Prosím o kontrolu, děkuji.
info.txt logfile of random's system information tool 1.09 2014-11-29 22:55:42
======Uninstall list======
-->F:\GAME JK\GTR2\Uninstall GTR_2_SK.exe
-->MsiExec /X{B455E95A-B804-439F-B533-336B1635AE97}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 15 ActiveX-->E:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_223_ActiveX.exe -maintain activex
Adobe Flash Player 15 Plugin-->E:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_223_Plugin.exe -maintain plugin
Adobe Shockwave Player 12.1-->"E:\WINDOWS\system32\Adobe\Shockwave 12\uninstaller.exe"
AIMP3-->F:\PLAY,RW,Copy JK\AIMP\AIMP3\Uninstall.exe
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ArchiCAD 12 CZE-->F:\GRAFIKA JK 2\Uninstall.AC\uninstaller.exe
ArchiCAD 8.1 CZE-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{001FFFFF-FF08-FF01-FF11-01F00F02F000}\Setup.exe"
Ashampoo Burning Studio 2012 v.10.0.15-->"E:\Program Files\Ashampoo\Ashampoo Burning Studio 2012\unins000.exe"
Ashampoo Burning Studio 6 FREE v.6.83-->"E:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
Ashampoo Burning Studio 6 FREE v.6.84-->"E:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins001.exe"
Ashampoo Magical Defrag-->"E:\Program Files\Ashampoo\Ashampoo Magical Defrag\Uninstall\0044_Uninstall.EXE"
Ashampoo Photo Commander 9 v.9.4.3-->"E:\Program Files\Ashampoo\Ashampoo Photo Commander 9\unins000.exe"
Ashampoo Slideshow Studio 2012 v.1.0.2-->"E:\Program Files\Ashampoo\Ashampoo Slideshow Studio 2012\unins000.exe"
Ashampoo Snap 5 v.5.1.5-->"E:\Program Files\Ashampoo\Ashampoo Snap 5\unins000.exe"
Avast Free Antivirus-->E:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)-->E:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u E:\WINDOWS\system32\DRVSTORE\pccsmcfd_52F0DFAA648E25523CF0EE10FEDF6AC712ED34DB\pccsmcfd.inf
Brother BRAdmin Light 1.21.0002-->E:\Program Files\InstallShield Installation Information\{DB75941E-30C4-4D97-B000-D17C764B998C}\setup.exe -runfromtemp -l0x0005 -removeonly -removeonly
Brother Driver Deployment Wizard-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{0ED38503-B69A-44B4-98BE-21BFF284A9B6}\setup.exe" -l0x5 -uninst -removeonly
Brother HL-5250DN-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{7710EC3A-8108-431B-9B8B-27BD8E44E503}\setup.exe" -l0x5 -removeonly /uninst
Brother MFL-Pro Suite MFC-6490CW-->"E:\Program Files\InstallShield Installation Information\{01B4AC8E-6D83-44B3-958D-2AFE57BE54DB}\Setup.exe" -runfromtemp -l0x0009 UNINSTALL Reg=BH9_C7 -removeonly
Call of Duty(R) - World at War(TM) 1.1 Patch-->E:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->E:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0405
CCleaner-->"F:\OCHRANA,VIRY PC JK\CClaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Command & Conquer™ Red Alert™ 3 Uprising-->MsiExec.exe /X{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}
čeština do hry T34 versus TIGER-->F:\GAME JK\T34vsTiger\Uninstal.exe
DVDFab 9.0.1.6 (14/12/2012) Qt-->"F:\PLAY,RW,Copy JK\DVDFab 9\unins000.exe"
EAX Unified-->E:\WINDOWS\IsUninst.exe -f"E:\Program Files\Creative\EAX Unified\Uninst.isu"
erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564}
EVEREST Ultimate Edition v5.30-->"E:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Foxit Reader-->"E:\Program Files\Foxit Software\Foxit Reader\unins001.exe"
Free Download Manager 3.9.2-->"F:\FILM JK\Free Download Manager\unins000.exe"
Free DWG Viewer 7.1-->"E:\Program Files\InstallShield Installation Information\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}\setup.exe" -runfromtemp -l0x0409 -removeonly
Google Chrome-->"E:\Program Files\Google\Chrome\Application\38.0.2125.111\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GTR 2 1.0.0.0-->"F:\GAME JK\GTR2\Support\unins000.exe"
IL-2 Sturmovik 1946-->E:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{758AF648-0B6C-4593-BDF1-9BF4CB50A359} /l1029
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java 7 Update 71-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217071FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
KalkulacniProgram-->MsiExec.exe /I{AC853A11-2047-4AAE-9EF1-9084C5B35926}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
K-Lite Codec Pack 7.1.0 (Full)-->"F:\PLAY,RW,Copy JK\K-Lite Codec Pack\unins000.exe"
Liberta-->E:\Program Files\InstallShield Installation Information\{1EE5DCB1-E25C-44CB-8B32-EB063ED8EF73}\setup.exe -runfromtemp -l0x0005 -removeonly
Logitech SetPoint-->"E:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l1033 -removeonly
Longhorn Transformation Pack 10.5-->E:\WINDOWS\System32\LHTrans\lhmc.exe
Media Player Classic - Home Cinema v1.4.2499.0-->"F:\PLAY,RW,Copy JK\K-Lite Codec Pack\Media Player Classic\unins000.exe"
Microsoft .NET Framework 2.0-->E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 4 Client Profile-->E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"E:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"E:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.9-->"E:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Mozilla Firefox 33.1.1 (x86 cs)-->"E:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"E:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{29373274-977E-413C-A4DE-DC0F8E80C429}
Nokia Suite-->E:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}\Installer.exe
Nokia Suite-->MsiExec.exe /X{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}
Ňŕíęč Âňîđîé Ěčđîâîé: Ň-34 ďđîňčâ Ňčăđŕ-->"F:\GAME JK\T34vsTiger\unins000.exe"
NVIDIA Drivers-->E:\WINDOWS\system32\nvuide.exe UninstallGUI
NVIDIA GeForce Experience 2.1.3-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA nView 141.33-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NView
NVIDIA Ovladač HD audia 1.3.32.1-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 344.48-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{B455E95A-B804-439F-B533-336B1635AE97}
NVIDIA Systémový software PhysX 9.14.0702-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
OpenAL-->"E:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice 4.0.1-->MsiExec.exe /I{220C463A-2890-4C7F-B97C-C49FE175B849}
PaperPort Image Printer-->MsiExec.exe /X{2BC2781A-F7F6-452E-95EB-018A522F1B2C}
PC Connectivity Solution-->MsiExec.exe /I{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}
PDF24 Creator 6.7.0-->"E:\Program Files\PDF24\unins001.exe"
PDFCreator-->E:\Program Files\PDFCreator\unins000.exe
PowerDVD-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
ProFact 3.0 Free-->"F:\ATELIER JK\Vyůčtování\ProFact 3.0 Free\unins000.exe"
PROFIT 2013.06-->"F:\ATELIER JK\Vyůčtování\PROFIT\unins000.exe"
Projekty 1.1-->"F:\ATELIER JK\Návrh Cen PD\Verlag Dashöfer s.r.o\unins000.exe"
QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
Realtek AC'97 Audio-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x5 -removeonly
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
ScanSoft PaperPort 11-->MsiExec.exe /I{7A8FF745-BBC5-482B-88E4-18D3178249A9}
Seznam Pošťák (Všichni uživatelé tohoto počítače.)-->"E:\Program Files\Seznam.cz\postak-uninstall.exe" /AllUsers
Silvercrest MTS2218 driver-->E:\Program Files\InstallShield Installation Information\{2F2B569E-2024-48B8-867B-DB1BF2338F38}\setup.exe -runfromtemp -l0x0405
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 6.21-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Software Informer 1.0 BETA-->"E:\Program Files\Software Informer\unins000.exe"
'Steel Fury - Kharkov 1942'-->"F:\GAME JK\Steel Fury - Kharkov 1942\unins000.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
TechCON OSMA (4.1B)-->MsiExec.exe /I{7B8ECA2E-D769-48A6-8A90-4C3CA47D5953}
WIBU-KEY Setup (WIBU-KEY Remove)-->E:\Program Files\WIBUKEY\Setup\Setup32.exe /R:{00060000-0000-1004-8002-0000C06B5161}
Winamp-->"F:\PLAY,RW,Copy JK\Winamp\UninstWA.exe"
Windows Media Format 11 runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR 5.11 (32-bit)-->F:\PROGRAMY JK\WinRAR\uninstall.exe
X3 Terran Conflict v2.5-->"F:\GAME JK\X3 Terran Conflict\uninst\unins000.exe"
======Security center information======
AV: avast! Antivirus
======System event log======
Computer Name: JAKUB
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér TP-LINK...Adapter - Packet Scheduler Miniport byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.
Record Number: 80518
Source Name: Tcpip
Time Written: 20141107181717.000000+060
Event Type: Informace
User:
Computer Name: JAKUB
Event Code: 2
Message: Device identified.
Record Number: 80517
Source Name: nvata
Time Written: 20141107181717.000000+060
Event Type: Informace
User:
Computer Name: JAKUB
Event Code: 2
Message: Device identified.
Record Number: 80516
Source Name: nvata
Time Written: 20141107181717.000000+060
Event Type: Informace
User:
Computer Name: JAKUB
Event Code: 7036
Message: Stav služby Služba brány aplikačního rozhraní byl změněn na: Spuštěno
Record Number: 80515
Source Name: Service Control Manager
Time Written: 20141107181717.000000+060
Event Type: Informace
User:
Computer Name: JAKUB
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba brány aplikačního rozhraní úspěšně odeslán.
Record Number: 80514
Source Name: Service Control Manager
Time Written: 20141107181717.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: JAKUB
Event Code: 1001
Message: Během požadavku na součást {D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9} došlo při rozpoznávání produktu {7B8ECA2E-D769-48A6-8A90-4C3CA47D5953}, funkce AlwaysInstall k chybě.
Record Number: 14454
Source Name: MsiInstaller
Time Written: 20140821204919.000000+120
Event Type: Upozornění
User: JAKUB\jacubcuba
Computer Name: JAKUB
Event Code: 1004
Message: Při rozpoznávání produktu {7B8ECA2E-D769-48A6-8A90-4C3CA47D5953}, funkce AlwaysInstall a součásti {5CC2D105-DDDD-4EC4-8B74-750194E57B99} došlo k chybě. Prostředek HKEY_CURRENT_USER\Software\InstallShield\UpdateService\ neexistuje.
Record Number: 14453
Source Name: MsiInstaller
Time Written: 20140821204919.000000+120
Event Type: Upozornění
User: JAKUB\jacubcuba
Computer Name: JAKUB
Event Code: 1001
Message: Během požadavku na součást {D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9} došlo při rozpoznávání produktu {7B8ECA2E-D769-48A6-8A90-4C3CA47D5953}, funkce AlwaysInstall k chybě.
Record Number: 14452
Source Name: MsiInstaller
Time Written: 20140821204913.000000+120
Event Type: Upozornění
User: JAKUB\jacubcuba
Computer Name: JAKUB
Event Code: 1004
Message: Při rozpoznávání produktu {7B8ECA2E-D769-48A6-8A90-4C3CA47D5953}, funkce AlwaysInstall a součásti {5CC2D105-DDDD-4EC4-8B74-750194E57B99} došlo k chybě. Prostředek HKEY_CURRENT_USER\Software\InstallShield\UpdateService\ neexistuje.
Record Number: 14451
Source Name: MsiInstaller
Time Written: 20140821204913.000000+120
Event Type: Upozornění
User: JAKUB\jacubcuba
Computer Name: JAKUB
Event Code: 1001
Message: Během požadavku na součást {D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9} došlo při rozpoznávání produktu {7B8ECA2E-D769-48A6-8A90-4C3CA47D5953}, funkce AlwaysInstall k chybě.
Record Number: 14450
Source Name: MsiInstaller
Time Written: 20140821204912.000000+120
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=E:\Program Files\NVIDIA Corporation\PhysX\Common;E:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;E:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"QTJAVA"=E:\Program Files\Java\jre7\lib\ext\QTJava.zip
"CLASSPATH"=.;E:\Program Files\Java\jre7\lib\ext\QTJava.zip
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu na podezřelé formáty
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
JaCub
- Vzorný návštěvník
- Příspěvky: 51
- Registrován: 09 kvě 2007 12:07
- Bydliště: +27° 59' 11.80", +86° 55' 16.92"
Prosím o kontrolu na podezřelé formáty
Moudří plodí nové myšlenky a blázni je rozšiřují.
Re: Prosím o kontrolu na podezřelé formáty
Dobry vecer 
Info.txt mi toho moc nerekne, takze poprosim o log.txt (mate ho na plose nebo v C:\rsit\ ). Mohl byste vice rozvest problematiku podezrelych formatu? 
Info.txt mi toho moc nerekne, takze poprosim o log.txt (mate ho na plose nebo v C:\rsit\ ). Mohl byste vice rozvest problematiku podezrelych formatu? Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
JaCub
- Vzorný návštěvník
- Příspěvky: 51
- Registrován: 09 kvě 2007 12:07
- Bydliště: +27° 59' 11.80", +86° 55' 16.92"
Re: Prosím o kontrolu na podezřelé formáty
jé, pardon......
Logfile of random's system information tool 1.09 (written by random/random)
Run by jacubcuba at 2014-11-29 22:55:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 42 GB (73%) free of 57 GB
Total RAM: 2047 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:39, on 29.11.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\AVAST Software\Avast\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe
E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
E:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\Silvercrest MTS2218 driver\KMConfig.exe
E:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\defragActivityMonitor.exe
E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Silvercrest MTS2218 driver\KMProcess.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\System32\wbem\unsecapp.exe
E:\Program Files\Seznam.cz\postak.exe
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
E:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
E:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
E:\Program Files\Mozilla Firefox\firefox.exe
F:\OCHRANA,VIRY PC JK\RSIT\RSIT.exe
E:\Program Files\trend micro\jacubcuba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KMCONFIG] E:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [ISUSScheduler] "E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ISUSPM Startup] E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [NvBackend] "E:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] E:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Seznam Postak] "E:\Program Files\Seznam.cz\postak.exe" -s
O4 - Global Startup: Ashampoo Magical Defrag.lnk = E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Status Monitor.lnk = E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://F:\FILM JK\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://F:\FILM JK\Free Download Manager\dlselected.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: AshampooDefragService - - E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - E:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 6107 bytes
======Scheduled tasks folder======
E:\WINDOWS\tasks\avast! Emergency Update.job
=========Mozilla firefox=========
ProfilePath - E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"wrc@avast.com"=E:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=E:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=E:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=E:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=E:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=E:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
E:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
E:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default\extensions\
cs@dictionaries.addons.mozilla.org
CuteButtonsCrystalSVG@ChoGGi
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}(2)
{0545b830-f0aa-4d7e-8820-50a4629a56fe}
{1018e4d6-728f-4b20-ad56-37578a4de76b}(2)
{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(2)
{d37dc5d0-431d-44e5-8c91-49419370caa1}
E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default\searchplugins\
amazonde-wh.xml
atlas-hledn.xml
atlas-mapy.xml
csfd.xml
cz-downloadchipeu.xml
ebay-durchsuchen.xml
google-play.xml
googletranslate.xml
idealode.xml
imdb-1.xml
imdb.xml
imdbcom.xml
mapycz.xml
search-firefox-addons.xml
seznam-avast.xml
sfd.xml
stahujcz.xml
thepiratebayorg.xml
tipmotocom---dly.xml
yahoo-movies.xml
youtube.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]
"Kernel and Hardware Abstraction Layer"=E:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"KMCONFIG"=E:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe [2008-05-30 212992]
"ISUSScheduler"=E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"AvastUI.exe"=E:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-21 5226600]
"ISUSPM Startup"=E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-14 221184]
"NvBackend"=E:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2462536]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2014-10-16 15729864]
"nwiz"=E:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2014-10-16 2593056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Seznam Postak"=E:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-02-19 1089536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
E:\Program Files\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
E:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
E:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
E:\Program Files\PDF24\pdf24.exe [2014-07-04 191528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
E:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
E:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weto Bulletin]
E:\Weto\Liberta\Program\Weto_Bulletin.exe [2013-04-02 118784]
E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Ashampoo Magical Defrag.lnk - E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
Logitech SetPoint.lnk - E:\Program Files\Logitech\SetPoint\SetPoint.exe
Microsoft Office.lnk - E:\Program Files\Microsoft Office\Office10\OSA.EXE
Status Monitor.lnk - E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
e:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe"="E:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe:*:Enabled:BRAdmin Light"
"F:\PLAY,RW,Copy JK\Winamp\winamp.exe"="F:\PLAY,RW,Copy JK\Winamp\winamp.exe:*:Enabled:Winamp"
"F:\GRAFIKA JK 2\ArchiCAD.exe"="F:\GRAFIKA JK 2\ArchiCAD.exe:*:Enabled:ArchiCAD 12.0.0 Component"
"F:\GAME JK\Activision\Call of Duty - World at War\CoDWaW.exe"="F:\GAME JK\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"F:\GAME JK\Activision\Call of Duty - World at War\CoDWaWmp.exe"="F:\GAME JK\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"F:\GAME JK\Stronghold 3 Gold Edition\Stronghold 3\bin\win32_release\Stronghold3.exe"="F:\GAME JK\Stronghold 3 Gold Edition\Stronghold 3\bin\win32_release\Stronghold3.exe:*:Enabled:Stronghold3"
"E:\Program Files\Google\Chrome\Application\chrome.exe"="E:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"F:\FILM JK\Free Download Manager\fdmwi.exe"="F:\FILM JK\Free Download Manager\fdmwi.exe:*:Enabled:fdmwi"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Documents and Settings\jacubcuba\Data aplikací\uTorrent\uTorrent.exe"="E:\Documents and Settings\jacubcuba\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:μTorrent"
"E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=E:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=E:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======List of files/folders created in the last 1 month======
2014-11-29 22:55:34 ----D---- E:\rsit
2014-11-21 12:49:46 ----A---- E:\WINDOWS\system32\aswBoot.exe
2014-11-21 12:49:42 ----A---- E:\WINDOWS\avastSS.scr
2014-11-15 09:06:58 ----D---- E:\Program Files\Mozilla Firefox
2014-11-10 09:08:13 ----D---- E:\WINDOWS\system32\Adobe
2014-11-08 11:06:58 ----A---- E:\WINDOWS\system32\javaws.exe
2014-11-08 11:06:44 ----A---- E:\WINDOWS\system32\WindowsAccessBridge.dll
2014-11-08 11:06:43 ----A---- E:\WINDOWS\system32\javaw.exe
2014-11-08 11:06:43 ----A---- E:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 month======
2014-11-29 22:55:39 ----D---- E:\Program Files\trend micro
2014-11-29 22:35:35 ----D---- E:\WINDOWS\Prefetch
2014-11-29 22:27:28 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\uTorrent
2014-11-29 22:27:24 ----D---- E:\WINDOWS\Temp
2014-11-29 22:27:23 ----D---- E:\WINDOWS
2014-11-29 22:22:44 ----N---- E:\WINDOWS\SchedLgU.Txt
2014-11-29 22:21:23 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Media Player Classic
2014-11-29 22:21:23 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Free Download Manager
2014-11-28 19:56:59 ----A---- E:\WINDOWS\Brownie.ini
2014-11-28 18:46:28 ----D---- E:\WINDOWS\system32
2014-11-28 18:46:13 ----A---- E:\WINDOWS\BRWMARK.INI
2014-11-25 17:35:58 ----SHD---- E:\System Volume Information
2014-11-25 17:35:58 ----D---- E:\WINDOWS\system32\Restore
2014-11-22 17:15:50 ----SHD---- E:\WINDOWS\CSC
2014-11-22 17:15:49 ----SD---- E:\WINDOWS\Tasks
2014-11-22 16:02:02 ----D---- E:\Program Files
2014-11-22 16:02:01 ----D---- E:\WINDOWS\system32\drivers
2014-11-21 18:35:04 ----D---- E:\WINDOWS\l2schemas
2014-11-21 17:13:58 ----HDC---- E:\WINDOWS\$NtUninstallKB926239$
2014-11-19 08:53:25 ----D---- E:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-11-18 09:31:34 ----D---- E:\Program Files\Messenger
2014-11-17 11:26:27 ----SHD---- E:\WINDOWS\Installer
2014-11-15 09:08:00 ----D---- E:\Program Files\Mozilla Maintenance Service
2014-11-12 10:08:11 ----A---- E:\WINDOWS\system32\FlashPlayerApp.exe
2014-11-11 20:08:53 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Skype
2014-11-10 20:47:13 ----D---- E:\Documents and Settings\All Users\Data aplikací\Skype
2014-11-10 09:10:33 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Adobe
2014-11-10 09:10:32 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Macromedia
2014-11-10 09:10:16 ----D---- E:\WINDOWS\system32\Macromed
2014-11-10 09:08:25 ----D---- E:\WINDOWS\WinSxS
2014-11-08 11:07:07 ----D---- E:\Program Files\Common Files\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; E:\WINDOWS\system32\drivers\aswRvrt.sys [2014-11-21 49944]
R0 aswVmm;avast! VM Monitor; E:\WINDOWS\system32\drivers\aswVmm.sys [2014-11-21 206248]
R0 nvata;nvata; E:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; E:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; E:\WINDOWS\System32\drivers\prohlp02.sys [2003-10-10 62720]
R0 prosync1;StarForce Protection Synchronization Driver v1; E:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; E:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); E:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; E:\WINDOWS\System32\drivers\sfhlp01.sys [2003-09-06 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); E:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); E:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2012-07-20 428088]
R1 AmdK8;AMD Processor Driver; E:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 AswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2014-11-21 55240]
R1 aswSnx;aswSnx; E:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-22 787800]
R1 aswSP;aswSP; E:\WINDOWS\system32\drivers\aswSP.sys [2014-11-21 423784]
R1 aswTdi;aswTdi; E:\WINDOWS\system32\drivers\aswTdi.sys [2014-11-21 57928]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; E:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R2 aswHwid;avast! HardwareID; E:\WINDOWS\system32\drivers\aswHwid.sys [2014-11-21 24184]
R2 aswMonFlt;aswMonFlt; E:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-11-21 70384]
R2 BrPar;BrPar; E:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 LBeepKE;LBeepKE; E:\WINDOWS\System32\Drivers\LBeepKE.sys [2009-06-17 10384]
R2 WIBUKEY;WIBU-KEY Kernel Driver; E:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056]
R3 AR5211;TP-LINK Wireless Network Adapter Service; E:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-03-27 543712]
R3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BrScnUsb;Brother USB Still Image driver; E:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
R3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; E:\WINDOWS\System32\Drivers\BrSerIf.sys [2006-12-12 52224]
R3 BrUsbSer;Brother MFC USB Serial WDM Driver; E:\WINDOWS\System32\Drivers\BrUsbSer.sys [2006-09-03 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; E:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; E:\WINDOWS\System32\Drivers\LHidEqd.Sys [2009-06-17 10384]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; E:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; E:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; E:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; E:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2014-10-16 13010256]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; E:\WINDOWS\system32\drivers\nvhda32.sys [2014-07-21 129184]
R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; E:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; E:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 awUSB;awUSB; E:\WINDOWS\system32\DRIVERS\USBDrv.sys [2012-04-13 13824]
S3 axx5s9zc;axx5s9zc; E:\WINDOWS\system32\drivers\axx5s9zc.sys []
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 GVCplDrv;GVCplDrv; E:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 KMWDFilter;KMWDFilter; \??\E:\WINDOWS\System32\Drivers\KMWDFilter.SYS []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; E:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; E:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 ZSMC301b;WEBSHOT II USB CAM 300K; E:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-01-15 90534]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AshampooDefragService;AshampooDefragService; E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe [2007-02-23 1687856]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-21 50344]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; E:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe [2008-05-30 208896]
R2 NvNetworkService;NVIDIA Network Service; E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1795912]
R2 NVSvc;NVIDIA Driver Helper Service; E:\WINDOWS\system32\nvsvc32.exe [2014-10-16 154824]
R2 StarWindServiceAE;StarWind AE Service; E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 LBTServ;Logitech Bluetooth Service; E:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-15 114288]
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 MDM;Machine Debug Manager; E:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Dělal jsem si kontrolu z HijackThis na www.hijackthis.cz a jde mi hlavně o tyto položky:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668 - Neznámý
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms} - Špatný
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668 - Neznámý
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668 - Neznámý
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms} - Špatný
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668 - neznámý
O4 - HKLM\..\Run: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui - Špatný (To vypadá, že jméno programu je stejné jako jméno souboru (file). V mnoha prípadech se jedná o vir trojský kun. Pro jistotu, zkontroluj.)
Jinak snad jiný problém nemám.
Logfile of random's system information tool 1.09 (written by random/random)
Run by jacubcuba at 2014-11-29 22:55:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 42 GB (73%) free of 57 GB
Total RAM: 2047 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:39, on 29.11.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\AVAST Software\Avast\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe
E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
E:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\Silvercrest MTS2218 driver\KMConfig.exe
E:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\defragActivityMonitor.exe
E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Silvercrest MTS2218 driver\KMProcess.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\System32\wbem\unsecapp.exe
E:\Program Files\Seznam.cz\postak.exe
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
E:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
E:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
E:\Program Files\Mozilla Firefox\firefox.exe
F:\OCHRANA,VIRY PC JK\RSIT\RSIT.exe
E:\Program Files\trend micro\jacubcuba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KMCONFIG] E:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [ISUSScheduler] "E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ISUSPM Startup] E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [NvBackend] "E:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] E:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Seznam Postak] "E:\Program Files\Seznam.cz\postak.exe" -s
O4 - Global Startup: Ashampoo Magical Defrag.lnk = E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Status Monitor.lnk = E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://F:\FILM JK\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://F:\FILM JK\Free Download Manager\dlselected.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: AshampooDefragService - - E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - E:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 6107 bytes
======Scheduled tasks folder======
E:\WINDOWS\tasks\avast! Emergency Update.job
=========Mozilla firefox=========
ProfilePath - E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"wrc@avast.com"=E:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=E:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=E:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=E:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=E:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=E:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
E:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
E:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default\extensions\
cs@dictionaries.addons.mozilla.org
CuteButtonsCrystalSVG@ChoGGi
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}(2)
{0545b830-f0aa-4d7e-8820-50a4629a56fe}
{1018e4d6-728f-4b20-ad56-37578a4de76b}(2)
{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(2)
{d37dc5d0-431d-44e5-8c91-49419370caa1}
E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default\searchplugins\
amazonde-wh.xml
atlas-hledn.xml
atlas-mapy.xml
csfd.xml
cz-downloadchipeu.xml
ebay-durchsuchen.xml
google-play.xml
googletranslate.xml
idealode.xml
imdb-1.xml
imdb.xml
imdbcom.xml
mapycz.xml
search-firefox-addons.xml
seznam-avast.xml
sfd.xml
stahujcz.xml
thepiratebayorg.xml
tipmotocom---dly.xml
yahoo-movies.xml
youtube.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]
"Kernel and Hardware Abstraction Layer"=E:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"KMCONFIG"=E:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe [2008-05-30 212992]
"ISUSScheduler"=E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"AvastUI.exe"=E:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-21 5226600]
"ISUSPM Startup"=E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-14 221184]
"NvBackend"=E:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2462536]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2014-10-16 15729864]
"nwiz"=E:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2014-10-16 2593056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Seznam Postak"=E:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-02-19 1089536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
E:\Program Files\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
E:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
E:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
E:\Program Files\PDF24\pdf24.exe [2014-07-04 191528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
E:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
E:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weto Bulletin]
E:\Weto\Liberta\Program\Weto_Bulletin.exe [2013-04-02 118784]
E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Ashampoo Magical Defrag.lnk - E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
Logitech SetPoint.lnk - E:\Program Files\Logitech\SetPoint\SetPoint.exe
Microsoft Office.lnk - E:\Program Files\Microsoft Office\Office10\OSA.EXE
Status Monitor.lnk - E:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
e:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe"="E:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe:*:Enabled:BRAdmin Light"
"F:\PLAY,RW,Copy JK\Winamp\winamp.exe"="F:\PLAY,RW,Copy JK\Winamp\winamp.exe:*:Enabled:Winamp"
"F:\GRAFIKA JK 2\ArchiCAD.exe"="F:\GRAFIKA JK 2\ArchiCAD.exe:*:Enabled:ArchiCAD 12.0.0 Component"
"F:\GAME JK\Activision\Call of Duty - World at War\CoDWaW.exe"="F:\GAME JK\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"F:\GAME JK\Activision\Call of Duty - World at War\CoDWaWmp.exe"="F:\GAME JK\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"F:\GAME JK\Stronghold 3 Gold Edition\Stronghold 3\bin\win32_release\Stronghold3.exe"="F:\GAME JK\Stronghold 3 Gold Edition\Stronghold 3\bin\win32_release\Stronghold3.exe:*:Enabled:Stronghold3"
"E:\Program Files\Google\Chrome\Application\chrome.exe"="E:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"F:\FILM JK\Free Download Manager\fdmwi.exe"="F:\FILM JK\Free Download Manager\fdmwi.exe:*:Enabled:fdmwi"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Documents and Settings\jacubcuba\Data aplikací\uTorrent\uTorrent.exe"="E:\Documents and Settings\jacubcuba\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:μTorrent"
"E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=E:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=E:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======List of files/folders created in the last 1 month======
2014-11-29 22:55:34 ----D---- E:\rsit
2014-11-21 12:49:46 ----A---- E:\WINDOWS\system32\aswBoot.exe
2014-11-21 12:49:42 ----A---- E:\WINDOWS\avastSS.scr
2014-11-15 09:06:58 ----D---- E:\Program Files\Mozilla Firefox
2014-11-10 09:08:13 ----D---- E:\WINDOWS\system32\Adobe
2014-11-08 11:06:58 ----A---- E:\WINDOWS\system32\javaws.exe
2014-11-08 11:06:44 ----A---- E:\WINDOWS\system32\WindowsAccessBridge.dll
2014-11-08 11:06:43 ----A---- E:\WINDOWS\system32\javaw.exe
2014-11-08 11:06:43 ----A---- E:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 month======
2014-11-29 22:55:39 ----D---- E:\Program Files\trend micro
2014-11-29 22:35:35 ----D---- E:\WINDOWS\Prefetch
2014-11-29 22:27:28 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\uTorrent
2014-11-29 22:27:24 ----D---- E:\WINDOWS\Temp
2014-11-29 22:27:23 ----D---- E:\WINDOWS
2014-11-29 22:22:44 ----N---- E:\WINDOWS\SchedLgU.Txt
2014-11-29 22:21:23 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Media Player Classic
2014-11-29 22:21:23 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Free Download Manager
2014-11-28 19:56:59 ----A---- E:\WINDOWS\Brownie.ini
2014-11-28 18:46:28 ----D---- E:\WINDOWS\system32
2014-11-28 18:46:13 ----A---- E:\WINDOWS\BRWMARK.INI
2014-11-25 17:35:58 ----SHD---- E:\System Volume Information
2014-11-25 17:35:58 ----D---- E:\WINDOWS\system32\Restore
2014-11-22 17:15:50 ----SHD---- E:\WINDOWS\CSC
2014-11-22 17:15:49 ----SD---- E:\WINDOWS\Tasks
2014-11-22 16:02:02 ----D---- E:\Program Files
2014-11-22 16:02:01 ----D---- E:\WINDOWS\system32\drivers
2014-11-21 18:35:04 ----D---- E:\WINDOWS\l2schemas
2014-11-21 17:13:58 ----HDC---- E:\WINDOWS\$NtUninstallKB926239$
2014-11-19 08:53:25 ----D---- E:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-11-18 09:31:34 ----D---- E:\Program Files\Messenger
2014-11-17 11:26:27 ----SHD---- E:\WINDOWS\Installer
2014-11-15 09:08:00 ----D---- E:\Program Files\Mozilla Maintenance Service
2014-11-12 10:08:11 ----A---- E:\WINDOWS\system32\FlashPlayerApp.exe
2014-11-11 20:08:53 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Skype
2014-11-10 20:47:13 ----D---- E:\Documents and Settings\All Users\Data aplikací\Skype
2014-11-10 09:10:33 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Adobe
2014-11-10 09:10:32 ----D---- E:\Documents and Settings\jacubcuba\Data aplikací\Macromedia
2014-11-10 09:10:16 ----D---- E:\WINDOWS\system32\Macromed
2014-11-10 09:08:25 ----D---- E:\WINDOWS\WinSxS
2014-11-08 11:07:07 ----D---- E:\Program Files\Common Files\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; E:\WINDOWS\system32\drivers\aswRvrt.sys [2014-11-21 49944]
R0 aswVmm;avast! VM Monitor; E:\WINDOWS\system32\drivers\aswVmm.sys [2014-11-21 206248]
R0 nvata;nvata; E:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; E:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; E:\WINDOWS\System32\drivers\prohlp02.sys [2003-10-10 62720]
R0 prosync1;StarForce Protection Synchronization Driver v1; E:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; E:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); E:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; E:\WINDOWS\System32\drivers\sfhlp01.sys [2003-09-06 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); E:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); E:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2012-07-20 428088]
R1 AmdK8;AMD Processor Driver; E:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 AswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2014-11-21 55240]
R1 aswSnx;aswSnx; E:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-22 787800]
R1 aswSP;aswSP; E:\WINDOWS\system32\drivers\aswSP.sys [2014-11-21 423784]
R1 aswTdi;aswTdi; E:\WINDOWS\system32\drivers\aswTdi.sys [2014-11-21 57928]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; E:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R2 aswHwid;avast! HardwareID; E:\WINDOWS\system32\drivers\aswHwid.sys [2014-11-21 24184]
R2 aswMonFlt;aswMonFlt; E:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-11-21 70384]
R2 BrPar;BrPar; E:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 LBeepKE;LBeepKE; E:\WINDOWS\System32\Drivers\LBeepKE.sys [2009-06-17 10384]
R2 WIBUKEY;WIBU-KEY Kernel Driver; E:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056]
R3 AR5211;TP-LINK Wireless Network Adapter Service; E:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-03-27 543712]
R3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BrScnUsb;Brother USB Still Image driver; E:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
R3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; E:\WINDOWS\System32\Drivers\BrSerIf.sys [2006-12-12 52224]
R3 BrUsbSer;Brother MFC USB Serial WDM Driver; E:\WINDOWS\System32\Drivers\BrUsbSer.sys [2006-09-03 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; E:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; E:\WINDOWS\System32\Drivers\LHidEqd.Sys [2009-06-17 10384]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; E:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; E:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; E:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; E:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2014-10-16 13010256]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; E:\WINDOWS\system32\drivers\nvhda32.sys [2014-07-21 129184]
R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; E:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; E:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 awUSB;awUSB; E:\WINDOWS\system32\DRIVERS\USBDrv.sys [2012-04-13 13824]
S3 axx5s9zc;axx5s9zc; E:\WINDOWS\system32\drivers\axx5s9zc.sys []
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 GVCplDrv;GVCplDrv; E:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 KMWDFilter;KMWDFilter; \??\E:\WINDOWS\System32\Drivers\KMWDFilter.SYS []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; E:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; E:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 ZSMC301b;WEBSHOT II USB CAM 300K; E:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-01-15 90534]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AshampooDefragService;AshampooDefragService; E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe [2007-02-23 1687856]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-21 50344]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; E:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe [2008-05-30 208896]
R2 NvNetworkService;NVIDIA Network Service; E:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1795912]
R2 NVSvc;NVIDIA Driver Helper Service; E:\WINDOWS\system32\nvsvc32.exe [2014-10-16 154824]
R2 StarWindServiceAE;StarWind AE Service; E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 LBTServ;Logitech Bluetooth Service; E:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-15 114288]
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 MDM;Machine Debug Manager; E:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Dělal jsem si kontrolu z HijackThis na www.hijackthis.cz a jde mi hlavně o tyto položky:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668 - Neznámý
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms} - Špatný
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668 - Neznámý
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668 - Neznámý
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms} - Špatný
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668 - neznámý
O4 - HKLM\..\Run: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui - Špatný (To vypadá, že jméno programu je stejné jako jméno souboru (file). V mnoha prípadech se jedná o vir trojský kun. Pro jistotu, zkontroluj.)
Jinak snad jiný problém nemám.
Moudří plodí nové myšlenky a blázni je rozšiřují.
Re: Prosím o kontrolu na podezřelé formáty
Polozky R0 a R1 jsou dilem Seznam Softwaru (Postak, Listicka atd.), ktery se da zaradit do kategorie AdWaru... pokud nepouzivate, odinstalujte jej. Polozka avastu! je zcela v poradku (avast vypada radne nainstalovany se vsemi jeho soucastmi). Doinstalujte Internet Explorer 8 a vsechny ostatni dulezite MS aktualizace. Drobne smeti se najde, takze poradne zameteme (soucasti bude vymaz obsahu docasnych adresaru a kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
JaCub
- Vzorný návštěvník
- Příspěvky: 51
- Registrován: 09 kvě 2007 12:07
- Bydliště: +27° 59' 11.80", +86° 55' 16.92"
Re: Prosím o kontrolu na podezřelé formáty
# AdwCleaner v4.102 - Report created 02/12/2014 at 09:02:13
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : jacubcuba - JAKUB
# Running from : E:\Documents and Settings\jacubcuba\Plocha\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default\Extensions\searchy@searchy.xpi
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
-\\ Mozilla Firefox v33.1.1 (x86 cs)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R1].txt - [950 octets] - [02/12/2014 08:51:51]
AdwCleaner[R2].txt - [1009 octets] - [02/12/2014 08:59:26]
AdwCleaner[S1].txt - [938 octets] - [02/12/2014 09:02:13]
########## EOF - E:\AdwCleaner\AdwCleaner[S1].txt - [997 octets] ##########
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : jacubcuba - JAKUB
# Running from : E:\Documents and Settings\jacubcuba\Plocha\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : E:\Documents and Settings\jacubcuba\Data aplikací\Mozilla\Firefox\Profiles\rz6s5h9r.default\Extensions\searchy@searchy.xpi
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
-\\ Mozilla Firefox v33.1.1 (x86 cs)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R1].txt - [950 octets] - [02/12/2014 08:51:51]
AdwCleaner[R2].txt - [1009 octets] - [02/12/2014 08:59:26]
AdwCleaner[S1].txt - [938 octets] - [02/12/2014 09:02:13]
########## EOF - E:\AdwCleaner\AdwCleaner[S1].txt - [997 octets] ##########
Moudří plodí nové myšlenky a blázni je rozšiřují.
Re: Prosím o kontrolu na podezřelé formáty
Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?