Dobrý den,
ráda bych poprosila o kontrolu logu, vypadá to, že se mi do PC něco natahuje. Ráno po spuštění štít Spyware Terminatoru opakovaně detekoval hrozbu. Následně jsem zjistila, že přestal na internetu fungovat flashplayer. Následně mi Spyware hlásí hrozbu při veškeré práci se soubory (otevírání textových souborů, nahrání souboru na mail apod.) Je vhodné ještě v tenhle okamžik zkusit zálohu dat a nebo už by hrozilo, že si s tím přetáhnu i tohle svinstvo? Poslední zálohu mám starou asi 3 dny, tak se holt se ztrátou těch několika dat případně smířím. Chtěla jsem udělat kontrolu eset scannerem ale nepustí mě to k němu.
EDIT: Teď jsem se pokusila vytvořit log, ale už je blokováno- systém windows nemá k otevření položky oprávnění.
Předem moc děkuji za jakoukoliv pomoc, asi to bude větší průšvih než jsem si původně myslela .... :/
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, blokování operací
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu, blokování operací
ahoj
pouzi navod kolegu 16:07 http://forum.viry.cz/viewtopic.php?f=13 ... l#p1319366
pouzi navod kolegu 16:07 http://forum.viry.cz/viewtopic.php?f=13 ... l#p1319366
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, blokování operací
Ahoj, tak tady je, nebyla jsem doma a po návratu najednou šel spustit jak Eset Scanner, tak i RSIT, okna o hrozbě od Spywaru už nevyskakují, na asi deset minut fungoval i flashplayer pro videa na YT, ale teď už zase nejedou. Moudrá z toho tedy opravdu nejsem 
Spyware ani Eset nic nenašly.
Logfile of random's system information tool 1.09 (written by random/random)
Run by natalka at 2014-05-14 23:03:15
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 366 GB (77%) free of 477 GB
Total RAM: 4076 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:20, on 14.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
C:\Program Files (x86)\Opera\launcher.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files\trend micro\natalka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Dropbox.lnk = natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9720 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 28381296
\??\C:\Windows\system32\conhost.exe "-1525147846-11788307141893689956-59561003753705927-17489822531946312455-350772269
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000630
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:11.0 /MODE:2
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --ran-launcher /crash-reporter-parent-id=10652
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=gpu-process --channel="10652.0.546864986\1679168177" --crash-reporter-pid=27204 --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x1050 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6800 --crash-reporter-pid=27204 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --extension-process --disable-client-side-phishing-detection --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.2.1764201657\170371860" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.3.772733626\1732621136" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "C:\Users\natalka\Documents\Disman Jak se vyrábí sociologická znalost.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=20156.1.1759762364 --type=renderer "C:\Users\natalka\Documents\Disman Jak se vyrábí sociologická znalost.pdf"
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll" --lang=cs --channel="10652.18.903714815\1166370546" --crash-reporter-pid=27204 /prefetch:-390060480
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"
\??\C:\Windows\system32\conhost.exe "808228153-489854374-12373834461173160043-10241421831772833150-1801872806682870037
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.143.40629124\103773649" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.147.191731592\2020050757" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.148.2110969411\1021865111" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.175.1372278320\248231844" /prefetch:673131151
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.205.902435252\2081577661" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.209.594672890\1272924847" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.229.1889131171\1280017779" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.235.743410650\1993803199" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.237.369309535\658761203" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.238.1645320692\1444648481" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.256.1790269387\1419115049" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.257.1110749312\629809425" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.258.36162580\893927697" /prefetch:673131151
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /WAIT
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.280.283654856\386960898" /prefetch:673131151
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.281.1485646861\275624791" /prefetch:673131151
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe" /SCHEDULESCAN /ELEVATED
"C:\Windows\system32\wuauclt.exe"
{B6F751AF-75A6-4B07-A113-D47D4049D67B}
{58AB6AD1-AAF0-45DD-A2BB-357DBE8F05E4}
"C:\Program Files (x86)\Opera\launcher.exe" --forcedcheckforupdates
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.326.1664579697\146909268" /prefetch:673131151
"C:\Users\natalka\Downloads\RSITX64.EXE"
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.327.309358822\1763389041" /prefetch:673131151
taskeng.exe {A0DE1DDD-81BC-4BC3-A8BD-8329D1AF2FAF}
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-26 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-26 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-26 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-26 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-04-22 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-02-25 689744]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-01-19 1106512]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-10-23 152392]
C:\Users\natalka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-05-14 05:17:01 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-05-07 00:50:30 ----SD---- C:\Windows\system32\CompatTel
2014-05-06 20:31:09 ----A---- C:\Windows\system32\aepdu.dll
2014-05-06 20:31:09 ----A---- C:\Windows\system32\aeinv.dll
2014-05-04 08:45:04 ----D---- C:\Users\natalka\AppData\Roaming\DropboxMaster
2014-05-04 00:40:44 ----A---- C:\Windows\system32\mshtml.dll
2014-05-04 00:40:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
======List of files/folders modified in the last 1 month======
2014-05-14 23:03:20 ----D---- C:\Windows\Prefetch
2014-05-14 23:03:18 ----D---- C:\Windows\Temp
2014-05-14 23:03:18 ----D---- C:\Program Files\trend micro
2014-05-14 18:23:23 ----D---- C:\Windows\system32\config
2014-05-14 18:13:17 ----D---- C:\Windows\system32\catroot
2014-05-14 18:13:15 ----D---- C:\Windows\winsxs
2014-05-14 18:12:50 ----D---- C:\Windows\system32\catroot2
2014-05-14 17:38:53 ----D---- C:\ProgramData\Spyware Terminator
2014-05-14 12:51:16 ----D---- C:\Windows\System32
2014-05-14 12:51:16 ----D---- C:\Windows\inf
2014-05-14 12:51:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-14 11:09:22 ----SHD---- C:\System Volume Information
2014-05-14 07:33:32 ----D---- C:\Users\natalka\AppData\Roaming\Dropbox
2014-05-14 05:17:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-14 05:17:01 ----D---- C:\Windows\SysWOW64
2014-05-08 17:22:57 ----D---- C:\Users\natalka\AppData\Roaming\vlc
2014-05-08 06:24:05 ----SHD---- C:\Windows\Installer
2014-05-08 06:19:46 ----RD---- C:\Program Files (x86)
2014-05-07 08:05:48 ----SD---- C:\Users\natalka\AppData\Roaming\Microsoft
2014-05-07 05:44:06 ----D---- C:\Windows
2014-05-02 01:38:03 ----D---- C:\Users\natalka\AppData\Roaming\Skype
2014-04-28 14:52:30 ----D---- C:\Program Files (x86)\Opera
2014-04-17 11:03:44 ----D---- C:\Windows\debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-18 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-01 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-18 108440]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-02-28 51496]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-16 2350952]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 67112]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2010-12-10 35368]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2010-12-11 85544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-10-31 410152]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-04-19 174184]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-25 440400]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-25 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-01-19 355920]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-23 641352]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-22 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-19 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Spyware ani Eset nic nenašly.Logfile of random's system information tool 1.09 (written by random/random)
Run by natalka at 2014-05-14 23:03:15
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 366 GB (77%) free of 477 GB
Total RAM: 4076 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:20, on 14.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
C:\Program Files (x86)\Opera\launcher.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files\trend micro\natalka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Dropbox.lnk = natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9720 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 28381296
\??\C:\Windows\system32\conhost.exe "-1525147846-11788307141893689956-59561003753705927-17489822531946312455-350772269
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000630
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:11.0 /MODE:2
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --ran-launcher /crash-reporter-parent-id=10652
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=gpu-process --channel="10652.0.546864986\1679168177" --crash-reporter-pid=27204 --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x1050 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6800 --crash-reporter-pid=27204 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --extension-process --disable-client-side-phishing-detection --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.2.1764201657\170371860" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.3.772733626\1732621136" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "C:\Users\natalka\Documents\Disman Jak se vyrábí sociologická znalost.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=20156.1.1759762364 --type=renderer "C:\Users\natalka\Documents\Disman Jak se vyrábí sociologická znalost.pdf"
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll" --lang=cs --channel="10652.18.903714815\1166370546" --crash-reporter-pid=27204 /prefetch:-390060480
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"
\??\C:\Windows\system32\conhost.exe "808228153-489854374-12373834461173160043-10241421831772833150-1801872806682870037
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.143.40629124\103773649" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.147.191731592\2020050757" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.148.2110969411\1021865111" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.175.1372278320\248231844" /prefetch:673131151
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.205.902435252\2081577661" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.209.594672890\1272924847" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.229.1889131171\1280017779" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.235.743410650\1993803199" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.237.369309535\658761203" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.238.1645320692\1444648481" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.256.1790269387\1419115049" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.257.1110749312\629809425" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.258.36162580\893927697" /prefetch:673131151
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /WAIT
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.280.283654856\386960898" /prefetch:673131151
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.281.1485646861\275624791" /prefetch:673131151
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe" /SCHEDULESCAN /ELEVATED
"C:\Windows\system32\wuauclt.exe"
{B6F751AF-75A6-4B07-A113-D47D4049D67B}
{58AB6AD1-AAF0-45DD-A2BB-357DBE8F05E4}
"C:\Program Files (x86)\Opera\launcher.exe" --forcedcheckforupdates
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.326.1664579697\146909268" /prefetch:673131151
"C:\Users\natalka\Downloads\RSITX64.EXE"
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=27204 --channel="10652.327.309358822\1763389041" /prefetch:673131151
taskeng.exe {A0DE1DDD-81BC-4BC3-A8BD-8329D1AF2FAF}
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-26 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-26 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-26 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-26 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-04-22 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-02-25 689744]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-01-19 1106512]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-10-23 152392]
C:\Users\natalka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-05-14 05:17:01 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-05-07 00:50:30 ----SD---- C:\Windows\system32\CompatTel
2014-05-06 20:31:09 ----A---- C:\Windows\system32\aepdu.dll
2014-05-06 20:31:09 ----A---- C:\Windows\system32\aeinv.dll
2014-05-04 08:45:04 ----D---- C:\Users\natalka\AppData\Roaming\DropboxMaster
2014-05-04 00:40:44 ----A---- C:\Windows\system32\mshtml.dll
2014-05-04 00:40:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
======List of files/folders modified in the last 1 month======
2014-05-14 23:03:20 ----D---- C:\Windows\Prefetch
2014-05-14 23:03:18 ----D---- C:\Windows\Temp
2014-05-14 23:03:18 ----D---- C:\Program Files\trend micro
2014-05-14 18:23:23 ----D---- C:\Windows\system32\config
2014-05-14 18:13:17 ----D---- C:\Windows\system32\catroot
2014-05-14 18:13:15 ----D---- C:\Windows\winsxs
2014-05-14 18:12:50 ----D---- C:\Windows\system32\catroot2
2014-05-14 17:38:53 ----D---- C:\ProgramData\Spyware Terminator
2014-05-14 12:51:16 ----D---- C:\Windows\System32
2014-05-14 12:51:16 ----D---- C:\Windows\inf
2014-05-14 12:51:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-14 11:09:22 ----SHD---- C:\System Volume Information
2014-05-14 07:33:32 ----D---- C:\Users\natalka\AppData\Roaming\Dropbox
2014-05-14 05:17:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-14 05:17:01 ----D---- C:\Windows\SysWOW64
2014-05-08 17:22:57 ----D---- C:\Users\natalka\AppData\Roaming\vlc
2014-05-08 06:24:05 ----SHD---- C:\Windows\Installer
2014-05-08 06:19:46 ----RD---- C:\Program Files (x86)
2014-05-07 08:05:48 ----SD---- C:\Users\natalka\AppData\Roaming\Microsoft
2014-05-07 05:44:06 ----D---- C:\Windows
2014-05-02 01:38:03 ----D---- C:\Users\natalka\AppData\Roaming\Skype
2014-04-28 14:52:30 ----D---- C:\Program Files (x86)\Opera
2014-04-17 11:03:44 ----D---- C:\Windows\debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-18 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-01 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-18 108440]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-02-28 51496]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-16 2350952]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 67112]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2010-12-10 35368]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2010-12-11 85544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-10-31 410152]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-04-19 174184]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-25 440400]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-25 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-01-19 355920]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-23 641352]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-22 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-19 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Prosím o kontrolu logu, blokování operací
prescanuj PC s MBAM - kompletna kontrola
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, blokování operací
Ok. Dám jsem log a případně až následně budeme mazat, že?
Re: Prosím o kontrolu logu, blokování operací
ano
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, blokování operací
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.05.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17105
natalka :: ACER [administrátor]
15.5.2014 8:22:11
MBAM-log-2014-05-15 (09-21-32).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 349903
Uplynulý čas: 58 minut,
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 4
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\en (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\pl (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 8
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\background.html (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\background.js (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\icon_128.png (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\inject.js (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\jquery.min.js (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\manifest.json (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\en\messages.json (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\pl\messages.json (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2014.05.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17105
natalka :: ACER [administrátor]
15.5.2014 8:22:11
MBAM-log-2014-05-15 (09-21-32).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 349903
Uplynulý čas: 58 minut,
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 4
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\en (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\pl (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 8
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\background.html (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\background.js (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\icon_128.png (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\inject.js (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\jquery.min.js (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\manifest.json (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\en\messages.json (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc\_locales\pl\messages.json (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím o kontrolu logu, blokování operací
vsetko najdene nechaj odstranit v mbam
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, blokování operací
Všechno smazáno, jen Avira na to reagovala hláškou o odepření přístupu k registrům. To je ok?
Jak kdyžtak postupovat dál?
Jak kdyžtak postupovat dál?
Re: Prosím o kontrolu logu, blokování operací
restartni PC a sleduj ho - ak budu nejake zavaznejsie problemy vloz log z ComboFix
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, blokování operací
Tak se zdá, že všechno ok , děkuju moc. Mám ještě jednou nahodit log z RSITu?
, děkuju moc. Mám ještě jednou nahodit log z RSITu?Re: Prosím o kontrolu logu, blokování operací
log nateraz netreba
rado sa stalo
rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?