Samvolné otvírání tabů v IE

Zpráva

McHolta · #1 Příspěvek od **McHolta** » 19 srp 2010 12:48

Zdravím,
Bohužel pomoc uživateli dělám vzdáleně tak informace o problému budou strohé. Co jsem se dozvěděl tak se jim tam nainstaloval (prý samovolně) nějaký program Registry reviewer (nějak podobně) a ukázal, že PC je v hrozném stavu. Pak se objevila hláška o koupi. Od té doby se objevuje hláška s chybou a na ní se navalí dalších 30 stejných chybových hlášek (po zavření jedné se otevře nová). Vše způsobuje proces sonet.exe, kdy po jeho sestřelení zmizí hlášky. Přikládám log.

Předem děkuji za radu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lenka at 2010-08-20 13:34:46
Microsoft Windows 7 Ultimate
System drive C: has 44 GB (29%) free of 153 GB
Total RAM: 2047 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:35:16, on 20.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\CyberLink\Shared Files\brs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\RTHDCPL.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Monotea\SoNet\sonet.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Lenka\Desktop\RSIT.exe
C:\Program Files\trend micro\Lenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [Monotea SoNet for Facebook] C:\Program Files\Monotea\SoNet\sonet.exe -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 7963 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Registry Reviver-Lenka-Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-04-15 1375624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{D4027C7F-154A-4066-A1AD-4243D8127440} - CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-04-15 1375624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-10-07 75048]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-12-19 16062464]
"SkyTel"=C:\Windows\SkyTel.EXE [2006-05-17 2879488]
"Alcmtr"=C:\Windows\ALCMTR.EXE [2005-05-04 69632]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"VMonitorVMUVC"=C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe [2008-08-29 143360]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-10-19 286720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]
"Monotea SoNet for Facebook"=C:\Program Files\Monotea\SoNet\sonet.exe [2009-11-15 31232]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-08-09 133432]

C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-20 13:34:47 ----D---- C:\Program Files\trend micro
2010-08-20 13:34:46 ----D---- C:\rsit
2010-08-12 07:33:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-12 07:32:59 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-12 07:32:59 ----A---- C:\Windows\system32\iccvid.dll
2010-08-12 07:32:56 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 07:32:54 ----A---- C:\Windows\system32\msxml3.dll
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 07:32:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 07:32:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-12 07:32:41 ----A---- C:\Windows\system32\mshtml.dll
2010-08-12 07:32:40 ----A---- C:\Windows\system32\ieframe.dll
2010-08-12 07:32:39 ----A---- C:\Windows\system32\wininet.dll
2010-08-12 07:32:39 ----A---- C:\Windows\system32\urlmon.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\mstime.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\ieui.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\iepeers.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-12 07:32:37 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-12 07:32:37 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-12 07:32:30 ----A---- C:\Windows\system32\win32k.sys
2010-08-12 07:32:30 ----A---- C:\Windows\system32\schannel.dll
2010-08-04 10:24:15 ----A---- C:\Windows\system32\shell32.dll
2010-07-31 14:06:59 ----D---- C:\Program Files\Kouzelné dárky
2010-07-25 08:30:09 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2010-08-20 13:35:03 ----D---- C:\Windows\Prefetch
2010-08-20 13:34:47 ----RD---- C:\Program Files
2010-08-20 13:34:27 ----D---- C:\Windows\Temp
2010-08-20 13:05:38 ----D---- C:\Windows\system32\config
2010-08-19 21:58:04 ----D---- C:\Users\Lenka\AppData\Roaming\Skype
2010-08-19 16:01:48 ----SHD---- C:\System Volume Information
2010-08-19 10:04:22 ----D---- C:\Windows
2010-08-18 16:03:00 ----D---- C:\Users\Lenka\AppData\Roaming\skypePM
2010-08-18 16:02:33 ----HD---- C:\ProgramData
2010-08-18 16:02:33 ----D---- C:\Windows\system32\drivers
2010-08-18 15:43:17 ----D---- C:\Program Files\CCleaner
2010-08-18 15:41:58 ----D---- C:\Windows\debug
2010-08-15 16:14:45 ----D---- C:\Users\Lenka\AppData\Roaming\ICQ
2010-08-13 09:23:44 ----D---- C:\Windows\Microsoft.NET
2010-08-13 09:23:31 ----RSD---- C:\Windows\assembly
2010-08-13 07:38:27 ----D---- C:\Program Files\ICQ7.0
2010-08-12 22:25:56 ----D---- C:\Windows\winsxs
2010-08-12 22:23:53 ----D---- C:\Windows\System32
2010-08-12 22:23:52 ----D---- C:\Windows\system32\migration
2010-08-12 22:23:52 ----D---- C:\Program Files\Internet Explorer
2010-08-12 18:10:20 ----SHD---- C:\Windows\Installer
2010-08-12 18:10:16 ----D---- C:\ProgramData\Microsoft Help
2010-08-12 08:45:36 ----D---- C:\Windows\inf
2010-08-12 08:45:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-12 07:32:26 ----D---- C:\Windows\system32\catroot
2010-08-12 07:32:09 ----D---- C:\Windows\system32\catroot2
2010-08-06 10:48:00 ----SD---- C:\Users\Lenka\AppData\Roaming\Microsoft
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-08-02 06:54:12 ----D---- C:\Program Files\ReviverSoft
2010-07-31 21:31:08 ----SD---- C:\ProgramData\Microsoft
2010-07-31 14:08:34 ----A---- C:\Windows\NeroDigital.ini
2010-07-25 08:30:11 ----D---- C:\Windows\system32\Tasks
2010-07-25 08:30:09 ----D---- C:\Program Files\Common Files
2010-07-25 08:02:45 ----D---- C:\Users\Lenka\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-06 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl [2008-10-07 61424]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet - adaptér; C:\Windows\system32\DRIVERS\l160x86.sys [2009-07-14 47104]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-12-22 4405248]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s916obex.sys [2007-11-02 100008]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 VMUVC;Vimicro Camera Service VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [2008-08-29 256512]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\Windows\system32\drivers\vvftUVC.sys [2008-07-01 398720]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-11-27 185640]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-01 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]

-----------------EOF-----------------

Unlimited_Killer

Dobrý den, na logu se pracuje.

Unlimited_Killer

Jdeme na to.

1) OTMoveit3

Stáhněte OTM3 na Plochu.
Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.

Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:commands
[emptytemp]
[emptyflash]

:reg
[HKLM\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"=""
"CustomizeSearch"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{77BF5300-1474-4EC7-9980-D32B190E9B07}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{88EB38EF-4D2C-436D-ABD3-56B232674062}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Alcmtr"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Monotea SoNet for Facebook"=-

:files
%systemroot%\system32\*.tmp.dll /s
%systemroot%\*.tmp /s
%TMP%\*.*
%ALLUSERSPROFILE%\Data aplikací\TEMP\*.*
C:\Program Files\ICQ6Toolbar
C:\Program Files\Ask.com
C:\Windows\tasks\Registry Reviver-Lenka-Startup.job
C:\Program Files\Monotea

:services
ICQ Service

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
Pokud se zobrazí hláška k restartování počítače, klikněte na 'Yes'.
Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

2) Doporučení

Doporučuji program Registry Reviewer odinstalovat, jelikož programy, co ukazují stovky chyb v registrech, občas nejsou moc užitečná, ba naopak.
Mně osobně stačí CCleaner, nikdy mi nic důležitého nesmazal, ba naopak mi zrychlil PC.

3) Nový RSIT log

McHolta · #4 Příspěvek od **McHolta** » 02 zář 2010 07:56

Konečně jsem se k tomu zase dostal. Přikládám log z OTM a pak ještě nový RSIT.

OTM
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lenka
->Temp folder emptied: 1010064 bytes
->Temporary Internet Files folder emptied: 52242139 bytes
->Java cache emptied: 54327165 bytes
->FireFox cache emptied: 31384909 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 6531 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 301056 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 143152662 bytes
RecycleBin emptied: 35811 bytes

Total Files Cleaned = 269,00 mb

========== REGISTRY ==========
HKLM\Software\Microsoft\Internet Explorer\Search\\"SearchAssistant"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Search\\"CustomizeSearch"|"" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5067A26B-1337-4436-8AFE-EE169C2DA79F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{77BF5300-1474-4EC7-9980-D32B190E9B07}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77BF5300-1474-4EC7-9980-D32B190E9B07}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{88EB38EF-4D2C-436D-ABD3-56B232674062}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88EB38EF-4D2C-436D-ABD3-56B232674062}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Monotea SoNet for Facebook deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF3CD.tmp folder moved successfully.
File move failed. C:\Users\Lenka\AppData\Local\Temp\~DF4FE84A3AEF697AFC.TMP scheduled to be moved on reboot.
C:\Users\Lenka\AppData\Local\Temp\~DF626698E8664D97D4.TMP moved successfully.
C:\Users\Lenka\AppData\Local\Temp\~DF6D7C895D6CFA1014.TMP moved successfully.
File move failed. C:\Users\Lenka\AppData\Local\Temp\~DF77B65123D3059328.TMP scheduled to be moved on reboot.
C:\Users\Lenka\AppData\Local\Temp\~DFACBEB1BD4265EECF.TMP moved successfully.
C:\Users\Lenka\AppData\Local\Temp\~DFD1DEF088026F2834.TMP moved successfully.
File/Folder C:\ProgramData\Data aplikací\TEMP\*.* not found.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Windows\tasks\Registry Reviver-Lenka-Startup.job moved successfully.
C:\Program Files\Monotea\SoNet folder moved successfully.
C:\Program Files\Monotea folder moved successfully.
========== SERVICES/DRIVERS ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!

OTM by OldTimer - Version 3.1.15.0 log created on 09032010_084351

Files moved on Reboot...
File C:\Users\Lenka\AppData\Local\Temp\~DF626698E8664D97D4.TMP not found!
File C:\Users\Lenka\AppData\Local\Temp\~DF6D7C895D6CFA1014.TMP not found!
File C:\Users\Lenka\AppData\Local\Temp\~DFACBEB1BD4265EECF.TMP not found!
File C:\Users\Lenka\AppData\Local\Temp\~DFD1DEF088026F2834.TMP not found!
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Z5OU179\afr[1].htm moved successfully.
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:\Users\Lenka\AppData\Local\Temp\~DF4FE84A3AEF697AFC.TMP not found!
File C:\Users\Lenka\AppData\Local\Temp\~DF77B65123D3059328.TMP not found!

Registry entries deleted on Reboot...

RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lenka at 2010-09-03 08:48:51
Microsoft Windows 7 Ultimate
System drive C: has 49 GB (32%) free of 153 GB
Total RAM: 2047 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:31, on 3.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\CyberLink\Shared Files\brs.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\RTHDCPL.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\Lenka\Desktop\RSIT.exe
C:\Program Files\trend micro\Lenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 5608 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-10-07 75048]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-12-19 16062464]
"SkyTel"=C:\Windows\SkyTel.EXE [2006-05-17 2879488]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"VMonitorVMUVC"=C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe [2008-08-29 143360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-08-22 133432]

C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-03 08:43:51 ----D---- C:\_OTM
2010-09-01 16:51:30 ----D---- C:\Program Files\Ztracené štěňátko
2010-09-01 16:50:53 ----D---- C:\Program Files\Žabka Kuňkalka na Kouzelné louce
2010-09-01 16:50:14 ----D---- C:\Users\Lenka\AppData\Roaming\PetShowCraze
2010-09-01 16:49:46 ----D---- C:\Program Files\Zvířecí salón krásy
2010-09-01 16:48:42 ----D---- C:\Program Files\Ztracené ovoce 2 - Nádherné ostrovy
2010-09-01 16:46:39 ----D---- C:\Users\Lenka\AppData\Roaming\Land Of Runes
2010-09-01 16:46:25 ----D---- C:\Program Files\Tajuplný ostrov
2010-09-01 16:45:36 ----D---- C:\Program Files\Tajemná písmena
2010-09-01 16:44:06 ----D---- C:\Program Files\Polární dobrodružství 2
2010-09-01 16:41:51 ----D---- C:\Program Files\Restaurace Medvěda Míši
2010-09-01 16:40:56 ----D---- C:\ProgramData\Friday's games
2010-09-01 16:40:49 ----D---- C:\Program Files\Nádherná zahrada
2010-09-01 16:40:08 ----D---- C:\Program Files\Spidla
2010-09-01 16:28:50 ----D---- C:\Users\Lenka\AppData\Roaming\FashionCrazeChech
2010-09-01 16:28:18 ----D---- C:\Program Files\Módní salón
2010-09-01 16:27:48 ----D---- C:\Users\Lenka\AppData\Roaming\Gaijin Ent
2010-09-01 16:27:42 ----D---- C:\Program Files\Mistr kuchař
2010-09-01 16:26:51 ----SHD---- C:\Windows\ftpcache
2010-09-01 16:26:32 ----D---- C:\Program Files\Mesto zabavy
2010-09-01 16:25:22 ----D---- C:\Program Files\Labužníkův ráj
2010-09-01 16:24:40 ----D---- C:\Program Files\Liška Ryška Zimní Dobrodružství
2010-09-01 16:23:40 ----D---- C:\Users\Lenka\AppData\Roaming\SprillBermudeChech
2010-09-01 16:23:01 ----D---- C:\Program Files\LIŠKA RYŠKA - ZÁHADA BERMUDSKÉHO TROJÚHELNÍKU
2010-09-01 16:21:49 ----D---- C:\Program Files\Liška Ryška - Vodní dobrodružství
2010-09-01 16:21:07 ----D---- C:\Program Files\Liška Ryška - nová dobrodružství
2010-09-01 16:08:13 ----D---- C:\Users\Lenka\AppData\Roaming\Zak&Jack
2010-09-01 16:07:34 ----D---- C:\Program Files\Faraónovo tajemství
2010-09-01 16:06:57 ----D---- C:\ProgramData\VirtualFarm
2010-09-01 16:06:49 ----D---- C:\Program Files\Dobrý farmář
2010-09-01 16:05:17 ----D---- C:\Program Files\Divoký míč 3
2010-09-01 16:04:10 ----D---- C:\Users\Lenka\AppData\Roaming\BeachPartyCraze
2010-09-01 16:03:36 ----D---- C:\Program Files\Bláznivé prázdniny na pláži
2010-09-01 16:02:10 ----D---- C:\Program Files\Bambulky
2010-08-31 12:15:32 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-31 08:04:09 ----D---- C:\Users\Lenka\AppData\Roaming\SecretIslandEng
2010-08-31 08:03:21 ----D---- C:\Program Files\Poklady ostrova zahad
2010-08-24 11:00:57 ----D---- C:\ProgramData\Meridian93
2010-08-24 10:59:57 ----D---- C:\Program Files\Tajemstvi zamku bileho jednorozce
2010-08-20 13:34:47 ----D---- C:\Program Files\trend micro
2010-08-20 13:34:46 ----D---- C:\rsit
2010-08-12 07:33:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-12 07:32:59 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-12 07:32:59 ----A---- C:\Windows\system32\iccvid.dll
2010-08-12 07:32:56 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 07:32:54 ----A---- C:\Windows\system32\msxml3.dll
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 07:32:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 07:32:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-12 07:32:41 ----A---- C:\Windows\system32\mshtml.dll
2010-08-12 07:32:40 ----A---- C:\Windows\system32\ieframe.dll
2010-08-12 07:32:39 ----A---- C:\Windows\system32\wininet.dll
2010-08-12 07:32:39 ----A---- C:\Windows\system32\urlmon.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\mstime.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\ieui.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\iepeers.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-12 07:32:37 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-12 07:32:37 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-12 07:32:30 ----A---- C:\Windows\system32\win32k.sys
2010-08-12 07:32:30 ----A---- C:\Windows\system32\schannel.dll
2010-08-04 10:24:15 ----A---- C:\Windows\system32\shell32.dll

======List of files/folders modified in the last 1 months======

2010-09-03 08:49:18 ----D---- C:\Windows\Temp
2010-09-03 08:49:10 ----D---- C:\Windows\Prefetch
2010-09-03 08:45:26 ----RD---- C:\Program Files
2010-09-03 08:45:26 ----D---- C:\Windows\Tasks
2010-09-03 08:44:52 ----D---- C:\Windows\System32
2010-09-03 07:49:41 ----D---- C:\Windows\system32\config
2010-09-02 22:00:09 ----D---- C:\Users\Lenka\AppData\Roaming\ICQ
2010-09-02 15:17:41 ----SHD---- C:\System Volume Information
2010-09-02 10:44:35 ----D---- C:\Windows
2010-09-01 18:19:36 ----D---- C:\Program Files\Pohádkový příběh
2010-09-01 16:44:19 ----D---- C:\ProgramData\Alawar Stargaze
2010-09-01 16:42:07 ----D---- C:\ProgramData\Aliasworlds
2010-09-01 16:40:56 ----HD---- C:\ProgramData
2010-09-01 16:11:14 ----D---- C:\Users\Lenka\AppData\Roaming\uTorrent
2010-09-01 16:05:42 ----D---- C:\Users\Lenka\AppData\Roaming\Alawar
2010-09-01 16:02:27 ----D---- C:\Users\Lenka\AppData\Roaming\Artogon
2010-09-01 15:23:31 ----D---- C:\Program Files\Katčin rybí krámek
2010-09-01 09:40:47 ----A---- C:\Windows\NeroDigital.ini
2010-09-01 09:04:49 ----D---- C:\Program Files\ICQ7.0
2010-09-01 09:04:01 ----D---- C:\Windows\winsxs
2010-09-01 03:00:49 ----D---- C:\Windows\AppPatch
2010-08-31 12:15:26 ----D---- C:\Windows\system32\catroot
2010-08-28 14:06:43 ----D---- C:\Windows\system32\NDF
2010-08-25 00:07:26 ----D---- C:\Users\Lenka\AppData\Roaming\Skype
2010-08-24 11:00:26 ----D---- C:\Users\Lenka\AppData\Roaming\Meridian93
2010-08-22 21:22:18 ----D---- C:\Windows\system32\catroot2
2010-08-21 11:50:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-21 11:50:06 ----D---- C:\Windows\inf
2010-08-20 13:50:41 ----D---- C:\Program Files\Poklady starověké sluje
2010-08-20 13:49:11 ----D---- C:\Program Files\Emilka Holubová - Montezumův poklad
2010-08-18 16:03:00 ----D---- C:\Users\Lenka\AppData\Roaming\skypePM
2010-08-18 16:02:33 ----D---- C:\Windows\system32\drivers
2010-08-18 15:43:17 ----D---- C:\Program Files\CCleaner
2010-08-18 15:41:58 ----D---- C:\Windows\debug
2010-08-13 09:23:44 ----D---- C:\Windows\Microsoft.NET
2010-08-13 09:23:31 ----RSD---- C:\Windows\assembly
2010-08-12 22:23:52 ----D---- C:\Windows\system32\migration
2010-08-12 22:23:52 ----D---- C:\Program Files\Internet Explorer
2010-08-12 18:10:20 ----SHD---- C:\Windows\Installer
2010-08-12 18:10:16 ----D---- C:\ProgramData\Microsoft Help
2010-08-06 10:48:00 ----SD---- C:\Users\Lenka\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-06 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl [2008-10-07 61424]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet - adaptér; C:\Windows\system32\DRIVERS\l160x86.sys [2009-07-14 47104]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-12-22 4405248]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s916obex.sys [2007-11-02 100008]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 VMUVC;Vimicro Camera Service VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [2008-08-29 256512]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\Windows\system32\drivers\vvftUVC.sys [2008-07-01 398720]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-11-27 185640]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-01 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]

-----------------EOF-----------------

Unlimited_Killer

Omlouvám se za prodlevu, tak nějak jsem neměl vůbec času.

1) Fixnutí v HJT

Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
Následně klikněte na 'Do a system scan only'.

U níže uvedených položek udělejte 'fajfku' do čtverečku vlevo od dané položky a poté klikněte na 'Fix Checked'.

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"

Pokud by tam nějaká z těchto položek nebyla, vynechte ji.

2) OTCleaner

Stáhněte OTC a dvojklikem ho spusťte.
Vyskočí okénko, kde kliknete na 'CleanUp!'.
Potvrdíte kliknutím na 'Yes'.
Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.

3) CCleaner

Stáhněte si program jménem CCleaner.
Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
Spusťte ho.
- Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.

4) Defragmentace

Defragmentujte disk.
Lze to udělat několika způsoby ↓
- Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
- Přes jednoduchý a přehledný program jménem Defraggler.
- Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.

5) FileHippo.com UpdateChecker

Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
- Běžně ho nainstalujte.
- Spouštějte ho například jednou až dvakrát týdně.
- Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
- Dávejte si pozor,co dané aplikace instalují 's sebou' → například zbytečné toolbary (lišty).
  - Proto se nevyplatí bezmyšlenkovitě klikat na 'Next', popřípadě 'Další'.

6) Nový RSIT log

McHolta · #6 Příspěvek od **McHolta** » 09 zář 2010 08:51

Taky mi chvilku trvalo než jsem se k tomu konečně dostal.

RSIT log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lenka at 2010-09-10 09:47:52
Microsoft Windows 7 Ultimate
System drive C: has 48 GB (32%) free of 153 GB
Total RAM: 2047 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:48:16, on 10.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\Shared Files\brs.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\RTHDCPL.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Lenka\Desktop\RSIT.exe
C:\Program Files\trend micro\Lenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 5252 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-10-07 75048]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-12-19 16062464]
"SkyTel"=C:\Windows\SkyTel.EXE [2006-05-17 2879488]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"VMonitorVMUVC"=C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe [2008-08-29 143360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-08-22 133432]

C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-10 09:47:52 ----D---- C:\rsit
2010-09-04 15:08:22 ----D---- C:\Program Files\Včeličky
2010-09-04 15:07:22 ----D---- C:\Program Files\Zachraň Kamarády!
2010-09-04 15:04:49 ----D---- C:\Program Files\Ovečky
2010-09-04 15:03:41 ----D---- C:\Program Files\Mořské dobrodružství
2010-09-04 15:02:57 ----D---- C:\Program Files\Medvěd Míša - Cesta kolem světa
2010-09-01 16:51:30 ----D---- C:\Program Files\Ztracené štěňátko
2010-09-01 16:50:53 ----D---- C:\Program Files\Žabka Kuňkalka na Kouzelné louce
2010-09-01 16:50:14 ----D---- C:\Users\Lenka\AppData\Roaming\PetShowCraze
2010-09-01 16:49:46 ----D---- C:\Program Files\Zvířecí salón krásy
2010-09-01 16:48:42 ----D---- C:\Program Files\Ztracené ovoce 2 - Nádherné ostrovy
2010-09-01 16:46:39 ----D---- C:\Users\Lenka\AppData\Roaming\Land Of Runes
2010-09-01 16:46:25 ----D---- C:\Program Files\Tajuplný ostrov
2010-09-01 16:45:36 ----D---- C:\Program Files\Tajemná písmena
2010-09-01 16:44:06 ----D---- C:\Program Files\Polární dobrodružství 2
2010-09-01 16:41:51 ----D---- C:\Program Files\Restaurace Medvěda Míši
2010-09-01 16:40:56 ----D---- C:\ProgramData\Friday's games
2010-09-01 16:40:49 ----D---- C:\Program Files\Nádherná zahrada
2010-09-01 16:40:08 ----D---- C:\Program Files\Spidla
2010-09-01 16:28:50 ----D---- C:\Users\Lenka\AppData\Roaming\FashionCrazeChech
2010-09-01 16:28:18 ----D---- C:\Program Files\Módní salón
2010-09-01 16:27:48 ----D---- C:\Users\Lenka\AppData\Roaming\Gaijin Ent
2010-09-01 16:27:42 ----D---- C:\Program Files\Mistr kuchař
2010-09-01 16:26:51 ----SHD---- C:\Windows\ftpcache
2010-09-01 16:26:32 ----D---- C:\Program Files\Mesto zabavy
2010-09-01 16:25:22 ----D---- C:\Program Files\Labužníkův ráj
2010-09-01 16:24:40 ----D---- C:\Program Files\Liška Ryška Zimní Dobrodružství
2010-09-01 16:23:40 ----D---- C:\Users\Lenka\AppData\Roaming\SprillBermudeChech
2010-09-01 16:23:01 ----D---- C:\Program Files\LIŠKA RYŠKA - ZÁHADA BERMUDSKÉHO TROJÚHELNÍKU
2010-09-01 16:21:49 ----D---- C:\Program Files\Liška Ryška - Vodní dobrodružství
2010-09-01 16:21:07 ----D---- C:\Program Files\Liška Ryška - nová dobrodružství
2010-09-01 16:08:13 ----D---- C:\Users\Lenka\AppData\Roaming\Zak&Jack
2010-09-01 16:07:34 ----D---- C:\Program Files\Faraónovo tajemství
2010-09-01 16:06:57 ----D---- C:\ProgramData\VirtualFarm
2010-09-01 16:06:49 ----D---- C:\Program Files\Dobrý farmář
2010-09-01 16:05:17 ----D---- C:\Program Files\Divoký míč 3
2010-09-01 16:04:10 ----D---- C:\Users\Lenka\AppData\Roaming\BeachPartyCraze
2010-09-01 16:03:36 ----D---- C:\Program Files\Bláznivé prázdniny na pláži
2010-09-01 16:02:10 ----D---- C:\Program Files\Bambulky
2010-08-31 12:15:32 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-31 08:04:09 ----D---- C:\Users\Lenka\AppData\Roaming\SecretIslandEng
2010-08-31 08:03:21 ----D---- C:\Program Files\Poklady ostrova zahad
2010-08-24 11:00:57 ----D---- C:\ProgramData\Meridian93
2010-08-24 10:59:57 ----D---- C:\Program Files\Tajemstvi zamku bileho jednorozce
2010-08-20 13:34:47 ----D---- C:\Program Files\trend micro
2010-08-12 07:33:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-12 07:32:59 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-12 07:32:59 ----A---- C:\Windows\system32\iccvid.dll
2010-08-12 07:32:56 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 07:32:54 ----A---- C:\Windows\system32\msxml3.dll
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 07:32:52 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 07:32:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 07:32:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-12 07:32:41 ----A---- C:\Windows\system32\mshtml.dll
2010-08-12 07:32:40 ----A---- C:\Windows\system32\ieframe.dll
2010-08-12 07:32:39 ----A---- C:\Windows\system32\wininet.dll
2010-08-12 07:32:39 ----A---- C:\Windows\system32\urlmon.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\mstime.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\ieui.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\iepeers.dll
2010-08-12 07:32:38 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-12 07:32:37 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-12 07:32:37 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-12 07:32:30 ----A---- C:\Windows\system32\win32k.sys
2010-08-12 07:32:30 ----A---- C:\Windows\system32\schannel.dll

======List of files/folders modified in the last 1 months======

2010-09-10 09:47:39 ----D---- C:\Windows\system32\config
2010-09-10 09:47:34 ----D---- C:\Windows\Temp
2010-09-10 09:46:47 ----D---- C:\Program Files\CCleaner
2010-09-10 09:46:15 ----D---- C:\Windows
2010-09-10 09:45:00 ----D---- C:\Windows\Prefetch
2010-09-10 09:33:29 ----D---- C:\Users\Lenka\AppData\Roaming\ICQ
2010-09-09 15:26:43 ----SHD---- C:\System Volume Information
2010-09-06 20:55:27 ----D---- C:\Users\Lenka\AppData\Roaming\uTorrent
2010-09-06 14:11:24 ----HD---- C:\ProgramData
2010-09-06 14:11:12 ----D---- C:\ProgramData\AlawarWrapper
2010-09-06 14:11:05 ----D---- C:\Program Files\Alawar
2010-09-06 09:37:37 ----D---- C:\Windows\system32\catroot2
2010-09-05 12:48:06 ----D---- C:\Windows\System32
2010-09-05 12:48:06 ----D---- C:\Windows\inf
2010-09-05 12:48:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-04 15:08:22 ----RD---- C:\Program Files
2010-09-04 15:07:36 ----D---- C:\Users\Lenka\AppData\Roaming\Alawar
2010-09-03 08:45:26 ----D---- C:\Windows\Tasks
2010-09-01 18:19:36 ----D---- C:\Program Files\Pohádkový příběh
2010-09-01 16:44:19 ----D---- C:\ProgramData\Alawar Stargaze
2010-09-01 16:42:07 ----D---- C:\ProgramData\Aliasworlds
2010-09-01 16:02:27 ----D---- C:\Users\Lenka\AppData\Roaming\Artogon
2010-09-01 15:23:31 ----D---- C:\Program Files\Katčin rybí krámek
2010-09-01 09:40:47 ----A---- C:\Windows\NeroDigital.ini
2010-09-01 09:04:49 ----D---- C:\Program Files\ICQ7.0
2010-09-01 09:04:01 ----D---- C:\Windows\winsxs
2010-09-01 03:00:49 ----D---- C:\Windows\AppPatch
2010-08-31 12:15:26 ----D---- C:\Windows\system32\catroot
2010-08-28 14:06:43 ----D---- C:\Windows\system32\NDF
2010-08-25 00:07:26 ----D---- C:\Users\Lenka\AppData\Roaming\Skype
2010-08-24 11:00:26 ----D---- C:\Users\Lenka\AppData\Roaming\Meridian93
2010-08-20 13:50:41 ----D---- C:\Program Files\Poklady starověké sluje
2010-08-20 13:49:11 ----D---- C:\Program Files\Emilka Holubová - Montezumův poklad
2010-08-18 16:03:00 ----D---- C:\Users\Lenka\AppData\Roaming\skypePM
2010-08-18 16:02:33 ----D---- C:\Windows\system32\drivers
2010-08-18 15:41:58 ----D---- C:\Windows\debug
2010-08-13 09:23:44 ----D---- C:\Windows\Microsoft.NET
2010-08-13 09:23:31 ----RSD---- C:\Windows\assembly
2010-08-12 22:23:52 ----D---- C:\Windows\system32\migration
2010-08-12 22:23:52 ----D---- C:\Program Files\Internet Explorer
2010-08-12 18:10:20 ----SHD---- C:\Windows\Installer
2010-08-12 18:10:16 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-06 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl [2008-10-07 61424]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet - adaptér; C:\Windows\system32\DRIVERS\l160x86.sys [2009-07-14 47104]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-12-22 4405248]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s916obex.sys [2007-11-02 100008]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 VMUVC;Vimicro Camera Service VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [2008-08-29 256512]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\Windows\system32\drivers\vvftUVC.sys [2008-07-01 398720]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-11-27 185640]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-01 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]

-----------------EOF-----------------

#7 Příspěvek od **motji** » 11 zář 2010 21:18

Dobrý večer, záskok za kolegu

Log už vypadá v pořádku, máte s počítačem ještě nějaké problémy?

McHolta · #8 Příspěvek od **McHolta** » 13 zář 2010 06:40

Vypadá to, že je to už v pořádku. Děkuji za pomoc.

VIRY.CZ

Samvolné otvírání tabů v IE

Samvolné otvírání tabů v IE

Re: Samvolné otvírání tabů v IE

Re: Samvolné otvírání tabů v IE

Re: Samvolné otvírání tabů v IE

Re: Samvolné otvírání tabů v IE

Re: Samvolné otvírání tabů v IE

Re: Samvolné otvírání tabů v IE

Re: Samvolné otvírání tabů v IE