Zdravím
Jako domovská stránka se nastavil : Awesomehp a nejde změnit. V programech jsem našel nic podezřelého a z firefoxu jsem odstranil rozšíření: extension_protected a Lightning speed dial. Udělal jsem log z rsit ale stále běží jako když se nechce ukončit už asi 40 minut.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Verca at 2014-02-05 08:43:23
Microsoft Windows 7 Starter
System drive C: has 32 GB (17%) free of 192 GB
Total RAM: 2037 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:45:47, on 5.2.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\RunDll32.exe
C:\windows\system32\taskeng.exe
C:\Users\Verca\Desktop\RSIT.exe
C:\Program Files\trend micro\Verca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\QSTART.SYS\config\DVMExportService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
--
End of file - 4946 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"lightningnewtab@gmail.com"=C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default\extensions\lightningnewtab@gmail.com.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
awesomehp.xml
mall-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files\SupTab\SupTab.dll [2014-01-14 513136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-15 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-15 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-15 3764024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-10-23 5064560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnergyUtility]
C:\Program Files\Lenovo\Energy Management\utility.exe [2009-10-23 4114288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2010-05-26 173592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2010-05-26 141848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2010-05-26 150552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2010-05-18 1407520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-05-18 9210400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-25 1594664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-05-26 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2010-03-09 203776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-02-05 08:43:23 ----D---- C:\rsit
2014-01-30 00:31:13 ----D---- C:\Program Files\Uninstaller
2014-01-30 00:04:33 ----D---- C:\Users\Verca\AppData\Roaming\Optimizer Pro
2014-01-30 00:04:02 ----D---- C:\ProgramData\IePluginService
2014-01-30 00:03:56 ----D---- C:\Program Files\SupTab
2014-01-30 00:03:37 ----D---- C:\ProgramData\WPM
2014-01-30 00:03:03 ----D---- C:\Program Files\Optimizer Pro
2014-01-15 14:49:37 ----D---- C:\Users\Verca\AppData\Roaming\AVAST Software
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswSP.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswSnx.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-01-15 14:48:49 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-01-15 14:48:45 ----A---- C:\windows\system32\aswBoot.exe
2014-01-15 14:48:39 ----A---- C:\windows\avastSS.scr
2014-01-15 14:47:41 ----D---- C:\Program Files\AVAST Software
2014-01-15 14:46:39 ----D---- C:\ProgramData\AVAST Software
2014-01-14 16:14:48 ----D---- C:\windows\ERUNT
======List of files/folders modified in the last 1 month======
2014-02-05 08:45:47 ----D---- C:\Program Files\trend micro
2014-02-05 08:45:34 ----D---- C:\windows\temp
2014-02-05 08:44:24 ----D---- C:\windows\Prefetch
2014-02-05 08:38:32 ----D---- C:\windows\system32\config
2014-02-05 08:36:18 ----RD---- C:\Program Files
2014-02-05 08:36:18 ----D---- C:\ProgramData
2014-01-31 10:15:19 ----SHD---- C:\System Volume Information
2014-01-30 17:44:45 ----D---- C:\windows\Tasks
2014-01-30 17:44:44 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-01-30 00:39:20 ----D---- C:\windows\system32\Tasks
2014-01-30 00:04:41 ----SHD---- C:\windows\Installer
2014-01-30 00:04:40 ----D---- C:\windows\winsxs
2014-01-22 15:06:14 ----D---- C:\windows\System32
2014-01-22 15:06:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-17 01:15:43 ----D---- C:\QSTART.000
2014-01-15 16:21:37 ----D---- C:\windows\system32\drivers
2014-01-15 14:48:43 ----D---- C:\Windows
2014-01-15 14:43:19 ----HD---- C:\windows\system32\GroupPolicy
2014-01-14 20:45:57 ----D---- C:\windows\system32\drivers\etc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-01-15 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-01-15 180248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2014-01-15 79720]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2014-01-15 775952]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2014-01-15 410528]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-05 218176]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2014-01-15 67824]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 aswStm;aswStm; \??\C:\windows\system32\drivers\aswStm.sys [2014-01-15 64168]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-11-05 2494968]
R3 Cam5607;Lenovo EasyCamera ; C:\windows\System32\Drivers\BisonC07.sys [2010-01-29 1313776]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-05-26 4806144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-05-18 3096992]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-25 230576]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 CFcatchme;CFcatchme; \??\C:\Users\Verca\AppData\Local\Temp\CFcatchme.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-09-12 49664]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-09-30 175104]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-15 50344]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\QSTART.SYS\config\DVMExportService.exe [2009-12-29 331776]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-30 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-10 119408]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Awesomehp (domovská stránka)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Awesomehp (domovská stránka)
Zdravim
No mas tam zopar smejdov.Optimizer Pro
1: Spust ADWCleaner
navod
http://www.viruskasino.com/2012/09/adwcleaner.html
Log vloz sem
2: Obnov Firefox.
Navod
http://www.viruskasino.com/2013/04/obno ... dacov.html
3:Pouzi JunkwareremovalTool.
http://www.viruskasino.com/2010/12/prog ... moval-tool
Log vloz sem.
Programy spustaj ako admin/spravca.
No mas tam zopar smejdov.Optimizer Pro
1: Spust ADWCleaner
navod
http://www.viruskasino.com/2012/09/adwcleaner.html
Log vloz sem
2: Obnov Firefox.
Navod
http://www.viruskasino.com/2013/04/obno ... dacov.html
3:Pouzi JunkwareremovalTool.
http://www.viruskasino.com/2010/12/prog ... moval-tool
Log vloz sem.
Programy spustaj ako admin/spravca.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Awesomehp (domovská stránka)
# AdwCleaner v3.017 - Report created 05/02/2014 at 12:42:09
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Starter (32 bits)
# Username : Verca - VERCA-PC
# Running from : C:\Users\Verca\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\Program Files\optimizer pro
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Users\Verca\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\Verca\Documents\optimizer pro
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16421
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default\prefs.js ]
Line Deleted : user_pref("extensions.crossrider.bic", "143e03fca7a6cf440bbec5eaa180db98");
*************************
AdwCleaner[R1].txt - [2800 octets] - [05/02/2014 12:39:49]
AdwCleaner[S1].txt - [2789 octets] - [05/02/2014 12:42:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2849 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Starter x86
Ran by Verca on st 05.02.2014 at 12:55:02,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 05.02.2014 at 13:03:33,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Starter (32 bits)
# Username : Verca - VERCA-PC
# Running from : C:\Users\Verca\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\Program Files\optimizer pro
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Users\Verca\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\Verca\Documents\optimizer pro
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16421
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default\prefs.js ]
Line Deleted : user_pref("extensions.crossrider.bic", "143e03fca7a6cf440bbec5eaa180db98");
*************************
AdwCleaner[R1].txt - [2800 octets] - [05/02/2014 12:39:49]
AdwCleaner[S1].txt - [2789 octets] - [05/02/2014 12:42:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2849 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Starter x86
Ran by Verca on st 05.02.2014 at 12:55:02,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 05.02.2014 at 13:03:33,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Awesomehp (domovská stránka)
Ok, ako to vyzera s pc??su este problemy??
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Awesomehp (domovská stránka)
žádná změna 
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Awesomehp (domovská stránka)
Druhy bod si urobil??Obnova prehliadaca.
2: Obnov Firefox.
Navod
http://www.viruskasino.com/2013/04/obno ... dacov.html
2: Obnov Firefox.
Navod
http://www.viruskasino.com/2013/04/obno ... dacov.html
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Awesomehp (domovská stránka)
jo to jsem udělal v nápovědě - technické informace -obnova aplikace firefox. Dělal jsem to i v pořadí jak jsi psal.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Awesomehp (domovská stránka)
daj log z FRST
Addition.txt odfajkni,netreba,
http://forum.viry.cz/viewtopic.php?f=24 ... 2#p1250281
Addition.txt odfajkni,netreba,
http://forum.viry.cz/viewtopic.php?f=24 ... 2#p1250281
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Awesomehp (domovská stránka)
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-01-2014 02
Ran by Verca (administrator) on VERCA-PC on 06-02-2014 08:59:11
Running from C:\Users\Verca\Desktop
Microsoft Windows 7 Starter (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DeviceVM, Inc.) C:\QSTART.SYS\config\DVMExportService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(forum.viry.cz) C:\Users\Verca\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Users\Verca\AppData\Local\MSGBOX.EXE
(Microsoft Corporation) C:\Windows\System32\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-15] (AVAST Software)
HKU\Default\...\RunOnce: [LenovoWallpaper] - C:\Program Files\desktop\ChangeDesktop.exe [ 2009-09-30] ()
HKU\Default User\...\RunOnce: [LenovoWallpaper] - C:\Program Files\desktop\ChangeDesktop.exe [ 2009-09-30] ()
AppInit_DLLs: [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1
FireFox:
========
FF ProfilePath: C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\b044ruuy.default-1391601182926
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-15]
FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default\extensions\lightningnewtab@gmail.com.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-15] (AVAST Software)
R2 DvmMDES; C:\QSTART.SYS\config\DVMExportService.exe [331776 2009-12-29] (DeviceVM, Inc.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [21520 2009-05-19] (Lenovo Corporation)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-01-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [79720 2014-01-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-15] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [775952 2014-01-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [410528 2014-01-15] (AVAST Software)
S3 aswStm; C:\windows\system32\drivers\aswStm.sys [64168 2014-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-15] ()
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1313776 2010-01-29] (Bison Electronics. Inc. )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218176 2011-04-05] (DT Soft Ltd)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Verca\AppData\Local\Temp\CFcatchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 08:59 - 2014-02-06 08:59 - 00009207 _____ C:\Users\Verca\Desktop\FRST.txt
2014-02-06 08:58 - 2014-02-06 08:58 - 00015327 _____ C:\Users\Verca\Desktop\LM.bat
2014-02-06 08:58 - 2014-02-06 08:58 - 00000000 ____D C:\FRST
2014-02-06 08:57 - 2014-01-14 17:26 - 00112640 _____ (forum.viry.cz) C:\Users\Verca\Desktop\FRSTLauncher.exe
2014-02-06 08:56 - 2014-01-14 17:25 - 01219584 _____ (Farbar) C:\Users\Verca\Desktop\FRST.exe
2014-02-05 13:03 - 2014-02-05 13:03 - 00000626 _____ C:\Users\Verca\Desktop\JRT.txt
2014-02-05 12:53 - 2014-02-05 12:53 - 00000000 ____D C:\Users\Verca\Desktop\Původní data aplikace Firefox
2014-02-05 12:51 - 2014-01-14 16:14 - 01037068 _____ (Thisisu) C:\Users\Verca\Desktop\JRT.exe
2014-02-05 12:39 - 2014-02-05 12:42 - 00000000 ____D C:\AdwCleaner
2014-02-05 12:38 - 2014-01-14 16:14 - 01236282 _____ C:\Users\Verca\Desktop\adwcleaner.exe
2014-02-05 08:43 - 2014-02-05 08:46 - 00000000 ____D C:\rsit
2014-02-05 08:42 - 2014-01-14 14:53 - 00781383 _____ C:\Users\Verca\Desktop\RSIT.exe
2014-01-30 17:44 - 2014-02-05 13:07 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-30 15:39 - 2014-01-30 15:49 - 908644352 _____ C:\Users\Verca\Downloads\Fargo-CZ-dabing---Krimi--Thriller,-USA,-1996-(nejlepsi-filmy.mypage.cz).avi
2014-01-30 00:04 - 2014-01-30 00:13 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-29 22:33 - 2014-01-29 23:16 - 382715650 _____ C:\Users\Verca\Downloads\Tacho-CZ-2010.avi
2014-01-15 14:49 - 2014-01-15 14:49 - 00002126 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-15 14:49 - 2014-01-15 14:49 - 00000000 ____D C:\Users\Verca\AppData\Roaming\AVAST Software
2014-01-15 14:48 - 2014-01-15 14:49 - 00064168 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00775952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00410528 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00270240 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-01-15 14:48 - 2014-01-15 14:48 - 00180248 _____ C:\windows\system32\Drivers\aswVmm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00079720 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00049944 _____ C:\windows\system32\Drivers\aswRvrt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-01-15 14:47 - 2014-01-15 14:47 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 14:46 - 2014-01-15 14:46 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-15 14:40 - 2014-01-15 14:42 - 91412976 _____ (AVAST Software) C:\Users\Verca\Downloads\avast_free_antivirus_setup.exe
2014-01-15 14:34 - 2014-01-15 14:34 - 00004644 _____ C:\Users\Verca\Documents\cc_20140115_143420.reg
2014-01-14 18:30 - 2014-02-06 08:58 - 00029696 _____ C:\Users\Verca\AppData\Local\MSGBOX.EXE
2014-01-14 16:14 - 2014-01-14 16:14 - 00000000 ____D C:\windows\ERUNT
==================== One Month Modified Files and Folders =======
2014-02-06 08:59 - 2014-02-06 08:59 - 00009207 _____ C:\Users\Verca\Desktop\FRST.txt
2014-02-06 08:58 - 2014-02-06 08:58 - 00015327 _____ C:\Users\Verca\Desktop\LM.bat
2014-02-06 08:58 - 2014-02-06 08:58 - 00000000 ____D C:\FRST
2014-02-06 08:58 - 2014-01-14 18:30 - 00029696 _____ C:\Users\Verca\AppData\Local\MSGBOX.EXE
2014-02-06 08:58 - 2010-07-25 05:00 - 00005194 _____ C:\windows\system32\PerfStringBackup.INI
2014-02-06 08:34 - 2010-07-25 05:51 - 00000177 ____H C:\dvmexp.idx
2014-02-06 08:31 - 2009-07-14 05:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 08:31 - 2009-07-14 05:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 08:24 - 2011-07-23 08:56 - 00062776 _____ C:\windows\setupact.log
2014-02-06 08:24 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-02-05 13:07 - 2014-01-30 17:44 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 13:07 - 2010-07-25 04:50 - 01873766 _____ C:\windows\WindowsUpdate.log
2014-02-05 13:03 - 2014-02-05 13:03 - 00000626 _____ C:\Users\Verca\Desktop\JRT.txt
2014-02-05 12:53 - 2014-02-05 12:53 - 00000000 ____D C:\Users\Verca\Desktop\Původní data aplikace Firefox
2014-02-05 12:42 - 2014-02-05 12:39 - 00000000 ____D C:\AdwCleaner
2014-02-05 12:42 - 2011-07-23 09:17 - 00025606 _____ C:\windows\PFRO.log
2014-02-05 08:46 - 2014-02-05 08:43 - 00000000 ____D C:\rsit
2014-02-05 08:45 - 2011-07-20 13:50 - 00000000 ____D C:\Program Files\trend micro
2014-01-31 09:16 - 2011-03-29 15:55 - 00000000 ____D C:\Users\Verca\Desktop\Filmy
2014-01-30 17:44 - 2012-11-09 10:54 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-01-30 17:44 - 2012-01-09 22:46 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-30 17:43 - 2010-03-09 01:19 - 00000000 ____D C:\Users\Verca\AppData\Local\Adobe
2014-01-30 15:49 - 2014-01-30 15:39 - 908644352 _____ C:\Users\Verca\Downloads\Fargo-CZ-dabing---Krimi--Thriller,-USA,-1996-(nejlepsi-filmy.mypage.cz).avi
2014-01-30 00:13 - 2014-01-30 00:04 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-30 00:02 - 2013-11-18 19:15 - 00001994 _____ C:\Users\Public\Desktop\Opera.lnk
2014-01-30 00:02 - 2010-03-30 18:11 - 00002104 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-30 00:02 - 2010-03-09 05:32 - 00001602 _____ C:\Users\Verca\Desktop\Internet Explorer.lnk
2014-01-30 00:02 - 2010-03-09 00:38 - 00001632 _____ C:\Users\Verca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-29 23:16 - 2014-01-29 22:33 - 382715650 _____ C:\Users\Verca\Downloads\Tacho-CZ-2010.avi
2014-01-22 02:22 - 2014-01-06 21:33 - 00000000 ____D C:\Users\Verca\Desktop\Kuba 8G
2014-01-20 19:14 - 2014-01-06 21:26 - 00000000 ____D C:\Users\Verca\Desktop\Kuba 4G
2014-01-17 01:15 - 2010-07-25 05:45 - 00000000 ____D C:\QSTART.000
2014-01-15 14:49 - 2014-01-15 14:49 - 00002126 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-15 14:49 - 2014-01-15 14:49 - 00000000 ____D C:\Users\Verca\AppData\Roaming\AVAST Software
2014-01-15 14:49 - 2014-01-15 14:48 - 00064168 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00775952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00410528 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00270240 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-01-15 14:48 - 2014-01-15 14:48 - 00180248 _____ C:\windows\system32\Drivers\aswVmm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00079720 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00049944 _____ C:\windows\system32\Drivers\aswRvrt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-01-15 14:47 - 2014-01-15 14:47 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 14:46 - 2014-01-15 14:46 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-15 14:43 - 2010-03-09 05:36 - 00001912 _____ C:\windows\epplauncher.mif
2014-01-15 14:43 - 2009-07-14 03:37 - 00000000 ___HD C:\windows\system32\GroupPolicy
2014-01-15 14:42 - 2014-01-15 14:40 - 91412976 _____ (AVAST Software) C:\Users\Verca\Downloads\avast_free_antivirus_setup.exe
2014-01-15 14:34 - 2014-01-15 14:34 - 00004644 _____ C:\Users\Verca\Documents\cc_20140115_143420.reg
2014-01-15 14:23 - 2010-03-09 00:38 - 00000000 ____D C:\Users\Verca
2014-01-14 17:26 - 2014-02-06 08:57 - 00112640 _____ (forum.viry.cz) C:\Users\Verca\Desktop\FRSTLauncher.exe
2014-01-14 17:25 - 2014-02-06 08:56 - 01219584 _____ (Farbar) C:\Users\Verca\Desktop\FRST.exe
2014-01-14 16:14 - 2014-02-05 12:51 - 01037068 _____ (Thisisu) C:\Users\Verca\Desktop\JRT.exe
2014-01-14 16:14 - 2014-02-05 12:38 - 01236282 _____ C:\Users\Verca\Desktop\adwcleaner.exe
2014-01-14 16:14 - 2014-01-14 16:14 - 00000000 ____D C:\windows\ERUNT
2014-01-14 14:53 - 2014-02-05 08:42 - 00781383 _____ C:\Users\Verca\Desktop\RSIT.exe
Some content of TEMP:
====================
C:\Users\Verca\AppData\Local\Temp\BackupSetup.exe
C:\Users\Verca\AppData\Local\Temp\Quarantine.exe
C:\Users\Verca\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 02:17
==================== End Of Log ============================
Ran by Verca (administrator) on VERCA-PC on 06-02-2014 08:59:11
Running from C:\Users\Verca\Desktop
Microsoft Windows 7 Starter (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DeviceVM, Inc.) C:\QSTART.SYS\config\DVMExportService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(forum.viry.cz) C:\Users\Verca\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Users\Verca\AppData\Local\MSGBOX.EXE
(Microsoft Corporation) C:\Windows\System32\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-15] (AVAST Software)
HKU\Default\...\RunOnce: [LenovoWallpaper] - C:\Program Files\desktop\ChangeDesktop.exe [ 2009-09-30] ()
HKU\Default User\...\RunOnce: [LenovoWallpaper] - C:\Program Files\desktop\ChangeDesktop.exe [ 2009-09-30] ()
AppInit_DLLs: [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1
FireFox:
========
FF ProfilePath: C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\b044ruuy.default-1391601182926
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-15]
FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default\extensions\lightningnewtab@gmail.com.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-15] (AVAST Software)
R2 DvmMDES; C:\QSTART.SYS\config\DVMExportService.exe [331776 2009-12-29] (DeviceVM, Inc.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [21520 2009-05-19] (Lenovo Corporation)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-01-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [79720 2014-01-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-15] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [775952 2014-01-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [410528 2014-01-15] (AVAST Software)
S3 aswStm; C:\windows\system32\drivers\aswStm.sys [64168 2014-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-15] ()
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1313776 2010-01-29] (Bison Electronics. Inc. )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218176 2011-04-05] (DT Soft Ltd)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Verca\AppData\Local\Temp\CFcatchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 08:59 - 2014-02-06 08:59 - 00009207 _____ C:\Users\Verca\Desktop\FRST.txt
2014-02-06 08:58 - 2014-02-06 08:58 - 00015327 _____ C:\Users\Verca\Desktop\LM.bat
2014-02-06 08:58 - 2014-02-06 08:58 - 00000000 ____D C:\FRST
2014-02-06 08:57 - 2014-01-14 17:26 - 00112640 _____ (forum.viry.cz) C:\Users\Verca\Desktop\FRSTLauncher.exe
2014-02-06 08:56 - 2014-01-14 17:25 - 01219584 _____ (Farbar) C:\Users\Verca\Desktop\FRST.exe
2014-02-05 13:03 - 2014-02-05 13:03 - 00000626 _____ C:\Users\Verca\Desktop\JRT.txt
2014-02-05 12:53 - 2014-02-05 12:53 - 00000000 ____D C:\Users\Verca\Desktop\Původní data aplikace Firefox
2014-02-05 12:51 - 2014-01-14 16:14 - 01037068 _____ (Thisisu) C:\Users\Verca\Desktop\JRT.exe
2014-02-05 12:39 - 2014-02-05 12:42 - 00000000 ____D C:\AdwCleaner
2014-02-05 12:38 - 2014-01-14 16:14 - 01236282 _____ C:\Users\Verca\Desktop\adwcleaner.exe
2014-02-05 08:43 - 2014-02-05 08:46 - 00000000 ____D C:\rsit
2014-02-05 08:42 - 2014-01-14 14:53 - 00781383 _____ C:\Users\Verca\Desktop\RSIT.exe
2014-01-30 17:44 - 2014-02-05 13:07 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-30 15:39 - 2014-01-30 15:49 - 908644352 _____ C:\Users\Verca\Downloads\Fargo-CZ-dabing---Krimi--Thriller,-USA,-1996-(nejlepsi-filmy.mypage.cz).avi
2014-01-30 00:04 - 2014-01-30 00:13 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-29 22:33 - 2014-01-29 23:16 - 382715650 _____ C:\Users\Verca\Downloads\Tacho-CZ-2010.avi
2014-01-15 14:49 - 2014-01-15 14:49 - 00002126 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-15 14:49 - 2014-01-15 14:49 - 00000000 ____D C:\Users\Verca\AppData\Roaming\AVAST Software
2014-01-15 14:48 - 2014-01-15 14:49 - 00064168 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00775952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00410528 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00270240 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-01-15 14:48 - 2014-01-15 14:48 - 00180248 _____ C:\windows\system32\Drivers\aswVmm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00079720 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00049944 _____ C:\windows\system32\Drivers\aswRvrt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-01-15 14:47 - 2014-01-15 14:47 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 14:46 - 2014-01-15 14:46 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-15 14:40 - 2014-01-15 14:42 - 91412976 _____ (AVAST Software) C:\Users\Verca\Downloads\avast_free_antivirus_setup.exe
2014-01-15 14:34 - 2014-01-15 14:34 - 00004644 _____ C:\Users\Verca\Documents\cc_20140115_143420.reg
2014-01-14 18:30 - 2014-02-06 08:58 - 00029696 _____ C:\Users\Verca\AppData\Local\MSGBOX.EXE
2014-01-14 16:14 - 2014-01-14 16:14 - 00000000 ____D C:\windows\ERUNT
==================== One Month Modified Files and Folders =======
2014-02-06 08:59 - 2014-02-06 08:59 - 00009207 _____ C:\Users\Verca\Desktop\FRST.txt
2014-02-06 08:58 - 2014-02-06 08:58 - 00015327 _____ C:\Users\Verca\Desktop\LM.bat
2014-02-06 08:58 - 2014-02-06 08:58 - 00000000 ____D C:\FRST
2014-02-06 08:58 - 2014-01-14 18:30 - 00029696 _____ C:\Users\Verca\AppData\Local\MSGBOX.EXE
2014-02-06 08:58 - 2010-07-25 05:00 - 00005194 _____ C:\windows\system32\PerfStringBackup.INI
2014-02-06 08:34 - 2010-07-25 05:51 - 00000177 ____H C:\dvmexp.idx
2014-02-06 08:31 - 2009-07-14 05:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 08:31 - 2009-07-14 05:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 08:24 - 2011-07-23 08:56 - 00062776 _____ C:\windows\setupact.log
2014-02-06 08:24 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-02-05 13:07 - 2014-01-30 17:44 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 13:07 - 2010-07-25 04:50 - 01873766 _____ C:\windows\WindowsUpdate.log
2014-02-05 13:03 - 2014-02-05 13:03 - 00000626 _____ C:\Users\Verca\Desktop\JRT.txt
2014-02-05 12:53 - 2014-02-05 12:53 - 00000000 ____D C:\Users\Verca\Desktop\Původní data aplikace Firefox
2014-02-05 12:42 - 2014-02-05 12:39 - 00000000 ____D C:\AdwCleaner
2014-02-05 12:42 - 2011-07-23 09:17 - 00025606 _____ C:\windows\PFRO.log
2014-02-05 08:46 - 2014-02-05 08:43 - 00000000 ____D C:\rsit
2014-02-05 08:45 - 2011-07-20 13:50 - 00000000 ____D C:\Program Files\trend micro
2014-01-31 09:16 - 2011-03-29 15:55 - 00000000 ____D C:\Users\Verca\Desktop\Filmy
2014-01-30 17:44 - 2012-11-09 10:54 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-01-30 17:44 - 2012-01-09 22:46 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-30 17:43 - 2010-03-09 01:19 - 00000000 ____D C:\Users\Verca\AppData\Local\Adobe
2014-01-30 15:49 - 2014-01-30 15:39 - 908644352 _____ C:\Users\Verca\Downloads\Fargo-CZ-dabing---Krimi--Thriller,-USA,-1996-(nejlepsi-filmy.mypage.cz).avi
2014-01-30 00:13 - 2014-01-30 00:04 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-30 00:02 - 2013-11-18 19:15 - 00001994 _____ C:\Users\Public\Desktop\Opera.lnk
2014-01-30 00:02 - 2010-03-30 18:11 - 00002104 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-30 00:02 - 2010-03-09 05:32 - 00001602 _____ C:\Users\Verca\Desktop\Internet Explorer.lnk
2014-01-30 00:02 - 2010-03-09 00:38 - 00001632 _____ C:\Users\Verca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-29 23:16 - 2014-01-29 22:33 - 382715650 _____ C:\Users\Verca\Downloads\Tacho-CZ-2010.avi
2014-01-22 02:22 - 2014-01-06 21:33 - 00000000 ____D C:\Users\Verca\Desktop\Kuba 8G
2014-01-20 19:14 - 2014-01-06 21:26 - 00000000 ____D C:\Users\Verca\Desktop\Kuba 4G
2014-01-17 01:15 - 2010-07-25 05:45 - 00000000 ____D C:\QSTART.000
2014-01-15 14:49 - 2014-01-15 14:49 - 00002126 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-15 14:49 - 2014-01-15 14:49 - 00000000 ____D C:\Users\Verca\AppData\Roaming\AVAST Software
2014-01-15 14:49 - 2014-01-15 14:48 - 00064168 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00775952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00410528 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00270240 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-01-15 14:48 - 2014-01-15 14:48 - 00180248 _____ C:\windows\system32\Drivers\aswVmm.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00079720 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00049944 _____ C:\windows\system32\Drivers\aswRvrt.sys
2014-01-15 14:48 - 2014-01-15 14:48 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-01-15 14:47 - 2014-01-15 14:47 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 14:46 - 2014-01-15 14:46 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-15 14:43 - 2010-03-09 05:36 - 00001912 _____ C:\windows\epplauncher.mif
2014-01-15 14:43 - 2009-07-14 03:37 - 00000000 ___HD C:\windows\system32\GroupPolicy
2014-01-15 14:42 - 2014-01-15 14:40 - 91412976 _____ (AVAST Software) C:\Users\Verca\Downloads\avast_free_antivirus_setup.exe
2014-01-15 14:34 - 2014-01-15 14:34 - 00004644 _____ C:\Users\Verca\Documents\cc_20140115_143420.reg
2014-01-15 14:23 - 2010-03-09 00:38 - 00000000 ____D C:\Users\Verca
2014-01-14 17:26 - 2014-02-06 08:57 - 00112640 _____ (forum.viry.cz) C:\Users\Verca\Desktop\FRSTLauncher.exe
2014-01-14 17:25 - 2014-02-06 08:56 - 01219584 _____ (Farbar) C:\Users\Verca\Desktop\FRST.exe
2014-01-14 16:14 - 2014-02-05 12:51 - 01037068 _____ (Thisisu) C:\Users\Verca\Desktop\JRT.exe
2014-01-14 16:14 - 2014-02-05 12:38 - 01236282 _____ C:\Users\Verca\Desktop\adwcleaner.exe
2014-01-14 16:14 - 2014-01-14 16:14 - 00000000 ____D C:\windows\ERUNT
2014-01-14 14:53 - 2014-02-05 08:42 - 00781383 _____ C:\Users\Verca\Desktop\RSIT.exe
Some content of TEMP:
====================
C:\Users\Verca\AppData\Local\Temp\BackupSetup.exe
C:\Users\Verca\AppData\Local\Temp\Quarantine.exe
C:\Users\Verca\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 02:17
==================== End Of Log ============================
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Awesomehp (domovská stránka)
Spusti Poznámkový blok
Skopíruj don skript.
Uloz vytvoreny TXT jako fixlist.txt
Presun vytvoreny fixlist vedla programu FRST.
Spustte znovu FRST.exe
Kliknes na Fix
Prebehne oprava a vytvori sa log Fixlog.txt
Restart PC a daj mi sem fixlog.txt
Skopíruj don skript.
Kód: Vybrat vše
Start
C:\Users\Verca\AppData\Local\MSGBOX.EXE
AppInit_DLLs: [ ] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&t ... 22H7522&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&t ... 22H7522&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
SearchScopes: HKLM - DefaultScope value is missing.
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\awesomehp.xml
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Verca\AppData\Local\Temp\CFcatchme.sys [x]
C:\Users\Verca\AppData\Local\Temp\BackupSetup.exe
C:\Users\Verca\AppData\Local\Temp\Quarantine.exe
C:\Users\Verca\AppData\Local\Temp\vcredist_x86.exe
Hosts:
CMD: shutdown /r
EndPresun vytvoreny fixlist vedla programu FRST.
Spustte znovu FRST.exe
Kliknes na Fix
Prebehne oprava a vytvori sa log Fixlog.txt
Restart PC a daj mi sem fixlog.txt
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Awesomehp (domovská stránka)
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2014
Ran by Verca at 2014-02-06 09:31:02 Run:1
Running from C:\Users\Verca\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Users\Verca\AppData\Local\MSGBOX.EXE
AppInit_DLLs: [ ] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&t ... 22H7522&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&t ... 22H7522&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
SearchScopes: HKLM - DefaultScope value is missing.
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\awesomehp.xml
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Verca\AppData\Local\Temp\CFcatchme.sys [x]
C:\Users\Verca\AppData\Local\Temp\BackupSetup.exe
C:\Users\Verca\AppData\Local\Temp\Quarantine.exe
C:\Users\Verca\AppData\Local\Temp\vcredist_x86.exe
Hosts:
CMD: shutdown /r
End
*****************
C:\Users\Verca\AppData\Local\MSGBOX.EXE => Moved successfully.
"AppInit_DLLs: [ ] ()" => Value Data not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Program Files\mozilla firefox\searchplugins\awesomehp.xml => Moved successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
AppMgmt => Service deleted successfully.
CFcatchme => Service deleted successfully.
C:\Users\Verca\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Verca\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Verca\AppData\Local\Temp\vcredist_x86.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by Verca at 2014-02-06 09:31:02 Run:1
Running from C:\Users\Verca\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Users\Verca\AppData\Local\MSGBOX.EXE
AppInit_DLLs: [ ] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&t ... 22H7522&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=13 ... H7522H7522
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&t ... 22H7522&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
SearchScopes: HKLM - DefaultScope value is missing.
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\awesomehp.xml
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=13 ... H7522H7522
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Verca\AppData\Local\Temp\CFcatchme.sys [x]
C:\Users\Verca\AppData\Local\Temp\BackupSetup.exe
C:\Users\Verca\AppData\Local\Temp\Quarantine.exe
C:\Users\Verca\AppData\Local\Temp\vcredist_x86.exe
Hosts:
CMD: shutdown /r
End
*****************
C:\Users\Verca\AppData\Local\MSGBOX.EXE => Moved successfully.
"AppInit_DLLs: [ ] ()" => Value Data not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Program Files\mozilla firefox\searchplugins\awesomehp.xml => Moved successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
AppMgmt => Service deleted successfully.
CFcatchme => Service deleted successfully.
C:\Users\Verca\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Verca\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Verca\AppData\Local\Temp\vcredist_x86.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r =========
========= End of CMD: =========
==== End of Fixlog ====
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Awesomehp (domovská stránka)
ok, este precisti pc TFC
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte
a napis co je noveho.
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte
a napis co je noveho.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Awesomehp (domovská stránka)
žádná změna je to tam pořád.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Awesomehp (domovská stránka)
Vloz sem log z RSIT.
http://forum.viry.cz/viewtopic.php?f=13&t=130786
http://forum.viry.cz/viewtopic.php?f=13&t=130786
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Awesomehp (domovská stránka)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Verca at 2014-02-06 09:49:02
Microsoft Windows 7 Starter
System drive C: has 36 GB (19%) free of 192 GB
Total RAM: 2037 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:50:11, on 6.2.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Verca\Desktop\RSIT.exe
C:\Program Files\trend micro\Verca.exe
C:\windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\QSTART.SYS\config\DVMExportService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
--
End of file - 4471 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\b044ruuy.default-1391601182926
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"lightningnewtab@gmail.com"=C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default\extensions\lightningnewtab@gmail.com.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-15 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-15 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-15 3764024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-10-23 5064560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnergyUtility]
C:\Program Files\Lenovo\Energy Management\utility.exe [2009-10-23 4114288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2010-05-26 173592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2010-05-26 141848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2010-05-26 150552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2010-05-18 1407520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-05-18 9210400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-25 1594664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-05-26 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2010-03-09 203776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-02-06 08:58:37 ----D---- C:\FRST
2014-02-05 12:39:34 ----D---- C:\AdwCleaner
2014-02-05 08:43:23 ----D---- C:\rsit
2014-01-30 00:31:13 ----D---- C:\Program Files\Uninstaller
2014-01-30 00:04:02 ----D---- C:\ProgramData\IePluginService
2014-01-15 14:49:37 ----D---- C:\Users\Verca\AppData\Roaming\AVAST Software
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswSP.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswSnx.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-01-15 14:48:49 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-01-15 14:48:45 ----A---- C:\windows\system32\aswBoot.exe
2014-01-15 14:48:39 ----A---- C:\windows\avastSS.scr
2014-01-15 14:47:41 ----D---- C:\Program Files\AVAST Software
2014-01-15 14:46:39 ----D---- C:\ProgramData\AVAST Software
2014-01-14 16:14:48 ----D---- C:\windows\ERUNT
======List of files/folders modified in the last 1 month======
2014-02-06 09:49:58 ----D---- C:\windows\temp
2014-02-06 09:49:23 ----D---- C:\Program Files\trend micro
2014-02-06 09:44:18 ----D---- C:\windows\Prefetch
2014-02-06 09:42:24 ----D---- C:\windows\system32\config
2014-02-06 09:31:03 ----D---- C:\windows\system32\drivers\etc
2014-02-06 09:26:53 ----SHD---- C:\System Volume Information
2014-02-06 09:07:26 ----D---- C:\windows\System32
2014-02-06 09:07:22 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-02-06 08:58:42 ----D---- C:\Windows
2014-02-06 08:58:09 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-02-05 12:42:10 ----RD---- C:\Program Files
2014-02-05 12:42:09 ----D---- C:\ProgramData
2014-01-30 17:44:45 ----D---- C:\windows\Tasks
2014-01-30 00:39:20 ----D---- C:\windows\system32\Tasks
2014-01-30 00:04:41 ----SHD---- C:\windows\Installer
2014-01-30 00:04:40 ----D---- C:\windows\winsxs
2014-01-17 01:15:43 ----D---- C:\QSTART.000
2014-01-15 16:21:37 ----D---- C:\windows\system32\drivers
2014-01-15 14:43:19 ----HD---- C:\windows\system32\GroupPolicy
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-01-15 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-01-15 180248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2014-01-15 79720]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2014-01-15 775952]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2014-01-15 410528]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-05 218176]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2014-01-15 67824]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 aswStm;aswStm; \??\C:\windows\system32\drivers\aswStm.sys [2014-01-15 64168]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-11-05 2494968]
R3 Cam5607;Lenovo EasyCamera ; C:\windows\System32\Drivers\BisonC07.sys [2010-01-29 1313776]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-05-26 4806144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-05-18 3096992]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-25 230576]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-09-12 49664]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-09-30 175104]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-15 50344]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\QSTART.SYS\config\DVMExportService.exe [2009-12-29 331776]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-10 119408]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
-----------------EOF-----------------
Run by Verca at 2014-02-06 09:49:02
Microsoft Windows 7 Starter
System drive C: has 36 GB (19%) free of 192 GB
Total RAM: 2037 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:50:11, on 6.2.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Verca\Desktop\RSIT.exe
C:\Program Files\trend micro\Verca.exe
C:\windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.awesomehp.com/web/?type=ds&t ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\QSTART.SYS\config\DVMExportService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
--
End of file - 4471 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\b044ruuy.default-1391601182926
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"lightningnewtab@gmail.com"=C:\Users\Verca\AppData\Roaming\Mozilla\Firefox\Profiles\5df5zawj.default\extensions\lightningnewtab@gmail.com.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-15 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-15 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-15 3764024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-10-23 5064560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnergyUtility]
C:\Program Files\Lenovo\Energy Management\utility.exe [2009-10-23 4114288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2010-05-26 173592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2010-05-26 141848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2010-05-26 150552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2010-05-18 1407520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-05-18 9210400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-25 1594664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-05-26 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2010-03-09 203776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-02-06 08:58:37 ----D---- C:\FRST
2014-02-05 12:39:34 ----D---- C:\AdwCleaner
2014-02-05 08:43:23 ----D---- C:\rsit
2014-01-30 00:31:13 ----D---- C:\Program Files\Uninstaller
2014-01-30 00:04:02 ----D---- C:\ProgramData\IePluginService
2014-01-15 14:49:37 ----D---- C:\Users\Verca\AppData\Roaming\AVAST Software
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswSP.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswSnx.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-01-15 14:48:50 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-01-15 14:48:49 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-01-15 14:48:45 ----A---- C:\windows\system32\aswBoot.exe
2014-01-15 14:48:39 ----A---- C:\windows\avastSS.scr
2014-01-15 14:47:41 ----D---- C:\Program Files\AVAST Software
2014-01-15 14:46:39 ----D---- C:\ProgramData\AVAST Software
2014-01-14 16:14:48 ----D---- C:\windows\ERUNT
======List of files/folders modified in the last 1 month======
2014-02-06 09:49:58 ----D---- C:\windows\temp
2014-02-06 09:49:23 ----D---- C:\Program Files\trend micro
2014-02-06 09:44:18 ----D---- C:\windows\Prefetch
2014-02-06 09:42:24 ----D---- C:\windows\system32\config
2014-02-06 09:31:03 ----D---- C:\windows\system32\drivers\etc
2014-02-06 09:26:53 ----SHD---- C:\System Volume Information
2014-02-06 09:07:26 ----D---- C:\windows\System32
2014-02-06 09:07:22 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-02-06 08:58:42 ----D---- C:\Windows
2014-02-06 08:58:09 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-02-05 12:42:10 ----RD---- C:\Program Files
2014-02-05 12:42:09 ----D---- C:\ProgramData
2014-01-30 17:44:45 ----D---- C:\windows\Tasks
2014-01-30 00:39:20 ----D---- C:\windows\system32\Tasks
2014-01-30 00:04:41 ----SHD---- C:\windows\Installer
2014-01-30 00:04:40 ----D---- C:\windows\winsxs
2014-01-17 01:15:43 ----D---- C:\QSTART.000
2014-01-15 16:21:37 ----D---- C:\windows\system32\drivers
2014-01-15 14:43:19 ----HD---- C:\windows\system32\GroupPolicy
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-01-15 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-01-15 180248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2014-01-15 79720]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2014-01-15 775952]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2014-01-15 410528]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-05 218176]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2014-01-15 67824]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 aswStm;aswStm; \??\C:\windows\system32\drivers\aswStm.sys [2014-01-15 64168]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-11-05 2494968]
R3 Cam5607;Lenovo EasyCamera ; C:\windows\System32\Drivers\BisonC07.sys [2010-01-29 1313776]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-05-26 4806144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-05-18 3096992]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-25 230576]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-09-12 49664]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-09-30 175104]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-15 50344]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\QSTART.SYS\config\DVMExportService.exe [2009-12-29 331776]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-10 119408]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
-----------------EOF-----------------
Přispějete na provoz fóra?