Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu - notebook po bráchovi

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
petiq
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 06 zář 2013 08:05

Kontrola logu - notebook po bráchovi

#1 Příspěvek od petiq »

Dobrý den,

prosím o kontrolu logu z RSIT. Notebook měl bratr a byla na něm hromada havěti a asi tam ještě něco zůstalo. Děkuji :)


Logfile of random's system information tool 1.10 (written by random/random)
Run by Petras at 2014-10-05 18:18:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 363 GB (76%) free of 477 GB
Total RAM: 2551 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:53, on 5.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Petras\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Petras.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=32 ... 3&affilt=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O1 - Hosts: "127.0.0.1 activate.adobe.com"
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Petras\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 9218 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default

prefs.js - "browser.startup.homepage" - "http://search.ividi.org/?src=tbhp&id=32 ... 3&affilt=3"

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre6\bin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\searchplugins\
Search_Results.xml

C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default\extensions\
05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-10-06 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-21 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-06 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2010-05-25 960080]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-06-22 9292392]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-04 3890208]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Petras\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-05 17:42:22 ----A---- C:\Windows\system32\iesetup.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\ieui.dll
2014-10-05 17:42:18 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\msrating.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\vbscript.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\iernonce.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-05 17:42:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-05 17:42:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-05 17:42:09 ----A---- C:\Windows\system32\iertutil.dll
2014-10-05 17:42:08 ----A---- C:\Windows\system32\wininet.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\urlmon.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\jscript9.dll
2014-10-05 17:42:04 ----A---- C:\Windows\system32\mshtml.dll
2014-10-05 17:42:02 ----A---- C:\Windows\system32\ieframe.dll
2014-10-05 17:40:37 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-05 17:32:43 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-05 17:32:41 ----A---- C:\Windows\system32\icardres.dll
2014-10-05 17:32:37 ----A---- C:\Windows\system32\icardagt.exe
2014-10-05 17:32:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-05 17:14:38 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\cdd.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\kerberos.dll
2014-10-05 17:13:48 ----A---- C:\Windows\system32\win32k.sys
2014-10-05 17:13:48 ----A---- C:\Windows\system32\gdi32.dll
2014-10-05 17:13:44 ----A---- C:\Windows\system32\qdvd.dll
2014-10-05 17:13:10 ----D---- C:\rsit
2014-10-05 17:13:10 ----D---- C:\Program Files\trend micro
2014-10-05 17:13:07 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\msi.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\authui.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\msihnd.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\consent.exe
2014-10-05 17:12:59 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-05 17:12:53 ----A---- C:\Windows\system32\aepdu.dll
2014-10-05 17:12:52 ----A---- C:\Windows\system32\aeinv.dll
2014-10-05 17:09:44 ----A---- C:\Windows\system32\shell32.dll
2014-10-05 12:06:41 ----A---- C:\Windows\system32\tzres.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wups2.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wucltux.dll
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wups.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wudriver.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wuapi.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuapp.exe
2014-10-05 10:20:58 ----A---- C:\Windows\avastSS.scr
2014-10-05 10:20:35 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys

======List of files/folders modified in the last 1 month======

2014-10-05 18:19:33 ----D---- C:\Windows\Temp
2014-10-05 18:10:15 ----D---- C:\Windows\Microsoft.NET
2014-10-05 18:10:14 ----RSD---- C:\Windows\assembly
2014-10-05 18:03:59 ----D---- C:\Windows\system32\config
2014-10-05 18:03:58 ----D---- C:\Windows\winsxs
2014-10-05 18:00:56 ----D---- C:\Windows\system32\drivers
2014-10-05 18:00:56 ----D---- C:\Windows\System32
2014-10-05 18:00:56 ----D---- C:\Windows\ehome
2014-10-05 18:00:55 ----D---- C:\Windows\system32\cs-CZ
2014-10-05 18:00:54 ----D---- C:\Windows\system32\en-US
2014-10-05 18:00:54 ----D---- C:\Windows\PolicyDefinitions
2014-10-05 18:00:53 ----D---- C:\Program Files\Internet Explorer
2014-10-05 18:00:47 ----SD---- C:\Windows\system32\CompatTel
2014-10-05 17:47:27 ----SHD---- C:\Windows\Installer
2014-10-05 17:47:26 ----SHD---- C:\Config.Msi
2014-10-05 17:47:26 ----D---- C:\ProgramData\Microsoft Help
2014-10-05 17:42:43 ----D---- C:\Windows\system32\catroot2
2014-10-05 17:42:43 ----D---- C:\Windows\system32\catroot
2014-10-05 17:40:22 ----D---- C:\Windows\system32\MRT
2014-10-05 17:31:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-05 17:24:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-05 17:24:14 ----D---- C:\Windows\inf
2014-10-05 17:23:19 ----SHD---- C:\System Volume Information
2014-10-05 17:13:10 ----D---- C:\Program Files
2014-10-05 12:34:59 ----RSD---- C:\Windows\Media
2014-10-05 12:34:59 ----D---- C:\Windows\Tasks
2014-10-05 12:34:59 ----D---- C:\Windows\system32\wfp
2014-10-05 12:34:59 ----D---- C:\Windows\system32\DriverStore
2014-10-05 12:34:59 ----D---- C:\Windows
2014-10-05 12:34:55 ----D---- C:\Windows\system32\XPSViewer
2014-10-05 12:34:55 ----D---- C:\Windows\system32\wbem
2014-10-05 12:34:55 ----D---- C:\Windows\system32\Tasks
2014-10-05 12:34:55 ----D---- C:\Windows\system32\MUI
2014-10-05 12:34:55 ----D---- C:\Windows\system32\drivers\etc
2014-10-05 12:34:55 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-05 12:34:55 ----D---- C:\Windows\servicing
2014-10-05 12:34:45 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-05 12:33:41 ----D---- C:\Windows\registration
2014-10-05 12:30:46 ----D---- C:\Program Files\AVAST Software
2014-10-05 10:25:05 ----D---- C:\Program Files\Java
2014-10-05 10:21:44 ----D---- C:\Windows\Prefetch
2014-10-05 10:20:58 ----A---- C:\Windows\system32\aswBoot.exe
2014-09-15 09:06:04 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-10-05 270752]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-05 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-05 192352]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-10-05 26136]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-05 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-10-05 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-05 414520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-05 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-05 67824]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-05 71944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-26 8853504]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-26 264192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-05-03 3764800]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-06-22 3117672]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2010-05-15 325672]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-01-27 183584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acroueoo;acroueoo; C:\Windows\system32\drivers\acroueoo.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys []
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys []
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandnetgps.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys []
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2011-05-03 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2011-05-03 32800]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-26 176128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-21 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-05-21 109048]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2010-05-25 325200]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-04 1343400]
S3 WMSVC;@%windir%\system32\inetsrv\iisres.dll,-20001; C:\Windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu - notebook po bráchovi

#2 Příspěvek od Rudy »

Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
petiq
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 06 zář 2013 08:05

Re: Kontrola logu - notebook po bráchovi

#3 Příspěvek od petiq »

Děkuji za odpověď, zde je log. Který jsem obdržel po restartu.

eeeeeeee# AdwCleaner v3.311 - Report created 05/10/2014 at 19:07:32
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Petras - PETIQ-PC
# Running from : C:\Users\Petras\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\petr\AppData\LocalLow\DownTangoLauncherToolbar
Folder Deleted : C:\Users\petr\AppData\LocalLow\ilividtoolbarguid
Folder Deleted : C:\Users\petr\AppData\LocalLow\SimplyTech
Folder Deleted : C:\Users\Petras\AppData\Local\DownTango
Folder Deleted : C:\Users\Petras\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Petras\AppData\LocalLow\DownTangoLauncherToolbar
Folder Deleted : C:\Users\Petras\AppData\LocalLow\ilividtoolbarguid
Folder Deleted : C:\Users\Petras\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Petras\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Petras\AppData\LocalLow\SimplyTech
Folder Deleted : C:\Users\Petras\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Petras\AppData\LocalLow\Unitech LLC
Folder Deleted : C:\Users\Petras\AppData\Roaming\iPumper
Folder Deleted : C:\Users\Petras\AppData\Roaming\OpenCandy
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default\user.js
File Deleted : C:\Program Files\Mozilla Firefox\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\iVIDI Plugin
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Unitech LLC
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GamePlayLabs
Key Deleted : HKLM\SOFTWARE\iLividSRTB
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Unitech LLC
Key Deleted : HKLM\SOFTWARE\Web Assistant
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\mnwdzpbg.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/406");
Line Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=514&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=7148922313064336&o=APN10645&q=");
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]

[ File : C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.ividi.org/?src=tbhp&id=3280e7fd0000000000004c0f6e8493c3&affilt=3");
Line Deleted : user_pref("extensions.crossrider.bic", "1421aebcf8df31e1fdce2ce03be69944");
Line Deleted : user_pref("extensions.ividi.admin", false);
Line Deleted : user_pref("extensions.ividi.aflt", "3");
Line Deleted : user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}");
Line Deleted : user_pref("extensions.ividi.autoRvrt", "false");
Line Deleted : user_pref("extensions.ividi.dfltLng", "");
Line Deleted : user_pref("extensions.ividi.dfltSrch", true);
Line Deleted : user_pref("extensions.ividi.dnsErr", true);
Line Deleted : user_pref("extensions.ividi.excTlbr", true);
Line Deleted : user_pref("extensions.ividi.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.ividi.hmpg", true);
Line Deleted : user_pref("extensions.ividi.hmpgUrl", "hxxp://search.ividi.org/?src=tbhp&id=3280e7fd0000000000004c0f6e8493c3&affilt=3");
Line Deleted : user_pref("extensions.ividi.hpOld0", "");
Line Deleted : user_pref("extensions.ividi.id", "3280e7fd0000000000004c0f6e8493c3");
Line Deleted : user_pref("extensions.ividi.instlDay", "15948");
Line Deleted : user_pref("extensions.ividi.instlRef", "");
Line Deleted : user_pref("extensions.ividi.kw_url", "hxxp://search.ividi.org/?src=tbsp&id=3280e7fd0000000000004c0f6e8493c3&affilt=3&q=");
Line Deleted : user_pref("extensions.ividi.newTab", true);
Line Deleted : user_pref("extensions.ividi.newTabUrl", "hxxp://search.ividi.org/?q={searchTerms}&src=tbnt&id=3280e7fd0000000000004c0f6e8493c3&affilt=3");
Line Deleted : user_pref("extensions.ividi.prdct", "ividi");
Line Deleted : user_pref("extensions.ividi.prtnrId", "ividi");
Line Deleted : user_pref("extensions.ividi.rvrt", "false");
Line Deleted : user_pref("extensions.ividi.smplGrp", "none");
Line Deleted : user_pref("extensions.ividi.srchPrvdr", "Search ");
Line Deleted : user_pref("extensions.ividi.tlbrId", "base");
Line Deleted : user_pref("extensions.ividi.tlbrSrchUrl", "hxxp://search.ividi.org/?src=tbsp&id=3280e7fd0000000000004c0f6e8493c3&affilt=3&q=");
Line Deleted : user_pref("extensions.ividi.vrsn", "1.8.23.0");
Line Deleted : user_pref("extensions.ividi.vrsnTs", "1.8.23.019:32:54");
Line Deleted : user_pref("extensions.ividi.vrsni", "1.8.23.0");

-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\Petras\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14622 octets] - [05/10/2014 19:04:16]
AdwCleaner[S0].txt - [13447 octets] - [05/10/2014 19:07:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13508 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu - notebook po bráchovi

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
petiq
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 06 zář 2013 08:05

Re: Kontrola logu - notebook po bráchovi

#5 Příspěvek od petiq »

Zde nový log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petras at 2014-10-05 19:17:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 367 GB (77%) free of 477 GB
Total RAM: 2551 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:04, on 5.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Petras\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Petras.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: "127.0.0.1 activate.adobe.com"
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Petras\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7103 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre6\bin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default\extensions\
05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-10-06 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-06 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2010-05-25 960080]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-06-22 9292392]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Petras\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-05 19:06:42 ----A---- C:\Windows\system32\sqlite3.dll
2014-10-05 19:04:14 ----D---- C:\AdwCleaner
2014-10-05 17:42:22 ----A---- C:\Windows\system32\iesetup.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\ieui.dll
2014-10-05 17:42:18 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\msrating.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\vbscript.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\iernonce.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-05 17:42:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-05 17:42:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-05 17:42:09 ----A---- C:\Windows\system32\iertutil.dll
2014-10-05 17:42:08 ----A---- C:\Windows\system32\wininet.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\urlmon.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\jscript9.dll
2014-10-05 17:42:04 ----A---- C:\Windows\system32\mshtml.dll
2014-10-05 17:42:02 ----A---- C:\Windows\system32\ieframe.dll
2014-10-05 17:40:37 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-05 17:32:43 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-05 17:32:41 ----A---- C:\Windows\system32\icardres.dll
2014-10-05 17:32:37 ----A---- C:\Windows\system32\icardagt.exe
2014-10-05 17:32:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-05 17:14:38 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\cdd.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\kerberos.dll
2014-10-05 17:13:48 ----A---- C:\Windows\system32\win32k.sys
2014-10-05 17:13:48 ----A---- C:\Windows\system32\gdi32.dll
2014-10-05 17:13:44 ----A---- C:\Windows\system32\qdvd.dll
2014-10-05 17:13:10 ----D---- C:\rsit
2014-10-05 17:13:10 ----D---- C:\Program Files\trend micro
2014-10-05 17:13:07 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\msi.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\authui.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\msihnd.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\consent.exe
2014-10-05 17:12:59 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-05 17:12:53 ----A---- C:\Windows\system32\aepdu.dll
2014-10-05 17:12:52 ----A---- C:\Windows\system32\aeinv.dll
2014-10-05 17:09:44 ----A---- C:\Windows\system32\shell32.dll
2014-10-05 12:06:41 ----A---- C:\Windows\system32\tzres.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wups2.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wucltux.dll
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wups.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wudriver.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wuapi.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuapp.exe
2014-10-05 10:20:58 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2014-10-05 19:18:35 ----D---- C:\Windows\Temp
2014-10-05 19:16:49 ----D---- C:\Windows\System32
2014-10-05 19:16:37 ----D---- C:\Windows\system32\Tasks
2014-10-05 19:16:28 ----D---- C:\Windows\system32\DriverStore
2014-10-05 19:16:28 ----D---- C:\Windows\system32\catroot
2014-10-05 19:16:27 ----D---- C:\Windows\inf
2014-10-05 19:16:19 ----D---- C:\Windows\system32\drivers
2014-10-05 19:16:06 ----SD---- C:\Windows\system32\Microsoft
2014-10-05 19:15:57 ----SHD---- C:\System Volume Information
2014-10-05 19:12:58 ----D---- C:\Windows\system32\config
2014-10-05 19:07:34 ----D---- C:\Program Files\Mozilla Firefox
2014-10-05 18:56:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-10-05 18:10:15 ----D---- C:\Windows\Microsoft.NET
2014-10-05 18:10:14 ----RSD---- C:\Windows\assembly
2014-10-05 18:03:58 ----D---- C:\Windows\winsxs
2014-10-05 18:00:56 ----D---- C:\Windows\ehome
2014-10-05 18:00:55 ----D---- C:\Windows\system32\cs-CZ
2014-10-05 18:00:54 ----D---- C:\Windows\system32\en-US
2014-10-05 18:00:54 ----D---- C:\Windows\PolicyDefinitions
2014-10-05 18:00:53 ----D---- C:\Program Files\Internet Explorer
2014-10-05 18:00:47 ----SD---- C:\Windows\system32\CompatTel
2014-10-05 17:47:27 ----SHD---- C:\Windows\Installer
2014-10-05 17:47:26 ----SHD---- C:\Config.Msi
2014-10-05 17:47:26 ----D---- C:\ProgramData\Microsoft Help
2014-10-05 17:42:43 ----D---- C:\Windows\system32\catroot2
2014-10-05 17:40:22 ----D---- C:\Windows\system32\MRT
2014-10-05 17:31:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-05 17:24:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-05 17:13:10 ----D---- C:\Program Files
2014-10-05 12:34:59 ----RSD---- C:\Windows\Media
2014-10-05 12:34:59 ----D---- C:\Windows\Tasks
2014-10-05 12:34:59 ----D---- C:\Windows\system32\wfp
2014-10-05 12:34:59 ----D---- C:\Windows
2014-10-05 12:34:55 ----D---- C:\Windows\system32\XPSViewer
2014-10-05 12:34:55 ----D---- C:\Windows\system32\wbem
2014-10-05 12:34:55 ----D---- C:\Windows\system32\MUI
2014-10-05 12:34:55 ----D---- C:\Windows\system32\drivers\etc
2014-10-05 12:34:55 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-05 12:34:55 ----D---- C:\Windows\servicing
2014-10-05 12:34:45 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-05 12:33:41 ----D---- C:\Windows\registration
2014-10-05 12:30:46 ----D---- C:\Program Files\AVAST Software
2014-10-05 10:25:05 ----D---- C:\Program Files\Java
2014-10-05 10:21:44 ----D---- C:\Windows\Prefetch
2014-09-15 09:06:04 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-26 8853504]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-26 264192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-05-03 3764800]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-06-22 3117672]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2010-05-15 325672]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-01-27 183584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acroueoo;acroueoo; C:\Windows\system32\drivers\acroueoo.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys []
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys []
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandnetgps.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys []
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2011-05-03 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2011-05-03 32800]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-26 176128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2010-05-25 325200]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-04 1343400]
S3 WMSVC;@%windir%\system32\inetsrv\iisres.dll,-20001; C:\Windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu - notebook po bráchovi

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\Microsoft\BingBar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:services
BBSvc
BBUpdate

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
petiq
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 06 zář 2013 08:05

Re: Kontrola logu - notebook po bráchovi

#7 Příspěvek od petiq »

Provedeno dle instrukcí. A přikládám log RSIT po restartu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petras at 2014-10-06 21:11:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 367 GB (77%) free of 477 GB
Total RAM: 2551 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:42, on 6.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Petras\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Petras.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: "127.0.0.1 activate.adobe.com"
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Petras\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7152 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre6\bin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default\extensions\
05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-10-06 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-05 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-06 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2010-05-25 960080]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-06-22 9292392]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-05 4085896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Petras\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-06 21:04:13 ----D---- C:\_OTM
2014-10-05 20:01:00 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2014-10-05 20:00:28 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-10-05 19:56:09 ----D---- C:\Users\Petras\AppData\Roaming\AVAST Software
2014-10-05 19:55:34 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-10-05 19:55:34 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-10-05 19:55:33 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-10-05 19:55:33 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-10-05 19:55:33 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-10-05 19:55:32 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-10-05 19:55:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-10-05 19:55:32 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-10-05 19:55:22 ----A---- C:\Windows\system32\aswBoot.exe
2014-10-05 19:55:19 ----A---- C:\Windows\avastSS.scr
2014-10-05 19:54:08 ----D---- C:\Program Files\AVAST Software
2014-10-05 19:06:42 ----A---- C:\Windows\system32\sqlite3.dll
2014-10-05 19:04:14 ----D---- C:\AdwCleaner
2014-10-05 17:42:22 ----A---- C:\Windows\system32\iesetup.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\ieui.dll
2014-10-05 17:42:18 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\msrating.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\vbscript.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\iernonce.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-05 17:42:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-05 17:42:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-05 17:42:09 ----A---- C:\Windows\system32\iertutil.dll
2014-10-05 17:42:08 ----A---- C:\Windows\system32\wininet.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\urlmon.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\jscript9.dll
2014-10-05 17:42:04 ----A---- C:\Windows\system32\mshtml.dll
2014-10-05 17:42:02 ----A---- C:\Windows\system32\ieframe.dll
2014-10-05 17:40:37 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-05 17:32:43 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-05 17:32:41 ----A---- C:\Windows\system32\icardres.dll
2014-10-05 17:32:37 ----A---- C:\Windows\system32\icardagt.exe
2014-10-05 17:32:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-05 17:14:38 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\cdd.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\kerberos.dll
2014-10-05 17:13:48 ----A---- C:\Windows\system32\win32k.sys
2014-10-05 17:13:48 ----A---- C:\Windows\system32\gdi32.dll
2014-10-05 17:13:44 ----A---- C:\Windows\system32\qdvd.dll
2014-10-05 17:13:10 ----D---- C:\rsit
2014-10-05 17:13:10 ----D---- C:\Program Files\trend micro
2014-10-05 17:13:07 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\msi.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\authui.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\msihnd.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\consent.exe
2014-10-05 17:12:59 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-05 17:12:53 ----A---- C:\Windows\system32\aepdu.dll
2014-10-05 17:12:52 ----A---- C:\Windows\system32\aeinv.dll
2014-10-05 17:09:44 ----A---- C:\Windows\system32\shell32.dll
2014-10-05 12:06:41 ----A---- C:\Windows\system32\tzres.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wups2.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wucltux.dll
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wups.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wudriver.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wuapi.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2014-10-06 21:10:17 ----D---- C:\Windows\Temp
2014-10-06 21:06:36 ----D---- C:\Windows
2014-10-06 21:06:02 ----D---- C:\Windows\Tasks
2014-10-06 21:05:49 ----D---- C:\Program Files\Microsoft
2014-10-06 21:02:11 ----D---- C:\Windows\system32\config
2014-10-06 20:58:01 ----D---- C:\Windows\system32\drivers
2014-10-05 20:01:50 ----D---- C:\Windows\inf
2014-10-05 20:01:46 ----D---- C:\Windows\system32\catroot
2014-10-05 20:01:44 ----D---- C:\Windows\system32\DriverStore
2014-10-05 20:01:31 ----SHD---- C:\System Volume Information
2014-10-05 20:01:02 ----D---- C:\Windows\system32\Tasks
2014-10-05 19:56:51 ----D---- C:\Windows\System32
2014-10-05 19:56:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-10-05 19:54:08 ----D---- C:\ProgramData\AVAST Software
2014-10-05 19:54:08 ----D---- C:\Program Files
2014-10-05 19:45:10 ----RSD---- C:\Windows\assembly
2014-10-05 19:45:10 ----D---- C:\Windows\Microsoft.NET
2014-10-05 19:16:06 ----SD---- C:\Windows\system32\Microsoft
2014-10-05 19:07:34 ----D---- C:\Program Files\Mozilla Firefox
2014-10-05 18:03:58 ----D---- C:\Windows\winsxs
2014-10-05 18:00:56 ----D---- C:\Windows\ehome
2014-10-05 18:00:55 ----D---- C:\Windows\system32\cs-CZ
2014-10-05 18:00:54 ----D---- C:\Windows\system32\en-US
2014-10-05 18:00:54 ----D---- C:\Windows\PolicyDefinitions
2014-10-05 18:00:53 ----D---- C:\Program Files\Internet Explorer
2014-10-05 18:00:47 ----SD---- C:\Windows\system32\CompatTel
2014-10-05 17:47:27 ----SHD---- C:\Windows\Installer
2014-10-05 17:47:26 ----SHD---- C:\Config.Msi
2014-10-05 17:47:26 ----D---- C:\ProgramData\Microsoft Help
2014-10-05 17:42:43 ----D---- C:\Windows\system32\catroot2
2014-10-05 17:40:22 ----D---- C:\Windows\system32\MRT
2014-10-05 17:31:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-05 17:24:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-05 12:34:59 ----RSD---- C:\Windows\Media
2014-10-05 12:34:59 ----D---- C:\Windows\system32\wfp
2014-10-05 12:34:55 ----D---- C:\Windows\system32\XPSViewer
2014-10-05 12:34:55 ----D---- C:\Windows\system32\wbem
2014-10-05 12:34:55 ----D---- C:\Windows\system32\MUI
2014-10-05 12:34:55 ----D---- C:\Windows\system32\drivers\etc
2014-10-05 12:34:55 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-05 12:34:55 ----D---- C:\Windows\servicing
2014-10-05 12:34:45 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-05 12:33:41 ----D---- C:\Windows\registration
2014-10-05 10:25:05 ----D---- C:\Program Files\Java
2014-10-05 10:21:44 ----D---- C:\Windows\Prefetch
2014-09-15 09:06:04 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-10-05 270752]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-05 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-05 192352]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-10-05 26136]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-05 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-10-05 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-05 414520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-05 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-05 67824]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-05 71944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-26 8853504]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-26 264192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-05-03 3764800]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-06-22 3117672]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2010-05-15 325672]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-01-27 183584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acroueoo;acroueoo; C:\Windows\system32\drivers\acroueoo.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys []
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys []
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandnetgps.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys []
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2011-05-03 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2011-05-03 32800]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-26 176128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-05 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-10-05 106488]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2010-05-25 325200]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-04 1343400]
S3 WMSVC;@%windir%\system32\inetsrv\iisres.dll,-20001; C:\Windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu - notebook po bráchovi

#8 Příspěvek od Rudy »

Dvouklikem na soubor C:\Program Files\trend micro\Petras.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
petiq
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 06 zář 2013 08:05

Re: Kontrola logu - notebook po bráchovi

#9 Příspěvek od petiq »

Hotovo, zasílám log z RSIT ještě. Notebook je znatelně lepší.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petras at 2014-10-06 22:29:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 367 GB (77%) free of 477 GB
Total RAM: 2551 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:29:29, on 6.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Petras\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Petras.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: "127.0.0.1 activate.adobe.com"
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Petras\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7137 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre6\bin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Users\Petras\AppData\Roaming\Mozilla\Firefox\Profiles\fzh8k191.default\extensions\
05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-10-06 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-05 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-06 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2010-05-25 960080]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-06-22 9292392]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-05 4085896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Petras\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Petras\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-06 22:29:12 ----D---- C:\rsit
2014-10-05 20:01:00 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2014-10-05 20:00:28 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-10-05 19:56:09 ----D---- C:\Users\Petras\AppData\Roaming\AVAST Software
2014-10-05 19:55:34 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-10-05 19:55:34 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-10-05 19:55:33 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-10-05 19:55:33 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-10-05 19:55:33 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-10-05 19:55:32 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-10-05 19:55:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-10-05 19:55:32 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-10-05 19:55:22 ----A---- C:\Windows\system32\aswBoot.exe
2014-10-05 19:55:19 ----A---- C:\Windows\avastSS.scr
2014-10-05 19:54:08 ----D---- C:\Program Files\AVAST Software
2014-10-05 19:06:42 ----A---- C:\Windows\system32\sqlite3.dll
2014-10-05 19:04:14 ----D---- C:\AdwCleaner
2014-10-05 17:42:22 ----A---- C:\Windows\system32\iesetup.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-05 17:42:19 ----A---- C:\Windows\system32\ieui.dll
2014-10-05 17:42:18 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\msrating.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-05 17:42:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-05 17:42:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-05 17:42:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\vbscript.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\iernonce.dll
2014-10-05 17:42:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-05 17:42:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-05 17:42:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-05 17:42:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-05 17:42:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-05 17:42:09 ----A---- C:\Windows\system32\iertutil.dll
2014-10-05 17:42:08 ----A---- C:\Windows\system32\wininet.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\urlmon.dll
2014-10-05 17:42:07 ----A---- C:\Windows\system32\jscript9.dll
2014-10-05 17:42:04 ----A---- C:\Windows\system32\mshtml.dll
2014-10-05 17:42:02 ----A---- C:\Windows\system32\ieframe.dll
2014-10-05 17:40:37 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-05 17:32:43 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-05 17:32:41 ----A---- C:\Windows\system32\icardres.dll
2014-10-05 17:32:37 ----A---- C:\Windows\system32\icardagt.exe
2014-10-05 17:32:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-05 17:14:38 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-05 17:14:37 ----A---- C:\Windows\system32\cdd.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-05 17:13:59 ----A---- C:\Windows\system32\kerberos.dll
2014-10-05 17:13:48 ----A---- C:\Windows\system32\win32k.sys
2014-10-05 17:13:48 ----A---- C:\Windows\system32\gdi32.dll
2014-10-05 17:13:44 ----A---- C:\Windows\system32\qdvd.dll
2014-10-05 17:13:10 ----D---- C:\Program Files\trend micro
2014-10-05 17:13:07 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\msi.dll
2014-10-05 17:13:05 ----A---- C:\Windows\system32\authui.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\msihnd.dll
2014-10-05 17:13:04 ----A---- C:\Windows\system32\consent.exe
2014-10-05 17:12:59 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-05 17:12:53 ----A---- C:\Windows\system32\aepdu.dll
2014-10-05 17:12:52 ----A---- C:\Windows\system32\aeinv.dll
2014-10-05 17:09:44 ----A---- C:\Windows\system32\shell32.dll
2014-10-05 12:06:41 ----A---- C:\Windows\system32\tzres.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wups2.dll
2014-10-05 10:25:10 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wucltux.dll
2014-10-05 10:25:09 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wups.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wudriver.dll
2014-10-05 10:24:55 ----A---- C:\Windows\system32\wuapi.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-05 10:24:47 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2014-10-06 22:29:16 ----D---- C:\Windows\Temp
2014-10-06 22:09:25 ----D---- C:\Windows\Microsoft.NET
2014-10-06 22:09:00 ----RSD---- C:\Windows\assembly
2014-10-06 21:06:36 ----D---- C:\Windows
2014-10-06 21:06:02 ----D---- C:\Windows\Tasks
2014-10-06 21:05:49 ----D---- C:\Program Files\Microsoft
2014-10-06 21:02:11 ----D---- C:\Windows\system32\config
2014-10-06 20:58:01 ----D---- C:\Windows\system32\drivers
2014-10-05 20:01:50 ----D---- C:\Windows\inf
2014-10-05 20:01:46 ----D---- C:\Windows\system32\catroot
2014-10-05 20:01:44 ----D---- C:\Windows\system32\DriverStore
2014-10-05 20:01:31 ----SHD---- C:\System Volume Information
2014-10-05 20:01:02 ----D---- C:\Windows\system32\Tasks
2014-10-05 19:56:51 ----D---- C:\Windows\System32
2014-10-05 19:56:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-10-05 19:54:08 ----D---- C:\ProgramData\AVAST Software
2014-10-05 19:54:08 ----D---- C:\Program Files
2014-10-05 19:16:06 ----SD---- C:\Windows\system32\Microsoft
2014-10-05 19:07:34 ----D---- C:\Program Files\Mozilla Firefox
2014-10-05 18:03:58 ----D---- C:\Windows\winsxs
2014-10-05 18:00:56 ----D---- C:\Windows\ehome
2014-10-05 18:00:55 ----D---- C:\Windows\system32\cs-CZ
2014-10-05 18:00:54 ----D---- C:\Windows\system32\en-US
2014-10-05 18:00:54 ----D---- C:\Windows\PolicyDefinitions
2014-10-05 18:00:53 ----D---- C:\Program Files\Internet Explorer
2014-10-05 18:00:47 ----SD---- C:\Windows\system32\CompatTel
2014-10-05 17:47:27 ----SHD---- C:\Windows\Installer
2014-10-05 17:47:26 ----SHD---- C:\Config.Msi
2014-10-05 17:47:26 ----D---- C:\ProgramData\Microsoft Help
2014-10-05 17:42:43 ----D---- C:\Windows\system32\catroot2
2014-10-05 17:40:22 ----D---- C:\Windows\system32\MRT
2014-10-05 17:31:07 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-05 17:24:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-05 12:34:59 ----RSD---- C:\Windows\Media
2014-10-05 12:34:59 ----D---- C:\Windows\system32\wfp
2014-10-05 12:34:55 ----D---- C:\Windows\system32\XPSViewer
2014-10-05 12:34:55 ----D---- C:\Windows\system32\wbem
2014-10-05 12:34:55 ----D---- C:\Windows\system32\MUI
2014-10-05 12:34:55 ----D---- C:\Windows\system32\drivers\etc
2014-10-05 12:34:55 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-05 12:34:55 ----D---- C:\Windows\servicing
2014-10-05 12:34:45 ----D---- C:\Program Files\Common Files\microsoft shared
2014-10-05 12:33:41 ----D---- C:\Windows\registration
2014-10-05 10:25:05 ----D---- C:\Program Files\Java
2014-10-05 10:21:44 ----D---- C:\Windows\Prefetch
2014-09-15 09:06:04 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-10-05 270752]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-05 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-05 192352]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-10-05 26136]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-05 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-10-05 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-05 414520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-05 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-05 67824]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-05 71944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-26 8853504]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-26 264192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-05-03 3764800]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-06-22 3117672]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2010-05-15 325672]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-01-27 183584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acroueoo;acroueoo; C:\Windows\system32\drivers\acroueoo.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys []
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys []
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandnetgps.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys []
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2011-05-03 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2011-05-03 32800]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-26 176128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-05 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-10-05 106488]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2010-05-25 325200]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-04 1343400]
S3 WMSVC;@%windir%\system32\inetsrv\iisres.dll,-20001; C:\Windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu - notebook po bráchovi

#10 Příspěvek od Rudy »

Smazáno. Pokud není jiný problém, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
petiq
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 06 zář 2013 08:05

Re: Kontrola logu - notebook po bráchovi

#11 Příspěvek od petiq »

Děkuji za pomoc! :thumbsup: :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu - notebook po bráchovi

#12 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“