Vyskakující reklamy v prohlížečích

Zpráva

Donuts · #31 Příspěvek od **Donuts** » 20 lis 2012 14:30

Jsem zpatky z dovolene, promazani cache taky nepomohlo.

Dnes mi NOD po zapnuti pocitace nahlasil tohle:

: nod.jpg (48.62 KiB) Zobrazeno 1355 x

A v prubehu dne nekolikrat BSOD, to pred tim take nedelal, jenom vyskakovaly ty reklamy.

#32 Příspěvek od **vyosek** » 20 lis 2012 16:34

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbanr
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Donuts · #33 Příspěvek od **Donuts** » 21 lis 2012 07:52

Malwarebytes Anti-Rootkit 1.1.0.1009
www.malwarebytes.org

Database version: v2012.11.21.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
klug :: TRONICEK-PC [administrator]

21.11.2012 7:46:20
mbar-log-2012-11-21 (07-46-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: PUP | PUM | P2P
Objects scanned: 30657
Time elapsed: 47 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\system32\drivers\Wdf01000.sys (Unknown Rootkit Driver Infection) -> Delete on reboot. []
C:\Users\klug\Local Settings\VirtualStore\45939202.TMP (Trojan.Downloader) -> Delete on reboot. [85fc4c6df56857df03c1cc77ff02718f]

(end)

#34 Příspěvek od **vyosek** » 21 lis 2012 10:03

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

Ulozte nejlepe na plochu
Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Report
Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

Dejte log z RSIT

Donuts · #35 Příspěvek od **Donuts** » 21 lis 2012 11:57

Logfile of random's system information tool 1.09 (written by random/random)
Run by klug at 2012-11-21 11:41:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 88 GB (64%) free of 139 GB
Total RAM: 2047 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:40, on 21.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\klug\Desktop\RSIT.exe
C:\Program Files\trend micro\klug.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [AutoLockProcess] C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe
O4 - HKLM\..\Run: [Acer PowerSaver] C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-21-3341063223-1897999258-1394660417-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3341063223-1897999258-1394660417-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 7677 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\klug\AppData\Roaming\Mozilla\Firefox\Profiles\ucnic6n5.default

prefs.js - "extensions.enabledItems" - "{7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\klug\AppData\Roaming\Mozilla\Firefox\Profiles\ucnic6n5.default\extensions\
jid1-yZwVFzbsyfMrqQ@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-24 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-10-22 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-24 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-10-22 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888]
"AutoLockProcess"=C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe [2009-02-17 446464]
"Acer PowerSaver"=C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe [2009-04-17 434176]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-10-22 39408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

C:\Users\klug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-05-10 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-11-15 09:01:43 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-15 09:01:43 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-15 09:01:43 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-15 09:01:43 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-15 09:01:42 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-15 09:01:42 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-15 09:01:42 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-15 09:01:24 ----A---- C:\Windows\system32\vbscript.dll
2012-11-15 09:01:24 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-15 09:01:23 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-15 09:01:23 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-15 09:01:23 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-15 09:01:23 ----A---- C:\Windows\system32\ieui.dll
2012-11-15 09:01:22 ----A---- C:\Windows\system32\wininet.dll
2012-11-15 09:01:22 ----A---- C:\Windows\system32\jscript.dll
2012-11-15 09:01:21 ----A---- C:\Windows\system32\url.dll
2012-11-15 09:01:21 ----A---- C:\Windows\system32\jscript9.dll
2012-11-15 09:01:20 ----A---- C:\Windows\system32\iertutil.dll
2012-11-15 09:01:19 ----A---- C:\Windows\system32\urlmon.dll
2012-11-15 09:01:16 ----A---- C:\Windows\system32\ieframe.dll
2012-11-15 09:01:13 ----A---- C:\Windows\system32\mshtml.dll
2012-11-14 09:07:35 ----SHD---- C:\Config.Msi
2012-11-14 09:01:27 ----SHD---- C:\Windows\system32\%APPDATA%
2012-11-14 07:14:10 ----A---- C:\Windows\system32\ncsi.dll
2012-11-14 07:14:10 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-14 07:14:09 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-14 07:14:09 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-14 07:14:09 ----A---- C:\Windows\system32\netevent.dll
2012-11-14 07:14:09 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-14 07:14:09 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-14 07:14:09 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-14 07:13:48 ----A---- C:\Windows\system32\synceng.dll
2012-11-14 07:13:47 ----A---- C:\Windows\system32\win32k.sys
2012-11-14 07:13:46 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-14 07:13:46 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-03 11:26:03 ----D---- C:\Users\klug\AppData\Roaming\Malwarebytes
2012-11-03 11:25:24 ----D---- C:\ProgramData\Malwarebytes
2012-11-03 10:03:10 ----A---- C:\ComboFix.txt
2012-11-03 09:59:27 ----SHD---- C:\$RECYCLE.BIN
2012-11-03 09:41:17 ----D---- C:\Users\klug\AppData\Roaming\SUPERAntiSpyware.com
2012-11-03 09:41:11 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-11-03 09:41:11 ----D---- C:\Program Files\SUPERAntiSpyware
2012-11-03 08:15:16 ----D---- C:\Windows\temp
2012-11-03 08:05:59 ----A---- C:\Windows\zip.exe
2012-11-03 08:05:59 ----A---- C:\Windows\SWSC.exe
2012-11-03 08:05:59 ----A---- C:\Windows\SWREG.exe
2012-11-03 08:05:59 ----A---- C:\Windows\sed.exe
2012-11-03 08:05:59 ----A---- C:\Windows\PEV.exe
2012-11-03 08:05:59 ----A---- C:\Windows\NIRCMD.exe
2012-11-03 08:05:59 ----A---- C:\Windows\MBR.exe
2012-11-03 08:05:59 ----A---- C:\Windows\grep.exe
2012-11-03 08:05:52 ----D---- C:\Qoobox
2012-11-03 08:05:35 ----D---- C:\Windows\erdnt
2012-11-01 13:21:21 ----A---- C:\AdwCleaner[S1].txt
2012-11-01 13:21:02 ----A---- C:\AdwCleaner[R2].txt
2012-11-01 13:20:43 ----A---- C:\RKreport[7].txt
2012-11-01 12:43:36 ----A---- C:\RKreport[1].txt
2012-11-01 12:39:10 ----A---- C:\AdwCleaner[R1].txt
2012-11-01 07:26:08 ----D---- C:\Program Files\trend micro
2012-11-01 07:26:07 ----D---- C:\rsit
2012-10-31 10:34:03 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-10-31 10:34:03 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-10-31 10:34:03 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-10-31 10:34:03 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-10-31 10:34:02 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-10-31 10:34:01 ----A---- C:\Windows\system32\wksprtPS.dll
2012-10-31 10:34:01 ----A---- C:\Windows\system32\wksprt.exe
2012-10-31 10:34:01 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-10-31 10:34:01 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-10-31 10:34:01 ----A---- C:\Windows\system32\tsgqec.dll
2012-10-31 10:34:01 ----A---- C:\Windows\system32\rdpudd.dll
2012-10-31 10:34:01 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-10-31 10:34:01 ----A---- C:\Windows\system32\mstsc.exe
2012-10-31 10:34:01 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-10-31 10:34:01 ----A---- C:\Windows\system32\aaclient.dll
2012-10-31 10:34:00 ----A---- C:\Windows\system32\rdpcorets.dll
2012-10-31 10:33:59 ----A---- C:\Windows\system32\mstscax.dll
2012-10-31 10:32:33 ----A---- C:\Windows\system32\OpenCL.dll
2012-10-31 10:31:47 ----D---- C:\ProgramData\NVIDIA Corporation
2012-10-31 10:31:40 ----D---- C:\Program Files\NVIDIA Corporation
2012-10-31 10:24:42 ----A---- C:\Windows\system32\schannel.dll
2012-10-31 10:24:42 ----A---- C:\Windows\system32\ncrypt.dll
2012-10-31 10:24:42 ----A---- C:\Windows\system32\lsasrv.dll
2012-10-31 10:24:42 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-10-31 10:24:42 ----A---- C:\Windows\system32\drivers\cng.sys
2012-10-31 10:24:39 ----A---- C:\Windows\system32\qdvd.dll
2012-10-31 10:10:41 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-31 10:10:41 ----A---- C:\Windows\system32\d3d10level9.dll
2012-10-31 10:10:36 ----A---- C:\Windows\system32\tzres.dll
2012-10-31 10:10:23 ----A---- C:\Windows\system32\wintrust.dll
2012-10-31 10:10:20 ----A---- C:\Windows\system32\winsrv.dll
2012-10-31 10:10:20 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-31 10:10:20 ----A---- C:\Windows\system32\kernel32.dll
2012-10-31 10:10:20 ----A---- C:\Windows\system32\conhost.exe
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-31 10:10:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-31 10:10:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-31 10:10:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-31 10:10:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-31 10:10:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-31 10:10:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-31 10:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-31 10:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-31 10:10:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-31 10:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-31 10:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-31 10:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-31 10:10:01 ----A---- C:\Windows\system32\crypt32.dll
2012-10-31 10:10:00 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-31 10:10:00 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-31 10:09:55 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-10-31 10:09:50 ----A---- C:\Windows\system32\drivers\rndismpx.sys
2012-10-31 10:09:50 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-10-31 10:09:50 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-10-31 10:09:48 ----A---- C:\Windows\system32\drivers\netio.sys
2012-10-31 10:09:48 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-10-31 10:09:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-31 10:09:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-10-31 10:09:43 ----A---- C:\Windows\system32\kerberos.dll
2012-10-24 05:53:00 ----D---- C:\Program Files\Common Files\Java
2012-10-24 05:52:51 ----A---- C:\Windows\system32\javaws.exe
2012-10-24 05:52:51 ----A---- C:\Windows\system32\javaw.exe
2012-10-24 05:52:51 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2012-11-21 11:40:07 ----D---- C:\Users\klug\AppData\Roaming\Skype
2012-11-21 09:02:00 ----SHD---- C:\System Volume Information
2012-11-21 09:01:10 ----D---- C:\Windows\winsxs
2012-11-21 09:00:11 ----D---- C:\Windows\system32\config
2012-11-21 07:48:54 ----D---- C:\Windows\system32\drivers
2012-11-21 07:48:03 ----D---- C:\ProgramData\NVIDIA
2012-11-21 06:48:41 ----D---- C:\Windows\system32\wbem
2012-11-21 06:48:41 ----D---- C:\Windows\System32
2012-11-20 14:21:35 ----D---- C:\Windows\Minidump
2012-11-20 14:21:31 ----AD---- C:\Windows
2012-11-16 09:51:11 ----D---- C:\Windows\Microsoft.NET
2012-11-16 09:50:41 ----RSD---- C:\Windows\assembly
2012-11-16 07:21:25 ----D---- C:\Windows\Prefetch
2012-11-16 07:19:11 ----RSD---- C:\Windows\Fonts
2012-11-16 07:19:11 ----D---- C:\Windows\system32\migration
2012-11-16 07:19:11 ----D---- C:\Windows\system32\cs-CZ
2012-11-16 07:19:11 ----D---- C:\Windows\PolicyDefinitions
2012-11-16 07:10:31 ----D---- C:\Program Files\Internet Explorer
2012-11-14 09:12:04 ----SHD---- C:\Windows\Installer
2012-11-14 09:11:59 ----D---- C:\ProgramData\Microsoft Help
2012-11-14 09:10:34 ----D---- C:\Windows\inf
2012-11-14 09:10:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-14 09:05:36 ----A---- C:\Windows\system32\MRT.exe
2012-11-14 09:04:11 ----D---- C:\Windows\system32\catroot2
2012-11-14 09:04:11 ----D---- C:\Windows\system32\catroot
2012-11-14 09:01:37 ----A---- C:\Windows\win.ini
2012-11-13 14:15:16 ----D---- C:\Windows\system32\NDF
2012-11-08 06:49:00 ----D---- C:\ProgramData\Adobe
2012-11-08 06:48:45 ----D---- C:\Windows\Tasks
2012-11-08 06:48:45 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-11-05 12:24:14 ----RD---- C:\Program Files
2012-11-03 11:25:24 ----D---- C:\ProgramData
2012-11-03 11:10:39 ----D---- C:\Windows\Logs
2012-11-03 09:59:12 ----A---- C:\Windows\system.ini
2012-11-03 09:59:09 ----D---- C:\Windows\system32\drivers\etc
2012-11-03 09:55:50 ----D---- C:\Windows\AppPatch
2012-11-03 09:55:49 ----D---- C:\Program Files\Common Files
2012-11-03 09:39:35 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-11-03 09:39:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-11-03 08:24:39 ----D---- C:\Windows\system32\Tasks
2012-11-03 08:23:12 ----D---- C:\Windows\system32\wdi
2012-11-01 10:03:42 ----D---- C:\Windows\rescache
2012-10-31 10:34:53 ----D---- C:\Windows\system32\en-US
2012-10-31 10:34:53 ----D---- C:\Windows\system32\drivers\en-US
2012-10-31 10:34:50 ----D---- C:\Windows\system32\DriverStore
2012-10-31 10:33:47 ----RD---- C:\Users
2012-10-31 10:33:13 ----D---- C:\Temp
2012-10-29 06:48:05 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-27 10:31:13 ----D---- C:\Program Files\Mozilla Firefox
2012-10-24 05:52:47 ----D---- C:\Program Files\Java
2012-10-22 08:43:12 ----D---- C:\ProgramData\Google
2012-10-22 08:43:09 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver; C:\Windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [2008-03-12 22560]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; C:\Windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2008-03-11 87072]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-12-18 95896]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 tvicport;tvicport; \??\C:\Windows\system32\drivers\tvicport.sys [2009-02-05 14544]
R2 zntport;zntport; \??\C:\Windows\system32\drivers\zntport.sys [2009-02-05 6080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-06-26 66080]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 14336]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2009-03-23 16384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 80824]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 15360]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-05-11 181432]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2009-07-14 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 eLockService;eLock Service; C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2009-02-17 24576]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-02-18 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2011-03-21 68928]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-12 62208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-28 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-28 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-22 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

Donuts · #36 Příspěvek od **Donuts** » 21 lis 2012 11:58

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (32 bit)
PROCESSOR      : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/11/21 (ISO 8601) at 11:40:28
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD32 00AAJS-00L7A (01.0)
BUS_TYPE       : (0x08)  RAID
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	298.1 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : CFDF17EE83F4E4CB9517AD0BEB3D6977
MBR_SHA1  : CC0CC7C5AC07641EE432F147F05A23B41399304B

Device\Harddisk0\Partition1	27.00 Go  	0x27 RE Hidden partition 
Device\Harddisk0\Partition2	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition3	135.5 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition4	135.5 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk
ADDRESS : 0x978AC000
SIZE    : 872.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x97986000
SIZE    : 68.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A B4 9E C5 89 00 00 00 20   em...c{.´.Å.... 
0x000001C0   21 00 27 FE FF FF 00 08 00 00 00 00 60 03 80 FE   !.'þ........`..þ
0x000001D0   FF FF 07 FE FF FF 00 08 60 03 00 20 03 00 00 FE   ...þ....`.. ...þ
0x000001E0   FF FF 07 FE FF FF 00 28 63 03 00 70 EE 10 00 FE   ...þ...(c..pî..þ
0x000001F0   FF FF 07 FE FF FF 00 98 51 14 00 48 F1 10 55 AA   ...þ....Q..Hñ.Uª

#37 Příspěvek od **vyosek** » 21 lis 2012 13:09

Logy se mi zdaji OK, dle meho tam mate nejaky plugin v prohlizeci nebo je problem nekde na siti ze to hazi porad ty reklamy

VIRY.CZ

Vyskakující reklamy v prohlížečích

Re: Vyskakující reklamy v prohlížečích

Re: Vyskakující reklamy v prohlížečích

Re: Vyskakující reklamy v prohlížečích

Re: Vyskakující reklamy v prohlížečích

Re: Vyskakující reklamy v prohlížečích

Re: Vyskakující reklamy v prohlížečích

Re: Vyskakující reklamy v prohlížečích