VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=133366

Stránka 7 z 8

Re: Prosím o kontrolu logu

Napsal: 16 lis 2013 19:07
od Márty84
:???: Kdyz vytvorite zastupce konkretniho videa, jde spustit dvojklikem?


:arrow: Dejte aktualni log z RSIT

Re: Prosím o kontrolu logu

Napsal: 16 lis 2013 20:42
od Claire*
Nejde :(
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-11-16 20:41:48
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 170 GB (71%) free of 238 GB
Total RAM: 894 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:11, on 16.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Documents and Settings\Admin\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON SX230 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE /FU "C:\DOCUME~1\Admin\LOCALS~1\Temp\E_S90.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [UpdateChecker] C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1858886000
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe

--
End of file - 7824 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-ADMIN-130349736-Admin.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\3kidxstb.default-1384084430125

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-10-23 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-10-23 12240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-08-16 152392]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-07-17 347192]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-23 1673680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON SX230 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE [2011-01-21 212480]
"UpdateChecker"=C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe [2013-11-09 7168]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Translate Client.lnk - C:\Program Files\Translate Client\translateclient.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-06-28 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2013-11-16 17:35:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-11-16 17:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2013-11-16 17:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2013-11-16 17:34:20 ----D---- C:\WINDOWS\LastGood
2013-11-16 11:37:18 ----D---- C:\Documents and Settings\Admin\Data aplikací\Avira
2013-11-16 11:34:35 ----N---- C:\WINDOWS\system32\spmsg.dll
2013-11-16 11:34:06 ----D---- C:\Program Files\AskPartnerNetwork
2013-11-16 11:34:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-11-16 11:31:24 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2013-11-16 11:31:23 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2013-11-16 11:31:23 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2013-11-16 11:31:22 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2013-11-16 11:26:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2013-11-16 11:26:34 ----D---- C:\Program Files\Sony
2013-11-16 11:25:49 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2013-11-16 11:25:31 ----SHD---- C:\Config.Msi
2013-11-16 11:25:27 ----D---- C:\WINDOWS\system32\LogFiles
2013-11-16 11:25:27 ----D---- C:\WINDOWS\system32\drivers\UMDF
2013-11-16 11:25:23 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2013-11-16 11:11:00 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 19:17:32 ----D---- C:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-11-13 17:49:26 ----D---- C:\Program Files\SqueakyChocolate
2013-11-13 17:48:01 ----D---- C:\Documents and Settings\Admin\Data aplikací\OpenCandy
2013-11-13 17:29:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-13 17:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-13 17:29:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 17:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-13 17:28:51 ----A---- C:\WINDOWS\imsins.BAK
2013-11-13 17:24:12 ----D---- C:\WINDOWS\system32\MRT
2013-11-09 21:00:58 ----D---- C:\Program Files\3herosoft
2013-11-09 21:00:05 ----D---- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
2013-11-03 20:57:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-03 20:29:34 ----D---- C:\rsit
2013-11-03 20:12:42 ----D---- C:\WINDOWS\pss
2013-11-03 19:01:17 ----D---- C:\Program Files\MozBackup
2013-11-02 20:49:46 ----D---- C:\Program Files\CCleaner
2013-11-02 20:28:00 ----SHD---- C:\RECYCLER
2013-11-02 19:41:00 ----SD---- C:\Uninstall
2013-11-02 16:06:33 ----D---- C:\WINDOWS\temp
2013-11-02 15:52:27 ----RASHD---- C:\cmdcons
2013-11-02 13:43:04 ----A---- C:\Boot.bak
2013-11-02 11:30:07 ----D---- C:\Documents and Settings\Admin\Data aplikací\translateclient
2013-11-02 11:29:54 ----D---- C:\Program Files\Translate Client
2013-11-01 20:47:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\APN
2013-11-01 20:46:30 ----D---- C:\Program Files\DsNET Corp
2013-11-01 20:43:57 ----D---- C:\Documents and Settings\Admin\Data aplikací\Youtube Downloader HD
2013-10-27 20:08:13 ----D---- C:\Program Files\SimilarSites
2013-10-27 20:08:08 ----D---- C:\Documents and Settings\Admin\Data aplikací\SimilarSites
2013-10-27 20:06:54 ----D---- C:\Program Files\PANDORA.TV
2013-10-20 16:14:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-10-20 15:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2013-10-20 15:02:47 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2013-10-20 14:55:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2013-10-20 14:51:06 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2013-10-20 14:25:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2013-10-20 14:25:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2013-10-20 14:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2013-10-20 14:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2013-10-20 14:20:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2013-10-20 14:20:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2013-10-20 14:20:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2013-10-20 14:19:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2013-10-20 14:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2013-10-20 14:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-10-20 14:17:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2013-10-20 14:17:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-10-20 14:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-10-20 14:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2013-10-20 14:16:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2013-10-20 14:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2013-10-20 14:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2013-10-20 14:16:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2013-10-20 14:15:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2013-10-20 14:15:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2013-10-20 14:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2013-10-20 14:15:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2013-10-20 14:15:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2013-10-20 14:15:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$
2013-10-20 14:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2013-10-20 11:44:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2013-10-20 11:44:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2013-10-20 11:43:58 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2013-10-20 11:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2013-10-20 11:42:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2013-10-20 11:42:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2013-10-20 11:42:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2013-10-20 11:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2013-10-20 11:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2013-10-20 11:41:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2013-10-20 11:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2013-10-20 11:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2013-10-20 11:40:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2013-10-20 11:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2013-10-20 11:40:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2013-10-20 11:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2013-10-20 11:39:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2013-10-20 11:38:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2013-10-20 11:38:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2013-10-20 11:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2013-10-20 11:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2013-10-20 11:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2013-10-20 11:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2013-10-20 11:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2013-10-20 11:36:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2013-10-20 11:36:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2013-10-20 11:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-10-20 11:35:52 ----A---- C:\WINDOWS\system32\javaws.exe
2013-10-20 11:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2013-10-20 11:35:44 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-20 11:35:44 ----A---- C:\WINDOWS\system32\javaw.exe
2013-10-20 11:35:44 ----A---- C:\WINDOWS\system32\java.exe
2013-10-20 11:35:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2013-10-20 11:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2013-10-20 11:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2013-10-20 11:35:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2013-10-20 11:34:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2013-10-20 11:34:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2013-10-20 11:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-10-20 11:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$
2013-10-20 11:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2013-10-20 11:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2013-10-20 11:34:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-10-20 11:33:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2013-10-20 11:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2013-10-20 11:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-10-20 11:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-10-20 11:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2013-10-20 11:10:21 ----D---- C:\WINDOWS\ie8updates
2013-10-20 11:09:48 ----D---- C:\WINDOWS\WBEM
2013-10-20 11:08:18 ----HDC---- C:\WINDOWS\ie8
2013-10-20 11:06:04 ----A---- C:\WINDOWS\system32\MRT.exe
2013-10-20 11:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2013-10-20 11:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2013-10-20 11:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2013-10-20 11:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2013-10-20 11:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2013-10-20 10:30:05 ----D---- C:\WINDOWS\system32\XPSViewer
2013-10-20 10:29:20 ----D---- C:\Program Files\MSBuild
2013-10-20 10:29:00 ----D---- C:\WINDOWS\system32\en-US
2013-10-20 10:27:58 ----D---- C:\Program Files\Reference Assemblies
2013-10-20 10:20:15 ----N---- C:\WINDOWS\system32\prntvpt.dll
2013-10-20 10:20:14 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2013-10-20 10:20:11 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2013-10-20 10:20:07 ----D---- C:\28be117aadd7149fc4
2013-10-20 10:14:24 ----RSD---- C:\WINDOWS\assembly
2013-10-20 10:03:42 ----D---- C:\WINDOWS\Microsoft.NET
2013-10-20 09:25:28 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2013-10-20 09:14:30 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2013-10-20 09:11:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2013-10-19 20:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2013-10-19 19:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2013-10-19 19:11:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2013-10-19 18:50:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2013-10-19 16:48:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2013-10-19 16:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2013-10-19 16:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2013-10-19 16:48:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2013-10-19 16:48:33 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2013-10-19 16:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2013-10-19 16:48:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2013-10-19 16:48:20 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-10-19 16:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2013-10-19 16:48:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-10-19 16:46:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-10-19 16:44:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
2013-10-19 16:42:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2013-10-19 16:39:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2013-10-19 16:37:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2013-10-19 16:35:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2013-10-19 16:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2013-10-19 16:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2013-10-19 16:28:24 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2013-10-19 16:26:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2013-10-19 16:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2013-10-19 16:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2013-10-19 16:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2013-10-19 16:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2883150$
2013-10-19 16:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2013-10-19 16:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-10-19 16:09:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2013-10-19 16:07:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2013-10-19 16:04:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2013-10-19 16:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2013-10-19 15:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2013-10-19 15:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2013-10-19 15:53:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2013-10-19 15:51:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2013-10-19 15:49:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2013-10-19 15:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2013-10-19 15:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2013-10-19 15:43:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2013-10-19 15:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2013-10-19 15:38:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2013-10-19 14:13:33 ----N---- C:\WINDOWS\system32\browserchoice.exe
2013-10-18 20:35:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2013-10-18 20:32:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2013-10-18 17:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2013-10-17 20:02:36 ----D---- C:\WINDOWS\system32\PreInstall
2013-10-17 20:02:28 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2013-10-17 20:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2013-10-17 20:02:19 ----HD---- C:\WINDOWS\$hf_mig$
2013-10-17 15:29:05 ----N---- C:\WINDOWS\system32\iacenc.dll

======List of files/folders modified in the last 1 month======

2013-11-16 20:41:56 ----D---- C:\WINDOWS\Prefetch
2013-11-16 20:41:54 ----D---- C:\Program Files\trend micro
2013-11-16 17:35:41 ----HD---- C:\WINDOWS\inf
2013-11-16 17:35:40 ----D---- C:\WINDOWS\system32
2013-11-16 17:35:40 ----D---- C:\WINDOWS
2013-11-16 17:35:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-11-16 17:34:17 ----D---- C:\WINDOWS\system32\CatRoot2
2013-11-16 15:38:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-11-16 13:26:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-11-16 12:56:55 ----D---- C:\Program Files\The KMPlayer
2013-11-16 11:35:38 ----D---- C:\WINDOWS\system32\CatRoot
2013-11-16 11:34:13 ----SHD---- C:\WINDOWS\Installer
2013-11-16 11:34:06 ----RD---- C:\Program Files
2013-11-16 11:31:24 ----D---- C:\WINDOWS\system32\drivers
2013-11-16 11:31:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2013-11-16 11:26:00 ----D---- C:\Program Files\Windows Media Player
2013-11-16 11:24:55 ----D---- C:\WINDOWS\WinSxS
2013-11-16 11:22:10 ----RSD---- C:\WINDOWS\Fonts
2013-11-13 19:36:50 ----D---- C:\Documents and Settings\Admin\Data aplikací\Adobe
2013-11-13 19:04:25 ----D---- C:\Program Files\Adobe
2013-11-13 19:02:39 ----D---- C:\Program Files\Common Files\Adobe
2013-11-13 18:44:19 ----SD---- C:\WINDOWS\Tasks
2013-11-13 18:24:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-11-13 17:49:08 ----D---- C:\temp
2013-11-13 17:48:04 ----D---- C:\Program Files\Youtube Downloader HD
2013-11-13 17:28:45 ----D---- C:\Program Files\Internet Explorer
2013-11-13 17:24:11 ----D---- C:\WINDOWS\Debug
2013-11-10 21:01:51 ----SHD---- C:\System Volume Information
2013-11-10 12:21:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-10 10:34:58 ----D---- C:\WINDOWS\system32\NtmsData
2013-11-10 10:33:34 ----D---- C:\WINDOWS\Registration
2013-11-03 20:58:02 ----D---- C:\Documents and Settings\Admin\Data aplikací\Mozilla
2013-11-03 20:56:40 ----D---- C:\Program Files\Google
2013-11-03 20:34:54 ----RASH---- C:\boot.ini
2013-11-03 20:34:54 ----A---- C:\WINDOWS\win.ini
2013-11-03 20:34:54 ----A---- C:\WINDOWS\system.ini
2013-11-02 20:50:59 ----D---- C:\Program Files\PDFCreator
2013-11-02 19:41:26 ----D---- C:\WINDOWS\system32\Restore
2013-11-02 16:00:37 ----D---- C:\WINDOWS\system32\drivers\etc
2013-11-02 15:57:24 ----D---- C:\WINDOWS\AppPatch
2013-11-02 15:57:21 ----D---- C:\Program Files\Common Files
2013-11-02 15:15:20 ----D---- C:\WINDOWS\system32\config
2013-11-02 11:31:47 ----SD---- C:\Documents and Settings\Admin\Data aplikací\Microsoft
2013-10-29 19:24:25 ----D---- C:\Documents and Settings\Admin\Data aplikací\Epson
2013-10-27 17:34:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-20 19:04:48 ----D---- C:\WINDOWS\system32\DirectX
2013-10-20 14:41:22 ----D---- C:\WINDOWS\system32\wbem
2013-10-20 11:35:44 ----D---- C:\Program Files\Java
2013-10-20 11:21:41 ----D---- C:\WINDOWS\system32\cs-cz
2013-10-20 11:21:40 ----D---- C:\WINDOWS\Help
2013-10-20 11:09:35 ----D---- C:\WINDOWS\Media
2013-10-20 10:24:02 ----D---- C:\WINDOWS\system32\spool
2013-10-20 10:04:44 ----D---- C:\WINDOWS\system32\mui
2013-10-19 16:39:59 ----D---- C:\Program Files\Outlook Express
2013-10-19 16:28:34 ----D---- C:\Program Files\Movie Maker
2013-10-18 20:35:16 ----D---- C:\Program Files\Messenger
2013-10-18 18:31:05 ----D---- C:\Documents and Settings\Admin\Data aplikací\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-07-29 136672]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-03-06 37352]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-08-22 88840]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-28 1241088]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-07-17 108088]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-07-17 84024]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-08-09 815160]
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-23 166352]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-28 376832]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 553288]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-06-28 516096]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-01-07 26144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-10 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o kontrolu logu

Napsal: 17 lis 2013 10:22
od Márty84
Zkuste pouzit Fix It http://www.stahuj.centrum.cz/utility_a_ ... it-center/

Re: Prosím o kontrolu logu

Napsal: 17 lis 2013 16:38
od Claire*
Chybí mi tam prý 'Powershell'

Re: Prosím o kontrolu logu

Napsal: 17 lis 2013 19:24
od Márty84
Tak zkuste Windows XP Manager http://www.stahuj.centrum.cz/utility_a_ ... p-manager/

Re: Prosím o kontrolu logu

Napsal: 30 lis 2013 13:33
od Claire*
I po opravě to spustit nejde, ale vypadá to, že je to chyba KM Playeru. VLC reaguje na rozkliknutí bez problému.

Re: Prosím o kontrolu logu

Napsal: 30 lis 2013 14:44
od Márty84
Claire* píše:I po opravě to spustit nejde, ale vypadá to, že je to chyba KM Playeru. VLC reaguje na rozkliknutí bez problému.
Tak to je dobra zprava :)
Bohuzel v tom poslednim logu z RSIT jsou zase veci, ktere tam byt nemaji. Navic zas ubehlo 14 dnu, ted tam muze byt zase uplne neco jineho... Tak nevim jak dale, co navrhujete? Cistit znovu, nebo se na to vykaslat? :)

Re: Prosím o kontrolu logu

Napsal: 30 lis 2013 15:16
od Claire*
Klidně znovu, ted už mám více méně všechny věci dané zpět, už nic upravovat nebudu, čili už by to pak mohlo vydržet čistý :D

Re: Prosím o kontrolu logu

Napsal: 30 lis 2013 18:19
od Márty84
Dobra, tak znovu pouzijte ADWCleaner, rovnou moznost Clean a pak uplnou kontrolu s MBAM. Logy sem zkopirujte :)

Re: Prosím o kontrolu logu

Napsal: 13 pro 2013 20:41
od Claire*
Key Deleted : HKCU\Software\Softonic

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0.1 (cs)

[ File : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\3kidxstb.default-1384084430125\prefs.js ]

Line Deleted : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1384618094277,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R2].txt - [2056 octets] - [12/12/2013 18:11:00]
AdwCleaner[S1].txt - [2015 octets] - [12/12/2013 18:44:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2075 octets] ##########

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.12.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: ADMIN-130349736 [administrátor]

Ochrana: Povolena

13.12.2013 19:05:06
MBAM-log-2013-12-13 (20-39-41).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 261367
Uplynulý čas: 1 hodin, 25 minut, 16 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SqueakyChocolate, LLC UpdateChecker (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Program Files\SqueakyChocolate\UpdateChecker (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 8
C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\System.Net.Json.dll (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\uninstall.exe (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe.config (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateNotifier.exe (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateNotifier.exe.config (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdaterLibrary.dll (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.

(konec)

E projedu zítra :)

Re: Prosím o kontrolu logu

Napsal: 13 pro 2013 23:28
od Márty84
Vsechno nechte odstranit. Zitra projedte oba :)

Re: Prosím o kontrolu logu

Napsal: 14 pro 2013 11:16
od Claire*
Komplet projeté, tamty jsem nesmazala, počkám na hromadnou instrukci :D

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.13.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: ADMIN-130349736 [administrátor]

Ochrana: Povolena

14.12.2013 9:39:17
MBAM-log-2013-12-14 (11-14-26).txt

Typ: Kompletní kontrola (A:\|C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 326221
Uplynulý čas: 1 hodin, 30 minut, 29 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SqueakyChocolate, LLC UpdateChecker (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Program Files\SqueakyChocolate\UpdateChecker (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 14
C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
E:\Documents and Settings\Šárka.DT084376.000\Local Settings\Temp\_MTB671093161242101282011.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
E:\Documents and Settings\Šárka.DT084376.000\Local Settings\Temp\_MTB5709476154183082011.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
E:\Documents and Settings\Šárka.DT084376.000\Local Settings\Temp\_MTB257503692011227102011.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
E:\Documents and Settings\Šárka.DT084376.000\Local Settings\Temp\is-26ACS.tmp\dealio.exe (PUP.Dealio.TB) -> Nebyla provedena žádná instrukce.
E:\Documents and Settings\Šárka.DT084376.000\Local Settings\Temp\is-0NK2B.tmp\dealio.exe (PUP.Dealio.TB) -> Nebyla provedena žádná instrukce.
E:\System Volume Information\_restore{02441578-ECDB-4916-9FBB-A931857ED36A}\RP178\A0058243.exe (Trojan.Dropper.PGen) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\System.Net.Json.dll (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\uninstall.exe (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe.config (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateNotifier.exe (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdateNotifier.exe.config (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SqueakyChocolate\UpdateChecker\UpdaterLibrary.dll (PUP.Optional.SqueakyChocolate.A) -> Nebyla provedena žádná instrukce.

(konec)

Re: Prosím o kontrolu logu

Napsal: 14 pro 2013 21:37
od Márty84
Vse smazte.

Pak smazte body obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 Pri tom vypinani to vypnete na vsech jednotkach, pokud tam bude ta moznost. Pak samozrejme nezapomente znovu zapnout.

Pak udelejte novou kontrolu s MBAM a napiste, zda neco nasel. Podle toho zase pokrocime dale.

Re: Prosím o kontrolu logu

Napsal: 15 pro 2013 18:54
od Claire*
Našel ještě jeden soubor: Trojan.AutoKMS

Re: Prosím o kontrolu logu

Napsal: 15 pro 2013 19:48
od Márty84
MBAM odinstalujte a taky nelegalni office. Pak dejte novy log z RSIT
Všechny časy jsou v UTC+01:00
Stránka 7 z 8

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz