NEjdou spouštět aplikace ani avast

[roman_x]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakub at 2013-03-21 09:42:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 98 GB (32%) free of 305 GB
Total RAM: 4094 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:42:46, on 21.3.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19400)
Boot mode: Normal

Running processes:
C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files\trend micro\Jakub.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Ashampoo US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Ashampoo US - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Ashampoo US Toolbar - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
O4 - HKLM\..\Run: [WheelMouse] C:\MSI\ADVANC~1\wh_exec.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [BrMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [HDDtoGOLaunch] C:\Users\Jakub\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [MFP and Storage Server] "C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe" /h
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; cs; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)" -"http://www.hry.cz/games/gameShockwave.a ... hewall.dcr"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12228 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 42084608
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {7D570936-E8FB-401E-AABF-7FD86F4FF9BF}
"C:\Windows\RAVCpl64.exe"
"C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\ehome\ehtray.exe"
"C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:/Users/Jakub/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\Winamp\winampa.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
"C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" /StartMinimized
"C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL wscui.cpl
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1216 CREDAT:71937
C:\Windows\system32\conime.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8f5b17d3-f737-425e-a1ea-bcc520e0f486 -SystemEventPortName:HostProcess-3d39b007-5769-404d-af3b-f69a4fd435eb -IoCancelEventPortName:HostProcess-8c8ca82b-1960-4322-87af-c2df21784b0b -NonStateChangingEventPortName:HostProcess-8d043d67-fa90-49aa-b66f-a9fecd81e4c2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f3d9c8d7-69bb-4362-aa49-cad70a88d0be -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 652 656 664 65536 660
"F:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284760143-1487266022-3875239455-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1284760143-1487266022-3875239455-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}]
Ashampoo US Toolbar - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-07 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-07 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2008-10-14 1601480]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]
{124d001a-bdcb-472f-aa59-bbe7e4bc3204} - Ashampoo US Toolbar - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2008-05-28 6297088]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-10-26 865792]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
"Corel Photo Downloader"=C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe -startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"HDDtoGOLaunch"=C:\Users\Jakub\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe [2010-04-30 176128]
"Akamai NetSession Interface"=C:\Users\Jakub\AppData\Local\Akamai\netsession_win.exe [2012-10-09 4441920]
"MFP and Storage Server"=C:\Program Files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe /h []
"Google Update"=C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19 116648]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-12-04 773728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\Windows\SysWOW64\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-11-04 460216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"=C:\MSI\ADVANC~1\wh_exec.exe [2007-09-13 90112]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-07-12 74752]
"SSBkgdUpdate"=C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]
"IndexSearch"=C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]
"PPort11reminder"=C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
"BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-02-10 745472]
"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2007-10-30 77824]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-02-28 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Garmin Lifetime Updater"=C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [2012-06-04 1466760]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoHotStart"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"NoHotStart"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-03-21 09:42:38 ----D---- C:\rsit
2013-03-21 09:42:38 ----D---- C:\Program Files\trend micro
2013-03-21 09:32:36 ----D---- C:\Program Files\CCleaner
2013-03-21 09:28:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-03-09 16:32:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 15:16:43 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-07 15:16:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-07 15:16:30 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-07 15:16:30 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-07 15:16:18 ----D---- C:\Program Files (x86)\Java
2013-03-05 10:52:21 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-05 10:52:21 ----A---- C:\Windows\system32\drivers\aswRvrt.sys

======List of files/folders modified in the last 1 month======

2013-03-21 09:42:38 ----RD---- C:\Program Files
2013-03-21 09:42:34 ----D---- C:\Windows\Temp
2013-03-21 09:39:40 ----D---- C:\Users\Jakub\AppData\Roaming\Winamp
2013-03-21 09:39:40 ----D---- C:\Users\Jakub\AppData\Roaming\TS3Client
2013-03-21 09:39:40 ----D---- C:\Users\Jakub\AppData\Roaming\Skype
2013-03-21 09:37:54 ----D---- C:\Windows\Panther
2013-03-21 09:37:54 ----D---- C:\Windows\ModemLogs
2013-03-21 09:37:53 ----D---- C:\Windows\inf
2013-03-21 09:37:48 ----D---- C:\Windows\Minidump
2013-03-21 09:37:48 ----D---- C:\Windows\Logs
2013-03-21 09:37:48 ----D---- C:\Windows\Debug
2013-03-21 09:37:48 ----D---- C:\Windows
2013-03-21 09:32:45 ----D---- C:\Windows\Prefetch
2013-03-21 09:32:40 ----D---- C:\Windows\system32\Tasks
2013-03-21 09:30:39 ----D---- C:\Windows\system32\catroot
2013-03-21 09:30:35 ----D---- C:\Windows\system32\catroot2
2013-03-21 09:30:28 ----D---- C:\Windows\winsxs
2013-03-21 09:29:48 ----SHD---- C:\System Volume Information
2013-03-21 09:28:30 ----D---- C:\Windows\SysWOW64
2013-03-21 09:11:42 ----D---- C:\Windows\System32
2013-03-21 09:11:41 ----D---- C:\Windows\system32\Msdtc
2013-03-21 09:11:34 ----D---- C:\Windows\system32\wbem
2013-03-21 09:10:47 ----D---- C:\Windows\system32\config
2013-03-21 09:09:39 ----SD---- C:\Windows\Downloaded Program Files
2013-03-21 09:09:39 ----RSD---- C:\Windows\Media
2013-03-21 09:09:39 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-21 09:09:37 ----D---- C:\Windows\Tasks
2013-03-21 09:09:36 ----D---- C:\Windows\system32\spool
2013-03-21 09:09:36 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-21 09:09:35 ----D---- C:\Users\Jakub\AppData\Roaming\DAEMON Tools
2013-03-21 09:09:33 ----D---- C:\ProgramData\NVIDIA
2013-03-21 09:09:33 ----D---- C:\ProgramData\Microsoft Help
2013-03-21 09:09:33 ----D---- C:\ProgramData\FLEXnet
2013-03-21 09:09:32 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-21 09:09:30 ----D---- C:\Program Files (x86)\ACB_PLUS
2013-03-21 09:09:30 ----D---- C:\Program Files (x86)
2013-03-21 09:09:01 ----D---- C:\Windows\registration
2013-03-13 15:40:50 ----SHD---- C:\Windows\Installer
2013-03-13 14:32:05 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-03-12 14:53:19 ----D---- C:\Program Files (x86)\Stavební fyzika
2013-03-10 13:10:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-07 15:16:20 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2013-03-07 15:16:20 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-07 00:32:22 ----A---- C:\Windows\system32\aswBoot.exe
2013-03-06 00:10:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-05 10:52:21 ----D---- C:\Windows\system32\drivers
2013-02-27 13:36:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-22 18:40:19 ----D---- C:\Program Files (x86)\Common Files
2013-02-22 11:44:08 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 388120]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-10-31 868848]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2013-03-07 59144]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2141-02-03 475696]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 76160]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2008-02-11 70272]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2008-03-27 128512]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-10-24 314016]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2007-08-06 314880]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-10-24 43680]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 60928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-06-02 1464600]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-05-30 137616]
R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ; C:\Windows\system32\DRIVERS\NETw5v64.sys [2008-04-28 4730368]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-11-12 84584]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-11-21 13694056]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 11264]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-05-02 166912]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2007-10-26 1122304]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-11 50688]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 168704]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 azsj9g68;azsj9g68; C:\Windows\system32\drivers\azsj9g68.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 EST_BusEnum;Network USB Device Bus; C:\Windows\system32\DRIVERS\GenBus.sys []
S3 EST_Server;Network USB Device; C:\Windows\system32\DRIVERS\GenHC.sys [2009-10-06 199168]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-12-08 135168]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-10-21 33344]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-07 117504]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 111104]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-02-15 165120]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 44800]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-01-31 88448]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-07-13 28160]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 56320]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 51328]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Windows\syswow64\NTACCESS.SYS [2008-04-14 17920]
S3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\Windows\system32\DRIVERS\whfltr2k.sys [2007-01-26 9600]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 22528]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-04-30 1371136]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 hasplms;HASP License Manager; C:\Windows\system32\hasplms.exe [2008-07-17 2549248]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-11-20 151144]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-06-30 75064]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-04-30 826368]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 168296]
R3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-02-28 45248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-25 136176]
S2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-11-20 240232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 251248]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-09 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-25 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-09 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[roman_x]

Při pokusu o spuštění ADWCLENeru. náhled scenu chyby.

[vyosek]

Zdravim

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

[roman_x]

Prošel v pohodě:
Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/21/2013 10:25:51 AM in x64 mode.
Windows Version: Windows Vista (TM) Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Jakub\Desktop\rkill\rkill-03-21-2013-10-25-53.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 03/21/2013 10:26:02 AM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

[vyosek]

Nedavejte logy do code, spatne se to lusti a boli z toho oci. Code slouzi pouze radcum pro psani skriptu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[roman_x]

Ju už jsem si všiml že mi to z CODE vyhazujete
Jdu na to.

[vyosek]

OK, pockam si na log z CF

[roman_x]

ComboFix 13-03-20.02 - Jakub 21.03.2013 10:36:25.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.1890 [GMT 1:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-21 do 2013-03-21 )))))))))))))))))))))))))))))))
.
.
2013-03-21 09:47 . 2013-03-21 09:47 -------- d-----w- c:\users\Jakub\AppData\Local\temp
2013-03-21 09:47 . 2013-03-21 09:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-21 08:42 . 2013-03-21 08:42 -------- d-----w- C:\rsit
2013-03-21 08:42 . 2013-03-21 08:42 -------- d-----w- c:\program files\trend micro
2013-03-21 08:32 . 2013-03-21 08:32 -------- d-----w- c:\program files\CCleaner
2013-03-21 08:28 . 2013-03-21 08:28 15859416 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-03-07 14:16 . 2013-03-07 14:16 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-07 14:16 . 2013-03-07 14:16 -------- d-----w- c:\program files (x86)\Java
2013-03-05 09:52 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-05 09:52 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-02-22 17:40 . 2013-02-22 17:40 -------- d-----w- c:\program files (x86)\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-07 14:16 . 2012-06-25 17:59 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-03-07 14:16 . 2010-04-23 13:48 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-06 23:33 . 2011-04-11 13:44 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2008-11-11 22:35 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2008-11-11 22:35 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2008-11-11 22:35 59144 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2008-11-11 22:35 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2008-11-11 22:35 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2011-04-11 13:43 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-04-11 13:44 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-27 12:36 . 2012-04-02 05:38 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 12:36 . 2011-09-14 19:14 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-14 19:30 . 2006-11-02 12:35 70004024 ----a-w- c:\windows\system32\mrt.exe
2013-02-03 18:07 . 2013-02-03 18:07 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E36D24FA-5EDD-4E07-BB0F-83ADCD44A951}\offreg.dll
2013-01-17 00:28 . 2009-10-05 16:52 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-08 05:32 . 2013-02-01 13:59 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E36D24FA-5EDD-4E07-BB0F-83ADCD44A951}\mpengine.dll
2013-01-05 13:48 . 2013-02-14 19:11 1147392 ----a-w- c:\windows\system32\wininet.dll
2013-01-05 13:48 . 2013-02-14 19:11 1489408 ----a-w- c:\windows\system32\urlmon.dll
2013-01-05 13:48 . 2013-02-14 19:11 108032 ----a-w- c:\windows\system32\url.dll
2013-01-05 13:46 . 2013-02-14 19:11 243712 ----a-w- c:\windows\system32\occache.dll
2013-01-05 13:44 . 2013-02-14 19:11 1062912 ----a-w- c:\windows\system32\mstime.dll
2013-01-05 13:44 . 2013-02-14 19:11 9331200 ----a-w- c:\windows\system32\mshtml.dll
2013-01-05 13:44 . 2013-02-14 19:11 98304 ----a-w- c:\windows\system32\mshtmled.dll
2013-01-05 13:44 . 2013-02-14 19:11 743424 ----a-w- c:\windows\system32\msfeeds.dll
2013-01-05 13:44 . 2013-02-14 19:11 71680 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-01-05 13:43 . 2013-02-14 19:11 56832 ----a-w- c:\windows\system32\licmgr10.dll
2013-01-05 13:43 . 2013-02-14 19:11 31744 ----a-w- c:\windows\system32\jsproxy.dll
2013-01-05 13:43 . 2013-02-14 19:11 1538560 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-05 13:42 . 2013-02-14 19:11 219136 ----a-w- c:\windows\system32\ieui.dll
2013-01-05 13:42 . 2013-02-14 19:11 132096 ----a-w- c:\windows\system32\iesysprep.dll
2013-01-05 13:42 . 2013-02-14 19:11 2356736 ----a-w- c:\windows\system32\iertutil.dll
2013-01-05 13:42 . 2013-02-14 19:11 77312 ----a-w- c:\windows\system32\iesetup.dll
2013-01-05 13:42 . 2013-02-14 19:11 72192 ----a-w- c:\windows\system32\iernonce.dll
2013-01-05 13:42 . 2013-02-14 19:11 12509184 ----a-w- c:\windows\system32\ieframe.dll
2013-01-05 13:42 . 2013-02-14 19:11 252416 ----a-w- c:\windows\system32\iepeers.dll
2013-01-05 13:42 . 2013-02-14 19:11 459776 ----a-w- c:\windows\system32\iedkcs32.dll
2013-01-05 11:59 . 2013-02-14 19:11 916480 ----a-w- c:\windows\SysWow64\wininet.dll
2013-01-05 11:57 . 2013-02-14 19:11 479232 ----a-w- c:\windows\system32\html.iec
2013-01-05 11:54 . 2013-02-14 19:11 43520 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-01-05 11:54 . 2013-02-14 19:11 1469440 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-01-05 11:54 . 2013-02-14 19:11 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-01-05 11:54 . 2013-02-14 19:11 71680 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-01-05 10:33 . 2013-02-14 19:11 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-05 10:33 . 2013-02-14 19:11 70656 ----a-w- c:\windows\system32\ie4uinit.exe
2013-01-05 10:32 . 2013-02-14 19:11 12288 ----a-w- c:\windows\system32\msfeedssync.exe
2013-01-05 10:32 . 2013-02-14 19:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-05 10:23 . 2013-02-14 19:11 385024 ----a-w- c:\windows\SysWow64\html.iec
2013-01-05 08:47 . 2013-02-14 19:11 133632 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-01-05 08:44 . 2013-02-14 19:11 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-01-05 05:37 . 2013-02-14 19:11 4695400 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 11:31 . 2013-02-14 19:12 1423720 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:59 . 2013-02-14 19:11 2773504 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{124d001a-bdcb-472f-aa59-bbe7e4bc3204}"= "c:\program files (x86)\Ashampoo_US\prxtbAsha.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Ashampoo_US\prxtbAsha.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{124d001a-bdcb-472f-aa59-bbe7e4bc3204}"= "c:\program files (x86)\Ashampoo_US\prxtbAsha.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"HDDtoGOLaunch"="c:\users\Jakub\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe" [2010-04-30 176128]
"Akamai NetSession Interface"="c:\users\Jakub\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"="c:\msi\ADVANC~1\wh_exec.exe" [2007-09-13 90112]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-07-12 74752]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-02-10 745472]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2007-10-30 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Garmin Lifetime Updater"="c:\program files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-06-04 1466760]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-2-22 2938184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"NoHotStart"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 12:36]
.
2013-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-25 13:21]
.
2013-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-25 13:21]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1284760143-1487266022-3875239455-1000Core.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-29 15:19]
.
2013-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1284760143-1487266022-3875239455-1000UA.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-29 15:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ------w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-05-28 6297088]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-10-26 865792]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
Trusted Zone: mojebanka.cz
TCP: DhcpNameServer = 192.168.1.1 192.168.0.1
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\4y2eajaa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50ffwinamp&s_qt=sb&tb_uuid=20121113134307352&tb_oid=14-11-2010&tb_mrud=13-11-2012&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=
FF - ExtSQL: !HIDDEN! 2009-10-28 15:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-MFP and Storage Server - c:\program files (x86)\TP-LINK\MFP and Storage Server\MFP and Storage Server.exe
WebBrowser-{124D001A-BDCB-472F-AA59-BBE7E4BC3204} - (no file)
HKLM-Run-Corel Photo Downloader - c:\program files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe
AddRemove-Adobe Shockwave Player - c:\windows\System32\Adobe\SHOCKW~1\UNWISE.EXE
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Feat2000 - c:\windows\IsUn0405.exe
AddRemove-Rainbow Sentinel Driver - c:\windows\SYSTEM32\RNBOSENT\SETUPX86.EXE
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1284760143-1487266022-3875239455-1000\Software\SecuROM\License information*]
"datasecu"=hex:52,6e,53,e3,e7,49,77,b8,9a,ce,ed,00,5f,0a,60,49,a8,97,f7,ba,b7,
88,38,11,de,67,4d,6d,b9,53,80,08,fd,16,09,95,10,6e,81,c5,3c,d4,16,03,b3,5c,\
"rkeysecu"=hex:17,57,6e,d5,0b,d8,14,a8,83,e3,dc,d2,ba,54,85,27
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-03-21 10:52:07
ComboFix-quarantined-files.txt 2013-03-21 09:52
.
Před spuštěním: Volných bajtů: 101 208 707 072
Po spuštění: Volných bajtů: 100 322 942 976
.
- - End Of File - - 7ECC5146D375BB3DD7804325723EBAA3

[vyosek]

Odinstalujte Akamai

Zkuste spustit AdwCleaner

[roman_x]

Akamai odinstalován.
ADWcleaner nejde spustit (s plochy).

[vyosek]

Zkuste jej stahnout znovu, predtim stary smazte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
• Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

[roman_x]

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jakub [Práva správce]
Mód : Kontrola -- Datum : 03/21/2013 11:23:51
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : HDDtoGOLaunch (C:\Users\Jakub\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1284760143-1487266022-3875239455-1000[...]\Run : HDDtoGOLaunch (C:\Users\Jakub\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe) [-] -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 +++++
--- User ---
[MBR] 17cafc5f8110ae440ce2517b13565aa6
[BSP] c6a8bc81ce210e5e906fbb21c5975fd2 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Kingston DataTraveler G2 USB Device +++++
--- User ---
[MBR] 312756ff0da96bda69abde7fa1995b59
[BSP] 1bf718b1bad6ce553326fd8db13b8af3 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 15259 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_03212013_02d1123.txt >>
RKreport[1]_S_03212013_02d1123.txt

[vyosek]

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

[roman_x]

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jakub [Práva správce]
Mód : Odebrat -- Datum : 03/21/2013 11:34:18
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : HDDtoGOLaunch (C:\Users\Jakub\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe) [-] -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 +++++
--- User ---
[MBR] 17cafc5f8110ae440ce2517b13565aa6
[BSP] c6a8bc81ce210e5e906fbb21c5975fd2 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Kingston DataTraveler G2 USB Device +++++
--- User ---
[MBR] 312756ff0da96bda69abde7fa1995b59
[BSP] 1bf718b1bad6ce553326fd8db13b8af3 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 15259 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[3]_D_03212013_02d1134.txt >>
RKreport[1]_S_03212013_02d1123.txt ; RKreport[2]_S_03212013_02d1132.txt ; RKreport[3]_D_03212013_02d1134.txt


RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jakub [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/21/2013 11:35:14
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_03212013_02d1135.txt >>
RKreport[1]_S_03212013_02d1123.txt ; RKreport[2]_S_03212013_02d1132.txt ; RKreport[3]_D_03212013_02d1134.txt ; RKreport[4]_H_03212013_02d1135.txt

[vyosek]

Fajn, co aplikace, stale maji problem?? A Avast?