Nájdené : C:\ProgramData\Browwsye2suave
Adresár Nájdené : C:\ProgramData\ccoNtiinuetosavey
Adresár Nájdené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browwsye2suave
Adresár Nájdené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ccoNtiinuetosavey
Adresár Nájdené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seaarch-NewTAba
Adresár Nájdené : C:\ProgramData\Seaarch-NewTAba
Adresár Nájdené : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gibnfmlfancnamkhmajbfonejffeecln
Adresár Nájdené : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipnhimhieamhbochlhifndceepgeclmg
Adresár Nájdené : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpndnmegcapgofoahnoenjiikbkfnai
Adresár Nájdené : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Adresár Nájdené : C:\Users\Miriam\AppData\Local\PackageAware
Adresár Nájdené : C:\Users\Miriam\AppData\Local\PutLockerDownloader
Adresár Nájdené : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}
Adresár Nájdené : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\kqakmnvjmdz@uye-.co.uk
Súbor Nájdené : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences

***** [Registre] *****

Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Hodnota Nájdené : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Hodnota Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Kľúe Nájdené : HKCU\Software\5f288d8b435e915
Kľúe Nájdené : HKCU\Software\delta LTD
Kľúe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Kľúe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Kľúe Nájdené : HKCU\Software\ProtectedSearch
Kľúe Nájdené : HKCU\Software\SearchCore for Browsers
Kľúe Nájdené : HKCU\Software\YahooPartnerToolbar
Kľúe Nájdené : HKLM\SOFTWARE\5f288d8b435e915
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{FA30547A-7780-8643-FE4A-942ECF4A13E6}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Kľúe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Kľúe Nájdené : HKLM\Software\DataMngr
Kľúe Nájdené : HKLM\Software\Delta
Kľúe Nájdené : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Kľúe Nájdené : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Kľúe Nájdené : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA30547A-7780-8643-FE4A-942ECF4A13E6}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C6816E-CBB3-A748-85F9-A8B47B68985B}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Kľúe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchCore for Browsers
Kľúe Nájdené : HKLM\Software\SearchCore for Browsers
Kľúe Nájdené : HKLM\Software\SP Global
Kľúe Nájdené : HKLM\Software\SProtector
Kľúe Nájdené : HKU\S-1-5-21-2088109100-1783434862-2200729010-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v10.0.9200.16576

[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www1.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=44F1C217FEE042F3

-\\ Mozilla Firefox v20.0.1 (sk)

Súbor : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\prefs.js

Nájdené : user_pref("extensions.512cd3b042df0.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Nájdené : user_pref("extensions.518d1cefe4598.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]

-\\ Google Chrome v [Nemôžem získa? verziu]

Súbor : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [10581 octets] - [16/05/2013 22:20:42]

########## EOF - C:\AdwCleaner[R1].txt - [10642 octets] ##########


Cakam na dalsie instrukcie. Velmi pekne dakujem.

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[peter19500]

Vykonal som. Prikladám log.

# AdwCleaner v2.301 - Log vytvorený 17/05/2013 o 18:02:04
# Aktualizované 16/05/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (32 bits)
# Uživateľ : Miriam - MIRIAM-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Miriam\Desktop\adwcleaner(1).exe
# Voľba [Vymaza?]


***** [Služby] *****

Zastavené & vymazané : BrowserProtect

***** [Súbory / Adresáre] *****

Adresár Vymazané : C:\Program Files\Gophoto.it
Adresár Vymazané : C:\Program Files\TornTV.com
Adresár Vymazané : C:\ProgramData\Babylon
Adresár Vymazané : C:\ProgramData\Browwsye2suave
Adresár Vymazané : C:\ProgramData\ccoNtiinuetosavey
Adresár Vymazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browwsye2suave
Adresár Vymazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ccoNtiinuetosavey
Adresár Vymazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seaarch-NewTAba
Adresár Vymazané : C:\ProgramData\Seaarch-NewTAba
Adresár Vymazané : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gibnfmlfancnamkhmajbfonejffeecln
Adresár Vymazané : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipnhimhieamhbochlhifndceepgeclmg
Adresár Vymazané : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpndnmegcapgofoahnoenjiikbkfnai
Adresár Vymazané : C:\Users\Miriam\AppData\Local\PackageAware
Adresár Vymazané : C:\Users\Miriam\AppData\Local\PutLockerDownloader
Adresár Vymazané : C:\Users\Miriam\AppData\Local\Smartbar
Adresár Vymazané : C:\Users\Miriam\AppData\Local\Temp\Smartbar
Adresár Vymazané : C:\Users\Miriam\AppData\Roaming\BabSolution
Adresár Vymazané : C:\Users\Miriam\AppData\Roaming\Babylon
Adresár Vymazané : C:\Users\Miriam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Adresár Vymazané : C:\Users\Miriam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Adresár Vymazané : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}
Adresár Vymazané : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\kqakmnvjmdz@uye-.co.uk
Adresár Vymazané : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\jetpack
Súbor Vymazané : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Súbor Vymazané : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\bprotector_extensions.sqlite
Súbor Vymazané : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\bprotector_prefs.js
Súbor Vymazané : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\gophoto@gophoto.it.xpi
Súbor Vymazané : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\searchplugins\Babylon.xml
Súbor Vymazané : C:\Users\Miriam\Desktop\TornTV.lnk
Vymazané pri reštarte : C:\Program Files\search results toolbar
Vymazané pri reštarte : C:\ProgramData\Browser Manager
Vymazané pri reštarte : C:\ProgramData\BrowserProtect

***** [Registre] *****

Dáta Vymazané : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\261249~1.132\{c16c1~1\browse~1.dll
Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Hodnota Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Hodnota Vymazané : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Kľúe Vymazané : HKCU\Software\1ClickDownload
Kľúe Vymazané : HKCU\Software\5f288d8b435e915
Kľúe Vymazané : HKCU\Software\BabylonToolbar
Kľúe Vymazané : HKCU\Software\DataMngr
Kľúe Vymazané : HKCU\Software\DataMngr_Toolbar
Kľúe Vymazané : HKCU\Software\delta LTD
Kľúe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Kľúe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Kľúe Vymazané : HKCU\Software\ProtectedSearch
Kľúe Vymazané : HKCU\Software\SearchCore for Browsers
Kľúe Vymazané : HKCU\Software\SmartBar
Kľúe Vymazané : HKCU\Software\SmartbarBackup
Kľúe Vymazané : HKCU\Software\SmartbarLog
Kľúe Vymazané : HKCU\Software\YahooPartnerToolbar
Kľúe Vymazané : HKLM\SOFTWARE\5f288d8b435e915
Kľúe Vymazané : HKLM\Software\Babylon
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{FA30547A-7780-8643-FE4A-942ECF4A13E6}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Kľúe Vymazané : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Kľúe Vymazané : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Kľúe Vymazané : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Kľúe Vymazané : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Kľúe Vymazané : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Kľúe Vymazané : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\Prod.cap
Kľúe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Kľúe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Kľúe Vymazané : HKLM\Software\DataMngr
Kľúe Vymazané : HKLM\Software\Delta
Kľúe Vymazané : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Kľúe Vymazané : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2E3E71-21A6-13C3-77C9-B3F7FB48C054}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8CC2135-819B-8221-A1E6-E1B56BE256A2}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA30547A-7780-8643-FE4A-942ECF4A13E6}
Kľúe Vymazané : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C6816E-CBB3-A748-85F9-A8B47B68985B}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Kľúe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchCore for Browsers
Kľúe Vymazané : HKLM\Software\SearchCore for Browsers
Kľúe Vymazané : HKLM\Software\SP Global
Kľúe Vymazané : HKLM\Software\SProtector
Kľúe Vymazané : HKU\S-1-5-21-2088109100-1783434862-2200729010-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v10.0.9200.16576

Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119776&tt=g ... 17FEE042F3 --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (sk)

Súbor : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\prefs.js

C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\user.js ... Vymazané !

Vymazané : user_pref("browser.search.order.1", "Delta Search");
Vymazané : user_pref("browser.search.selectedEngine", "Delta Search");
Vymazané : user_pref("extensions.512cd3b042df0.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Vymazané : user_pref("extensions.518d1cefe4598.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]

-\\ Google Chrome v [Nemôžem získa? verziu]

Súbor : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [10712 octets] - [16/05/2013 22:20:42]
AdwCleaner[S1].txt - [14183 octets] - [17/05/2013 18:02:04]

########## EOF - C:\AdwCleaner[S1].txt - [14244 octets] ##########

Práve otvorilo dalsie okno travian hry.

[vyosek]

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[peter19500]

Rkill 2.4.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/18/2013 09:53:59 PM in x86 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15377 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 05/18/2013 09:54:29 PM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)

[vyosek]

Pockam si na ComboFix

[peter19500]

Zdravim. Pri ComboFixe mi dva krat zamrzol, skusam dalej. Prvy krat pri okne cakajte 10 minut a druhy krat po kontrole, pred vytvorenim logu.

[vyosek]

Zkuste jej spustit v nouzovem rezimu

[peter19500]

Zdravim. Ďakujem za rady, v nudzovom režime to prebehlo bezproblemov. Prikladám logy.

Rkill 2.4.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/30/2013 08:33:54 PM in x86 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Brána Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic

* Sieťové pripojenia (Netman) is not Running.
Startup Type set to: Manual

* Network Store Interface Service (nsi) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Ancillary Function Driver for Winsock (AFD) is not Running.
Startup Type set to: System

* Ovládač overenia brány Windows Firewall (mpsdrv) is not Running.
Startup Type set to: Manual

* NetBT (NetBT) is not Running.
Startup Type set to: System

* NSI proxy service driver. (nsiproxy) is not Running.
Startup Type set to: System

* Sieťový vstupno-výstupný ovládač staršej verzie na podporu zariadení TDI (tdx) is not Running.
Startup Type set to: System

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15377 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 05/30/2013 08:34:10 PM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)



ComboFix 13-05-30.02 - Miriam . 05. 2013 20:37:47.3.2 - x86 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.1788.1013 [GMT 2:00]
Running from: c:\users\Miriam\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\muzapp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-30 )))))))))))))))))))))))))))))))
.
.
2013-05-30 18:44 . 2013-05-30 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-28 20:04 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E5DD65B-F52C-4CAA-9A11-BF2B92D47796}\mpengine.dll
2013-05-23 18:45 . 2013-05-24 19:14 -------- d-----w- c:\users\Miriam\AppData\Roaming\Mp3tag
2013-05-23 18:44 . 2013-05-23 18:44 -------- d-----w- c:\program files\Mp3tag
2013-05-20 20:37 . 2013-05-20 20:37 -------- d-----w- c:\program files\Tunatic
2013-05-20 18:19 . 2013-05-20 18:19 -------- d-----w- c:\programdata\FreeRIP
2013-05-20 18:19 . 2013-05-20 18:19 -------- d-----w- c:\program files\FreeRIP
2013-05-16 19:58 . 2013-05-16 19:58 -------- d-----w- c:\windows\ERUNT
2013-05-16 19:58 . 2013-05-16 19:58 -------- d-----w- C:\JRT
2013-05-15 16:31 . 2013-05-15 16:32 -------- d-----w- c:\program files\trend micro
2013-05-15 16:31 . 2013-05-15 16:32 -------- d-----w- C:\rsit
2013-05-15 15:55 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-05-15 15:24 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 15:24 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 15:24 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 15:24 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 15:24 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 15:23 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 15:23 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 15:23 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-12 11:30 . 2013-05-24 17:18 -------- d-----w- C:\audiograbber
2013-05-10 16:17 . 2013-05-10 16:17 -------- d-----w- c:\programdata\StarApp
2013-05-10 15:13 . 2013-05-10 15:13 -------- d-----w- c:\program files\Enigma Software Group
2013-05-10 15:11 . 2013-05-10 15:35 -------- d-----w- c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
2013-05-10 15:11 . 2013-05-10 15:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-05-07 15:24 . 2013-05-07 15:24 -------- d-----w- c:\program files\uTorrent
2013-05-05 13:29 . 2013-05-05 13:29 -------- d-----w- c:\programdata\Browser Manager
2013-05-05 10:47 . 2013-05-07 16:23 -------- d-----w- c:\program files\Search Results Toolbar
2013-05-03 19:29 . 2013-05-03 20:06 -------- d-----w- C:\android-sdk
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 18:57 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 19:55 . 2012-10-14 15:00 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 19:55 . 2012-10-14 15:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-03 19:23 . 2013-05-03 19:11 425611626 ----a-w- C:\adt-bundle-windows-x86_64-20130219.zip
2013-05-02 00:06 . 2010-08-16 17:04 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-22 20:09 . 2013-04-22 20:09 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-22 20:09 . 2012-09-30 08:32 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-22 20:09 . 2010-11-06 14:46 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-13 04:45 . 2013-05-15 15:24 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 15:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-24 14:57 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-01 18:26 . 2013-04-01 18:26 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-01 18:26 . 2013-04-01 18:26 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-01 18:26 . 2013-04-01 18:26 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-01 18:26 . 2013-04-01 18:26 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-01 18:26 . 2013-04-01 18:26 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-01 18:26 . 2013-04-01 18:26 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-01 18:26 . 2013-04-01 18:26 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-01 18:26 . 2013-04-01 18:26 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-01 18:26 . 2013-04-01 18:26 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-01 18:26 . 2013-04-01 18:26 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-01 18:26 . 2013-04-01 18:26 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-01 18:26 . 2013-04-01 18:26 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-01 18:26 . 2013-04-01 18:26 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-01 18:26 . 2013-04-01 18:26 361984 ----a-w- c:\windows\system32\html.iec
2013-04-01 18:26 . 2013-04-01 18:26 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-01 18:26 . 2013-04-01 18:26 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-01 18:26 . 2013-04-01 18:26 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-01 18:24 . 2013-04-01 18:24 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-04-01 18:24 . 2013-04-01 18:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-04-01 18:24 . 2013-04-01 18:24 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-01 18:24 . 2013-04-01 18:24 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-04-01 18:24 . 2013-04-01 18:24 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-04-01 18:24 . 2013-04-01 18:24 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-04-01 18:24 . 2013-04-01 18:24 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-04-01 18:24 . 2013-04-01 18:24 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-04-01 18:24 . 2013-04-01 18:24 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-04-01 18:24 . 2013-04-01 18:24 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-04-01 18:24 . 2013-04-01 18:24 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-04-01 18:24 . 2013-04-01 18:24 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-04-01 18:24 . 2013-04-01 18:24 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-04-01 18:24 . 2013-04-01 18:24 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-04-01 18:24 . 2013-04-01 18:24 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-04-01 18:24 . 2013-04-01 18:24 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-04-01 18:24 . 2013-04-01 18:24 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-04-01 18:24 . 2013-04-01 18:24 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-03-19 05:04 . 2013-04-10 14:56 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 14:56 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 14:56 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 14:56 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-06 23:33 . 2013-03-15 16:31 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 16:31 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2011-04-19 12:36 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2010-12-11 08:44 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2010-12-11 08:44 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-03-22 05:46 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2010-12-11 08:44 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2010-12-11 08:44 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2010-12-11 08:43 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2010-12-11 08:43 228600 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"UpdateP2GShortCut"="c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-12-17 4114368]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6223808]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files\Windows Live\Installer\wlstart.exe" [2009-07-26 777552]
.
c:\users\Miriam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-19 14:39 41208 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cAudioFilterAgent]
2010-03-10 07:44 496184 ------w- c:\program files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-16 15:24 136176 ----atw- c:\users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2010-10-28 16:55 294912 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2013-03-20 06:08 578560 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-03-28 09:32 1511792 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-03-28 09:32 310640 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
2010-09-28 15:17 1406248 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
2012-02-28 14:53 190768 ----a-w- c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2012-06-26 12:10 1516632 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-04-19 13:19 18678376 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
2009-11-19 05:45 307768 ------w- c:\program files\CONEXANT\SAII\SAIICpl.exe
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [x]
R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Miriam\AppData\Local\Temp\ALSysIO.sys [x]
R3 aswVmm;aswVmm; [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswKbd;aswKbd; [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 19:55]
.
2013-05-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-16 11:11]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 18:37]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 18:37]
.
2013-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004Core.job
- c:\users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 15:24]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004UA.job
- c:\users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 15:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = about:blank
mStart Page = hxxp://www.google.com
mSearch Bar = about:blank
uInternet Settings,ProxyOverride = *.local
IE: {{4084ff18-eae8-4d0c-a5cc-e1b3e5711ab9} - {010e44c0-8bda-476c-9cee-e7a8c632e840} -
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - ExtSQL: 2013-05-16 22:29; torntv2@torntv.com; c:\users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\torntv2@torntv.com.xpi
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{010e44c0-8bda-476c-9cee-e7a8c632e840} - (no file)
Toolbar-Locked - (no file)
Toolbar-{010e44c0-8bda-476c-9cee-e7a8c632e840} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKCU-Run-ReadyComm5 - (no file)
HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-GoogleChromeAutoLaunch_26E26F05662789E00DFEAF36917849F2 - c:\users\Miriam\AppData\Local\Google\Chrome\Application\chrome.exe
AddRemove-{4A66020C-40B1-A6BA-A3DF-B4D49FC17671} - c:\progra~2\INSTAL~1\{85002~1\Setup.exe
AddRemove-{7AF978A0-A381-2548-021D-3DA80A4F52EB} - c:\progra~2\INSTAL~1\{56CD3~1\Setup.exe
AddRemove-{C69D6AC6-486D-882F-927C-DA963412762C} - c:\progra~2\INSTAL~1\{09752~1\Setup.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-{DC767840-F595-5083-CEC3-2FB2760E04B6} - c:\progra~2\INSTAL~1\{09FF1~1\Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2088109100-1783434862-2200729010-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-2088109100-1783434862-2200729010-1004)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-2088109100-1783434862-2200729010-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2088109100-1783434862-2200729010-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:db,a3,64,ac,5f,4d,8f,ab,a4,88,53,6e,d1,a9,de,3e,20,eb,0a,98,56,73,1e,
e9,21,c7,92,38,be,14,8a,8c,62,d7,9c,01,3b,ff,63,df,92,92,39,cf,b1,ea,ae,58,\
"??"=hex:90,44,60,96,c2,87,4d,e8,c1,e5,5d,7e,f1,c9,9b,47
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-30 20:47:00
ComboFix-quarantined-files.txt 2013-05-30 18:47
.
Pre-Run: 70 818 287 616 bytes free
Post-Run: 71 080 947 712 bytes free
.
- - End Of File - - C7A797B5420EC49CB33093E3618F523D


Čakám na ďalšie inštrukcie. Dík.

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\program files\Enigma Software Group
  c:\program files\Search Results Toolbar
  
  Registry::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "UpdateP2GShortCut"=-
  "SunJavaUpdateSched"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  
  RegLock::
  [HKEY_USERS\S-1-5-21-2088109100-1783434862-2200729010-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  
  RegNull::
  [HKEY_USERS\S-1-5-21-2088109100-1783434862-2200729010-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  
  File::
  
  C:\windows\tasks\Adobe Flash Player Updater.job
  C:\windows\tasks\Google Software Updater.job
  C:\windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004Core.job
  C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004UA.job
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[peter19500]

Zdravim, šlo to bez problemov. Prikladám LOG:

ComboFix 13-05-30.02 - Miriam . 06. 2013 20:00:48.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.1788.1065 [GMT 2:00]
Running from: c:\users\Miriam\Desktop\ComboFix.exe
Command switches used :: c:\users\Miriam\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\Google Software Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Enigma Software Group
c:\program files\Enigma Software Group\SpyHunter\gil.dat
c:\program files\Enigma Software Group\SpyHunter\INSTALL.LOG
c:\program files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20130510_171343.log
c:\program files\Enigma Software Group\SpyHunter\safeol.dat
c:\program files\Enigma Software Group\SpyHunter\scanlog.log
c:\program files\Enigma Software Group\SpyHunter\supportlog.txt
c:\program files\Enigma Software Group\SpyHunter\unkcache.dat
c:\program files\Search Results Toolbar
c:\program files\Search Results Toolbar\Datamngr\apcrtldr.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-05-03 to 2013-06-03 )))))))))))))))))))))))))))))))
.
.
2013-06-03 18:13 . 2013-06-03 18:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-28 19:49 . 2013-05-30 20:21 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-05-23 18:45 . 2013-05-24 19:14 -------- d-----w- c:\users\Miriam\AppData\Roaming\Mp3tag
2013-05-23 18:44 . 2013-05-23 18:44 -------- d-----w- c:\program files\Mp3tag
2013-05-20 20:37 . 2013-05-20 20:37 -------- d-----w- c:\program files\Tunatic
2013-05-20 18:19 . 2013-05-20 18:19 -------- d-----w- c:\programdata\FreeRIP
2013-05-20 18:19 . 2013-05-20 18:19 -------- d-----w- c:\program files\FreeRIP
2013-05-16 19:58 . 2013-05-16 19:58 -------- d-----w- c:\windows\ERUNT
2013-05-16 19:58 . 2013-05-16 19:58 -------- d-----w- C:\JRT
2013-05-15 16:31 . 2013-05-15 16:32 -------- d-----w- c:\program files\trend micro
2013-05-15 16:31 . 2013-05-15 16:32 -------- d-----w- C:\rsit
2013-05-15 15:55 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-05-15 15:24 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 15:24 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 15:24 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 15:24 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 15:24 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 15:23 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 15:23 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 15:23 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-12 11:30 . 2013-05-24 17:18 -------- d-----w- C:\audiograbber
2013-05-10 16:17 . 2013-05-10 16:17 -------- d-----w- c:\programdata\StarApp
2013-05-10 15:11 . 2013-05-10 15:35 -------- d-----w- c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
2013-05-10 15:11 . 2013-05-10 15:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-05-07 15:24 . 2013-05-07 15:24 -------- d-----w- c:\program files\uTorrent
2013-05-05 13:29 . 2013-05-05 13:29 -------- d-----w- c:\programdata\Browser Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 18:57 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 19:55 . 2012-10-14 15:00 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 19:55 . 2012-10-14 15:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-03-15 16:31 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-15 16:31 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-03-22 05:46 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2011-04-19 12:36 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2010-12-11 08:44 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2010-12-11 08:44 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2010-12-11 08:44 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2010-12-11 08:44 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2010-12-11 08:43 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2010-12-11 08:43 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-03 19:23 . 2013-05-03 19:11 425611626 ----a-w- C:\adt-bundle-windows-x86_64-20130219.zip
2013-05-02 00:06 . 2010-08-16 17:04 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-22 20:09 . 2013-04-22 20:09 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-22 20:09 . 2012-09-30 08:32 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-22 20:09 . 2010-11-06 14:46 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-13 04:45 . 2013-05-15 15:24 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 15:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-24 14:57 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-01 18:26 . 2013-04-01 18:26 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-01 18:26 . 2013-04-01 18:26 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-01 18:26 . 2013-04-01 18:26 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-01 18:26 . 2013-04-01 18:26 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-01 18:26 . 2013-04-01 18:26 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-01 18:26 . 2013-04-01 18:26 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-01 18:26 . 2013-04-01 18:26 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-01 18:26 . 2013-04-01 18:26 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-01 18:26 . 2013-04-01 18:26 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-01 18:26 . 2013-04-01 18:26 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-01 18:26 . 2013-04-01 18:26 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-01 18:26 . 2013-04-01 18:26 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-01 18:26 . 2013-04-01 18:26 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-01 18:26 . 2013-04-01 18:26 361984 ----a-w- c:\windows\system32\html.iec
2013-04-01 18:26 . 2013-04-01 18:26 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-01 18:26 . 2013-04-01 18:26 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-01 18:26 . 2013-04-01 18:26 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-01 18:24 . 2013-04-01 18:24 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-04-01 18:24 . 2013-04-01 18:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-04-01 18:24 . 2013-04-01 18:24 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-01 18:24 . 2013-04-01 18:24 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-04-01 18:24 . 2013-04-01 18:24 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-04-01 18:24 . 2013-04-01 18:24 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-04-01 18:24 . 2013-04-01 18:24 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-01 18:24 . 2013-04-01 18:24 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-04-01 18:24 . 2013-04-01 18:24 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-04-01 18:24 . 2013-04-01 18:24 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-04-01 18:24 . 2013-04-01 18:24 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-04-01 18:24 . 2013-04-01 18:24 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-04-01 18:24 . 2013-04-01 18:24 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-04-01 18:24 . 2013-04-01 18:24 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-04-01 18:24 . 2013-04-01 18:24 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-04-01 18:24 . 2013-04-01 18:24 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-04-01 18:24 . 2013-04-01 18:24 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-04-01 18:24 . 2013-04-01 18:24 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-04-01 18:24 . 2013-04-01 18:24 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-03-19 05:04 . 2013-04-10 14:56 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 14:56 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 14:56 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 14:56 69632 ----a-w- c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-12-17 4114368]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6223808]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files\Windows Live\Installer\wlstart.exe" [2009-07-26 777552]
.
c:\users\Miriam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cAudioFilterAgent]
2010-03-10 07:44 496184 ------w- c:\program files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
2009-11-19 05:45 307768 ------w- c:\program files\CONEXANT\SAII\SAIICpl.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Miriam\AppData\Local\Temp\ALSysIO.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-31 04:13 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 19:55]
.
2013-05-31 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-16 11:11]
.
2013-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 18:37]
.
2013-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 18:37]
.
2013-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004Core.job
- c:\users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 15:24]
.
2013-06-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088109100-1783434862-2200729010-1004UA.job
- c:\users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 15:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = about:blank
mStart Page = hxxp://www.google.com
mSearch Bar = about:blank
uInternet Settings,ProxyOverride = *.local
IE: {{4084ff18-eae8-4d0c-a5cc-e1b3e5711ab9} - {010e44c0-8bda-476c-9cee-e7a8c632e840} -
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - ExtSQL: 2013-05-16 22:29; torntv2@torntv.com; c:\users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\4zz7oigp.default-1360469313280\extensions\torntv2@torntv.com.xpi
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3136)
c:\program files\Lenovo\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Lenovo\Bluetooth Software\btwdins.exe
c:\windows\system32\conhost.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\DllHost.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Completion time: 2013-06-03 20:24:17 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-03 18:24
ComboFix2.txt 2013-05-30 18:47
.
Pre-Run: 70 208 831 488 bytes free
Post-Run: 69 954 183 168 bytes free
.
- - End Of File - - 1B1F70D13A1B2466131C67B024514516

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse