Vir v počítači

[lerak19]

Dobrý den potřeboval bych poradit a pomoct. Mám v počítači vir smazalo mi to zničeho nic všechny filmy na ploše a některé obrázky. K tomu mi to velice spomalilo počítač a někdy si to dělá co chce přesouvá mi to na ploše tabulku o webce atd. K tomu mi to co chvíly ukazuje že že složka, skype, prohlížeč atd. Neodpovidá. Co stým mam dělat? Poradíte mi někdo?

[lerak19]

Popřípadě mám Windows 7 a antiviroví program Microsoft Security Essentials, který mi našel 2 potencialní hrozby a ty jsem dal odebrat ale pořád mi to blbne.

[Rudy]

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 . Potom uvidíme.

[lerak19]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Karel at 2012-08-22 12:21:01
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 394 GB (66%) free of 597 GB
Total RAM: 3767 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:21:24, on 22.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files (x86)\VodBurner\vodburner.exe
C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe
C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Program Files\trend micro\Karel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www2.inbox.com/search/dispatcher ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Karel\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: InternetPanelBHO - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetSoftware\IEHelper.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O3 - Toolbar: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [AppVodBurner] C:\Program Files (x86)\VodBurner\vodburner.exe
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\Karel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [SpeedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000 --minimized
O4 - HKCU\..\Run: [MicroSys] C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Preme.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11911 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
taskeng.exe {14EF94FE-02C6-45C3-A0A2-A2B85361E39E}
"C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" -product HSS
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files (x86)\VodBurner\vodburner.exe"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
"C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe"
"C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe" /s
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:2716
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\NetSoftware\NetSoftware.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe" 20000 --minimized
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
\??\C:\Windows\system32\conhost.exe "-166277788-1629644814538585216-1517667483-512033613-1756447266-494955841307676217
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe"
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe"
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --extension-process --channel=5932.03702600.693051582 /prefetch:3
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --extension-process --channel=5932.03702780.1728893941 /prefetch:3
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --extension-process --channel=5932.03702900.1920851658 /prefetch:3
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --extension-process --channel=5932.0532B000.569812148 /prefetch:3
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --channel=5932.095DFA80.1835636395 /prefetch:3
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=plugin --plugin-path="C:\Users\Karel\AppData\Local\RockMelt\Application\0.16.91.483\plugins\npswf32.dll" --lang=en-US --channel=5932.06CAB000.1413234060 /prefetch:4
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --channel=5932.06C71300.519820228 /prefetch:3
"C:\Users\Karel\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/WarmSocketImpact/last_accessed_socket/ --channel=5932.09B28C00.1989007804 /prefetch:3
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Karel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverScanner.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3960194989-3141225315-4198832283-1000Core.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3960194989-3141225315-4198832283-1000UA.job
C:\Windows\tasks\SpeedUpMyPC.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Karel\AppData\Roaming\Complitly\64\Complitly64.dll [2012-02-02 167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-05-24 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll [2012-05-24 346168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [2012-03-26 287048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Karel\AppData\Roaming\Complitly\Complitly.dll [2012-02-02 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]
Funmoods Helper Object - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll [2012-01-25 241888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-07-09 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-05-24 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-05-24 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]
Internet Panel - C:\Program Files\NetSoftware\IEHelper.dll [2012-08-08 495888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll [2012-04-16 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
KMP Media Toolbar - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-07-09 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll [2012-03-26 233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-05-24 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]
{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - Funmoods Toolbar - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll [2012-01-25 251856]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll [2012-04-16 1307728]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-05-24 192112]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
{daf5b34c-1aa3-4c33-ae24-766a370635d2} - KMP Media Toolbar - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-09-16 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-09-16 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-09-16 415256]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-01-18 832544]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-07-29 594080]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-07-29 377504]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-11 11465832]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2012-08-06 626552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"AppVodBurner"=C:\Program Files (x86)\VodBurner\vodburner.exe [2012-03-23 4675072]
"RockMelt Update"=C:\Users\Karel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-04-01 136336]
"SpeedUpMyPC"=C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe [2012-08-03 406936]
"MicroSys"=C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe [2012-08-21 1395200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-23 284696]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-01-22 1287760]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-04-09 1557160]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2012-06-22 188928]
"4StoryPrePatch"=C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
VideoWebCamera.exe.lnk - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe

C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Preme.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-28 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"UseOEMBackground"=0
"DisplayLastLogonInfo"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-22 12:21:03 ----D---- C:\Program Files\trend micro
2012-08-22 12:21:01 ----D---- C:\rsit
2012-08-21 22:28:12 ----D---- C:\Users\Karel\AppData\Roaming\dclogs
2012-08-21 22:28:00 ----SD---- C:\Users\Karel\AppData\Roaming\MicroSys
2012-08-19 12:45:57 ----SHD---- C:\Config.Msi
2012-08-18 14:18:53 ----D---- C:\Users\Karel\AppData\Roaming\TortoiseSVN
2012-08-18 14:06:53 ----D---- C:\Program Files (x86)\TortoiseSVN
2012-08-18 14:06:21 ----D---- C:\Users\Karel\AppData\Roaming\Subversion
2012-08-18 14:06:06 ----D---- C:\Program Files\TortoiseSVN
2012-08-18 10:09:09 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2012-08-18 02:00:54 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2012-08-16 09:08:27 ----A---- C:\Windows\system32\jscript.dll
2012-08-16 09:08:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-16 09:08:26 ----A---- C:\Windows\system32\vbscript.dll
2012-08-16 09:08:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-08-16 09:08:24 ----A---- C:\Windows\system32\netapi32.dll
2012-08-16 09:08:24 ----A---- C:\Windows\system32\browser.dll
2012-08-16 09:08:24 ----A---- C:\Windows\system32\browcli.dll
2012-08-16 09:08:23 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-16 09:08:23 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-16 09:08:22 ----A---- C:\Windows\system32\win32k.sys
2012-08-16 09:08:07 ----A---- C:\Windows\system32\localspl.dll
2012-08-08 22:55:02 ----D---- C:\ProgramData\NetSoftware
2012-08-08 22:54:50 ----D---- C:\Program Files\NetSoftware
2012-08-08 20:28:04 ----D---- C:\Users\Karel\AppData\Roaming\ICQ Search
2012-08-08 20:27:13 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2012-08-08 20:27:08 ----D---- C:\Users\Karel\AppData\Roaming\Mozilla
2012-08-08 20:27:08 ----D---- C:\ProgramData\ICQ
2012-08-08 13:57:46 ----D---- C:\Users\Karel\AppData\Roaming\wargaming.net
2012-08-08 13:57:19 ----D---- C:\Games
2012-08-06 10:24:41 ----A---- C:\Windows\system32\drivers\pmkbdfltr.sys
2012-08-06 10:23:46 ----A---- C:\Windows\system32\drivers\btath_bus.sys
2012-08-06 10:18:04 ----A---- C:\Windows\system32\Vxdif.dll
2012-08-06 10:18:02 ----A---- C:\Windows\system32\drivers\Apfiltr.sys
2012-07-25 12:03:48 ----D---- C:\Windows\Roaming
2012-07-25 12:03:48 ----D---- C:\ProgramData\Motive

======List of files/folders modified in the last 1 month======

2012-08-22 12:21:24 ----D---- C:\Windows\Temp
2012-08-22 12:21:03 ----RD---- C:\Program Files
2012-08-22 12:00:45 ----D---- C:\Users\Karel\AppData\Roaming\Skype
2012-08-22 11:55:58 ----D---- C:\Windows\system32\config
2012-08-21 23:44:07 ----D---- C:\Windows\Prefetch
2012-08-21 23:12:37 ----D---- C:\Windows\system32\FxsTmp
2012-08-21 22:54:43 ----A---- C:\Windows\SYSWOW64\log.txt
2012-08-21 21:41:58 ----SHD---- C:\Windows\Installer
2012-08-21 19:39:20 ----SHD---- C:\System Volume Information
2012-08-20 08:57:51 ----D---- C:\Windows\System32
2012-08-20 08:57:51 ----D---- C:\Windows\inf
2012-08-20 08:57:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-19 12:46:25 ----D---- C:\Users\Karel\AppData\Roaming\Uniblue
2012-08-19 12:46:24 ----D---- C:\Program Files (x86)\Uniblue
2012-08-19 12:46:20 ----D---- C:\Windows\Tasks
2012-08-19 12:46:20 ----D---- C:\Windows\system32\Tasks
2012-08-19 12:46:04 ----D---- C:\Program Files\Common Files
2012-08-19 12:46:04 ----D---- C:\Program Files (x86)\Common Files
2012-08-19 12:45:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-19 12:45:07 ----RD---- C:\Program Files (x86)
2012-08-19 12:45:07 ----D---- C:\Windows\SysWOW64
2012-08-18 10:09:59 ----D---- C:\Windows\system32\drivers
2012-08-18 10:09:46 ----D---- C:\Windows\system32\catroot
2012-08-18 10:09:43 ----D---- C:\Windows\system32\catroot2
2012-08-18 10:09:39 ----D---- C:\Windows\system32\DriverStore
2012-08-16 09:17:05 ----D---- C:\Windows\winsxs
2012-08-16 09:13:34 ----D---- C:\ProgramData\Microsoft Help
2012-08-16 09:09:04 ----D---- C:\Windows\debug
2012-08-16 09:09:01 ----A---- C:\Windows\system32\MRT.exe
2012-08-15 14:47:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-08 22:55:02 ----HD---- C:\ProgramData
2012-08-08 13:57:33 ----D---- C:\Windows\SYSWOW64\directx
2012-08-08 13:57:25 ----HD---- C:\Windows\msdownld.tmp
2012-08-08 13:57:25 ----D---- C:\Windows\Logs
2012-08-06 10:27:19 ----D---- C:\Windows
2012-08-06 10:19:31 ----D---- C:\Program Files\DellTPad
2012-07-31 20:14:40 ----D---- C:\ProgramData\boost_interprocess
2012-07-31 20:09:59 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-08-18 19264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2012-08-06 416592]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-07-11 3580928]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-08-06 30848]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-11 2484072]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver; C:\Windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-06 18832]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-18 27960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S1 SBRE;SBRE; C:\Windows\system32\drivers\SBRE.sys []
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-07-29 51872]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2012-07-11 43616]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-07-29 270496]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-07-11 250984]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SmbDrv;SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [2012-07-11 22800]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\system32\drivers\Synth3dVsc.sys []
S3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\system32\drivers\VGPU.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-01-18 842784]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-03-26 329544]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-18 1394504]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe [2012-04-16 240208]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe [2012-04-16 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-05-24 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2012-04-16 607048]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Ask.com
C:\Users\Karel\AppData\Roaming\Complitly
C:\Program Files (x86)\Funmoods
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Google\GoogleToolbarNotifier
C:\Program Files\NetSoftware\IEHelper.dll
C:\Program Files (x86)\Microsoft\BingBar
C:\Program Files (x86)\kmpmediatoolbar
C:\Program Files (x86)\Hotspot Shield\HssIE
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3960194989-3141225315-4198832283-1000Core.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3960194989-3141225315-4198832283-1000UA.job
C:\Windows\tasks\SpeedUpMyPC.job
C:\Program Files (x86)\ICQ6Toolbar

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[lerak19]

Tak jsem udělal všechno jak jsi mi radil a tady je to:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Karel at 2012-08-22 20:44:51
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 410 GB (69%) free of 597 GB
Total RAM: 3767 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:44:54, on 22.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files (x86)\VodBurner\vodburner.exe
C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\Karel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www2.inbox.com/search/dispatcher ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [AppVodBurner] C:\Program Files (x86)\VodBurner\vodburner.exe
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\Karel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [SpeedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000 --minimized
O4 - HKCU\..\Run: [MicroSys] C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe
O4 - HKCU\..\Run: [MicroUpdate] C:\Users\Karel\AppData\Local\Temp\MSDCSC\msdcsc.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Preme.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BingBar Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe (file missing)
O23 - Service: BBUpdate - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9601 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
taskeng.exe {9C242038-A156-4F14-9989-064F6D473164}
"C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" -product HSS
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:1540
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\DellTPad\Apoint.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-1152033932-786679151-156271029-2115667196592819538-939561474517475445-1611821449
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\VodBurner\vodburner.exe"
"C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe" /s
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\NetSoftware\NetSoftware.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Windows\System32\cmd.exe" /k attrib "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe" +s +h
"C:\Windows\System32\cmd.exe" /k attrib "C:\Windows\Microsoft.NET\Framework\v2.0.50727" +s +h
\??\C:\Windows\system32\conhost.exe "-1776918655-145896698945123261931896237-2115235053261716600165940718-774620760
\??\C:\Windows\system32\conhost.exe "-1567233181977415551-127459259-1029686791-18712856094215895425371043561368908118
"C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe" 20000 --minimized
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Karel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverScanner.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Karel\AppData\Roaming\Complitly\64\Complitly64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll [2012-05-24 346168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-07-09 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-07-09 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-09-16 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-09-16 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-09-16 415256]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-01-18 832544]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-07-29 594080]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-07-29 377504]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-11 11465832]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2012-08-06 626552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"AppVodBurner"=C:\Program Files (x86)\VodBurner\vodburner.exe [2012-03-23 4675072]
"RockMelt Update"=C:\Users\Karel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-04-01 136336]
"SpeedUpMyPC"=C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe [2012-08-03 406936]
"MicroSys"=C:\Users\Karel\AppData\Roaming\MicroSys\Launch.exe [2012-08-21 1395200]
"MicroUpdate"=C:\Users\Karel\AppData\Local\Temp\MSDCSC\msdcsc.exe [2010-11-05 1169224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-23 284696]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-01-22 1287760]
""= []
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2012-06-22 188928]
"4StoryPrePatch"=C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
VideoWebCamera.exe.lnk - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe

C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Preme.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-28 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"UseOEMBackground"=0
"DisplayLastLogonInfo"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-22 20:37:26 ----D---- C:\_OTM
2012-08-22 12:21:03 ----D---- C:\Program Files\trend micro
2012-08-22 12:21:01 ----D---- C:\rsit
2012-08-21 22:28:12 ----D---- C:\Users\Karel\AppData\Roaming\dclogs
2012-08-21 22:28:00 ----SD---- C:\Users\Karel\AppData\Roaming\MicroSys
2012-08-19 12:45:57 ----SHD---- C:\Config.Msi
2012-08-18 14:18:53 ----D---- C:\Users\Karel\AppData\Roaming\TortoiseSVN
2012-08-18 14:06:53 ----D---- C:\Program Files (x86)\TortoiseSVN
2012-08-18 14:06:21 ----D---- C:\Users\Karel\AppData\Roaming\Subversion
2012-08-18 14:06:06 ----D---- C:\Program Files\TortoiseSVN
2012-08-18 10:09:09 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2012-08-18 02:00:54 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2012-08-16 09:08:27 ----A---- C:\Windows\system32\jscript.dll
2012-08-16 09:08:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-16 09:08:26 ----A---- C:\Windows\system32\vbscript.dll
2012-08-16 09:08:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-08-16 09:08:24 ----A---- C:\Windows\system32\netapi32.dll
2012-08-16 09:08:24 ----A---- C:\Windows\system32\browser.dll
2012-08-16 09:08:24 ----A---- C:\Windows\system32\browcli.dll
2012-08-16 09:08:23 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-16 09:08:23 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-16 09:08:22 ----A---- C:\Windows\system32\win32k.sys
2012-08-16 09:08:07 ----A---- C:\Windows\system32\localspl.dll
2012-08-08 22:55:02 ----D---- C:\ProgramData\NetSoftware
2012-08-08 22:54:50 ----D---- C:\Program Files\NetSoftware
2012-08-08 20:28:04 ----D---- C:\Users\Karel\AppData\Roaming\ICQ Search
2012-08-08 20:27:08 ----D---- C:\Users\Karel\AppData\Roaming\Mozilla
2012-08-08 20:27:08 ----D---- C:\ProgramData\ICQ
2012-08-08 13:57:46 ----D---- C:\Users\Karel\AppData\Roaming\wargaming.net
2012-08-08 13:57:19 ----D---- C:\Games
2012-08-06 10:24:41 ----A---- C:\Windows\system32\drivers\pmkbdfltr.sys
2012-08-06 10:23:46 ----A---- C:\Windows\system32\drivers\btath_bus.sys
2012-08-06 10:18:04 ----A---- C:\Windows\system32\Vxdif.dll
2012-08-06 10:18:02 ----A---- C:\Windows\system32\drivers\Apfiltr.sys
2012-07-25 12:03:48 ----D---- C:\Windows\Roaming
2012-07-25 12:03:48 ----D---- C:\ProgramData\Motive

======List of files/folders modified in the last 1 month======

2012-08-22 20:44:37 ----D---- C:\Users\Karel\AppData\Roaming\Skype
2012-08-22 20:44:19 ----D---- C:\Windows\system32\config
2012-08-22 20:42:56 ----D---- C:\Windows\Temp
2012-08-22 20:41:08 ----A---- C:\Windows\SYSWOW64\log.txt
2012-08-22 20:38:34 ----D---- C:\Windows
2012-08-22 20:38:11 ----RD---- C:\Program Files (x86)
2012-08-22 20:38:11 ----D---- C:\Windows\Tasks
2012-08-22 20:38:10 ----D---- C:\Program Files (x86)\Hotspot Shield
2012-08-22 20:37:58 ----D---- C:\Program Files (x86)\Microsoft
2012-08-22 20:37:27 ----D---- C:\Program Files (x86)\Google
2012-08-22 14:36:19 ----SHD---- C:\System Volume Information
2012-08-22 12:21:03 ----RD---- C:\Program Files
2012-08-21 23:44:07 ----D---- C:\Windows\Prefetch
2012-08-21 23:12:37 ----D---- C:\Windows\system32\FxsTmp
2012-08-21 21:41:58 ----SHD---- C:\Windows\Installer
2012-08-20 08:57:51 ----D---- C:\Windows\System32
2012-08-20 08:57:51 ----D---- C:\Windows\inf
2012-08-20 08:57:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-19 12:46:25 ----D---- C:\Users\Karel\AppData\Roaming\Uniblue
2012-08-19 12:46:24 ----D---- C:\Program Files (x86)\Uniblue
2012-08-19 12:46:20 ----D---- C:\Windows\system32\Tasks
2012-08-19 12:46:04 ----D---- C:\Program Files\Common Files
2012-08-19 12:46:04 ----D---- C:\Program Files (x86)\Common Files
2012-08-19 12:45:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-19 12:45:07 ----D---- C:\Windows\SysWOW64
2012-08-18 10:09:59 ----D---- C:\Windows\system32\drivers
2012-08-18 10:09:46 ----D---- C:\Windows\system32\catroot
2012-08-18 10:09:43 ----D---- C:\Windows\system32\catroot2
2012-08-18 10:09:39 ----D---- C:\Windows\system32\DriverStore
2012-08-16 09:17:05 ----D---- C:\Windows\winsxs
2012-08-16 09:13:34 ----D---- C:\ProgramData\Microsoft Help
2012-08-16 09:09:04 ----D---- C:\Windows\debug
2012-08-16 09:09:01 ----A---- C:\Windows\system32\MRT.exe
2012-08-15 14:47:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-08 22:55:02 ----HD---- C:\ProgramData
2012-08-08 13:57:33 ----D---- C:\Windows\SYSWOW64\directx
2012-08-08 13:57:25 ----D---- C:\Windows\Logs
2012-08-06 10:19:31 ----D---- C:\Program Files\DellTPad
2012-07-31 20:14:40 ----D---- C:\ProgramData\boost_interprocess
2012-07-31 20:09:59 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-08-18 19264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2012-08-06 416592]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-07-11 3580928]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-08-06 30848]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-11 2484072]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver; C:\Windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-06 18832]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-18 27960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S1 SBRE;SBRE; C:\Windows\system32\drivers\SBRE.sys []
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-07-29 51872]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2012-07-11 43616]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-07-29 270496]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-07-11 250984]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SmbDrv;SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [2012-07-11 22800]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\system32\drivers\Synth3dVsc.sys []
S3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\system32\drivers\VGPU.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-01-18 842784]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-03-26 329544]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-18 1394504]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe []
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-05-24 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2012-04-16 607048]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Karel.exe spusťte Hijackthis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www2.inbox.com/search/dispatcher ... p=aus&qkw=%s&tbid=%tb_id&%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O20 - AppInit_DLLs:

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp<. OTM po sobě uklidí. Nakonec restartujte PC.

[lerak19]

Tak udělal jsem vše jak jste mi poradil a zatím to vypadá že není problém. A jestě bych se chět nemám si změnit heslo na Facebooku, na Skypu atd.? Moc děkuju za rady a za vyřešení mého problému.

[Rudy]

Ani jedna ze smazaných položek nevyhledává, ani nikam neodesílá hesla. Nicméně máte-li pocit, že některé heslo uniklo,klidně jej změňte. Nemáte zač!

[lerak19]

Dobrý den jestě jednou ted jsen na sestřiným počítači protože mam mnohem větčí problém někdo se mi dostal do počítače přes ten vir musel tam nějak zustat otevřel jsem prohlížeč Maxtonh a chvíly se mi to načítalo a pak mi tam skočilo okno Baf lekl ses A takove kraviny mi tam začaly naskakovat a potom na mě začal i mluvit přes muj počítač a začal si tam otevírat ruzne složka koš atd. POmocte mi co stým prosím

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[lerak19]

TAk už jsem to udělal a tady to to dávam



ComboFix 12-08-22.03 - Karel 23.08.2012 9:41.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3767.2330 [GMT 2:00]
Spuštěný z: c:\users\Karel\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
c:\program files (x86)\Complitly
c:\program files (x86)\Complitly\FireFoxExtensionWithFF8Fix.exe
c:\program files (x86)\Complitly\FireFoxUninstaller.exe
c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx
c:\program files (x86)\Complitly\InstTracker.exe
c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files (x86)\Complitly\support@Complitly.com\install.rdf
c:\program files (x86)\Complitly\System.Data.SQLite.dll
c:\program files (x86)\Complitly\unins000.dat
c:\program files (x86)\Complitly\unins000.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VideoWebCamera.exe.lnk
c:\users\Karel\AppData\Roaming\0ad
c:\users\Karel\AppData\Roaming\0ad\config\user.cfg
c:\users\Karel\AppData\Roaming\Microsoft\Windows\Recent\desktop_99243731.ico
c:\users\Karel\Documents\MSDCSC\msdcsc.exe
c:\users\Karel\WINDOWS
c:\users\Karel\WINDOWS\AntiWPA\amd64\AntiWPA.Dll
c:\users\Karel\WINDOWS\AntiWPA\AntiWPA3.cmd
c:\users\Karel\WINDOWS\AntiWPA\readme.txt
c:\users\Karel\WINDOWS\AntiWPA\x86\AntiWPA.Dll
c:\users\Karel\WINDOWS\avast_free_antivirus_setup.exe
c:\users\Karel\WINDOWS\hijackthis.exe
c:\users\Karel\WINDOWS\mseinstall.exe
c:\users\Karel\WINDOWS\RSITx64.exe
c:\users\Karel\WINDOWS\Windows.docx
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-23 do 2012-08-23 )))))))))))))))))))))))))))))))
.
.
2012-08-23 07:46 . 2012-08-23 07:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-22 12:36 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7589E022-B87C-4A4C-BC9B-D78A56C229FF}\mpengine.dll
2012-08-22 10:21 . 2012-08-22 18:44 -------- d-----w- c:\program files\trend micro
2012-08-21 20:28 . 2012-08-23 03:26 -------- d-----w- c:\users\Karel\AppData\Roaming\dclogs
2012-08-21 20:28 . 2012-08-21 20:29 -------- d-s---w- c:\users\Karel\AppData\Roaming\MicroSys
2012-08-21 06:37 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-18 12:18 . 2012-08-18 12:18 -------- d-----w- c:\users\Karel\AppData\Roaming\TortoiseSVN
2012-08-18 12:13 . 2012-08-18 12:13 -------- d-----w- c:\users\Karel\AppData\Local\TSVNCache
2012-08-18 12:06 . 2012-08-18 12:06 -------- d-----w- c:\program files (x86)\TortoiseSVN
2012-08-18 12:06 . 2012-08-18 12:06 -------- d-----w- c:\users\Karel\AppData\Roaming\Subversion
2012-08-18 12:06 . 2012-08-19 10:46 -------- d-----w- c:\program files\TortoiseSVN
2012-08-18 10:53 . 2012-08-18 10:53 -------- d-----w- c:\users\Karel\Aktivace windows
2012-08-18 08:09 . 2012-08-18 08:09 27960 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2012-08-18 00:00 . 2012-08-18 00:00 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2012-08-16 07:08 . 2012-06-16 05:15 911360 ----a-w- c:\windows\system32\jscript.dll
2012-08-16 07:08 . 2012-06-16 05:16 609792 ----a-w- c:\windows\system32\vbscript.dll
2012-08-16 07:08 . 2012-06-16 04:26 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-16 07:08 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 07:08 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 07:08 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 07:08 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 07:08 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 07:08 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-08 20:55 . 2012-08-22 21:42 -------- d-----w- c:\programdata\NetSoftware
2012-08-08 20:54 . 2012-08-22 21:41 -------- d-----w- c:\program files\NetSoftware
2012-08-08 18:28 . 2012-08-08 18:28 -------- d-----w- c:\users\Karel\AppData\Roaming\ICQ Search
2012-08-08 18:27 . 2012-08-08 18:27 -------- d-----w- c:\programdata\ICQ
2012-08-08 11:57 . 2012-08-08 13:52 -------- d-----w- c:\users\Karel\AppData\Roaming\wargaming.net
2012-08-08 11:57 . 2012-08-18 11:48 -------- d-----w- C:\Games
2012-08-06 08:24 . 2012-08-06 08:24 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys
2012-08-06 08:23 . 2012-08-06 08:23 30848 ----a-w- c:\windows\system32\drivers\btath_bus.sys
2012-08-06 08:18 . 2012-08-06 08:18 112504 ----a-w- c:\windows\system32\Vxdif.dll
2012-08-06 08:18 . 2012-08-06 08:18 416592 ----a-w- c:\windows\system32\drivers\Apfiltr.sys
2012-07-25 10:03 . 2012-07-25 10:03 -------- d-----w- c:\windows\Roaming
2012-07-25 10:03 . 2012-07-25 10:03 -------- d-----w- c:\programdata\Motive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 07:09 . 2012-03-01 18:45 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-15 12:47 . 2012-04-01 20:04 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 12:47 . 2012-03-01 21:41 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-13 19:22 . 2012-07-13 19:25 989374 ----a-w- c:\users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Preme.exe
2012-07-11 21:49 . 2012-07-11 21:49 2601816 ----a-w- c:\windows\system32\WavesGUILib.dll
2012-07-11 21:49 . 2012-07-11 21:49 98704 ----a-w- c:\windows\system32\SFSS_APO.dll
2012-07-11 21:49 . 2012-07-11 21:49 81232 ----a-w- c:\windows\system32\SFCOM64.dll
2012-07-11 21:49 . 2012-07-11 21:49 78160 ----a-w- c:\windows\system32\SFAPO64.dll
2012-07-11 21:49 . 2012-07-11 21:49 74064 ----a-w- c:\windows\SysWow64\SFCOM.dll
2012-07-11 21:49 . 2012-07-11 21:49 332392 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2012-07-11 21:49 . 2012-07-11 21:49 220496 ----a-w- c:\windows\system32\SFNHK64.dll
2012-07-11 21:49 . 2012-07-11 21:49 540264 ----a-w- c:\windows\system32\RtkApi64.dll
2012-07-11 21:49 . 2012-07-11 21:49 2620008 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-07-11 21:49 . 2012-07-11 21:49 2484072 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2012-07-11 21:49 . 2012-07-11 21:49 2045032 ----a-w- c:\windows\system32\RtPgEx64.dll
2012-07-11 21:49 . 2012-07-11 21:49 149608 ----a-w- c:\windows\system32\RtkCfg64.dll
2012-07-11 21:49 . 2012-07-11 21:49 1215592 ----a-w- c:\windows\system32\RTCOM64.dll
2012-07-11 21:49 . 2012-07-11 21:49 1146984 ----a-w- c:\windows\system32\RTSnMg64.cpl
2012-07-11 21:49 . 2012-07-11 21:49 81000 ----a-w- c:\windows\system32\RCoInst64.dll
2012-07-11 21:49 . 2012-07-11 21:49 403048 ----a-w- c:\windows\system32\RCoRes64.dat
2012-07-11 21:49 . 2012-07-11 21:49 334848 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2012-07-11 21:49 . 2012-07-11 21:49 334680 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2012-07-11 21:49 . 2012-07-11 21:49 318808 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2012-07-11 21:49 . 2012-07-11 21:49 1756160 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2012-07-11 21:49 . 2012-07-11 21:49 504592 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 489744 ----a-w- c:\windows\system32\DTSSymmetryDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 474896 ----a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 338336 ----a-w- c:\windows\system32\FMAPO64.dll
2012-07-11 21:49 . 2012-07-11 21:49 315152 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 268560 ----a-w- c:\windows\system32\DTSLimiterDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 265488 ----a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 1325328 ----a-w- c:\windows\system32\DTSS2SpeakerDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 124128 ----a-w- c:\windows\system32\DTSLFXAPO64.dll
2012-07-11 21:49 . 2012-07-11 21:49 124128 ----a-w- c:\windows\system32\DTSGFXAPO64.dll
2012-07-11 21:49 . 2012-07-11 21:49 123104 ----a-w- c:\windows\system32\DTSGFXAPONS64.dll
2012-07-11 21:49 . 2012-07-11 21:49 1178384 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 1110800 ----a-w- c:\windows\system32\DTSBoostDLL64.dll
2012-07-11 21:49 . 2012-07-11 21:49 200800 ----a-w- c:\windows\system32\AERTAC64.dll
2012-07-11 21:48 . 2012-07-11 21:48 22800 ----a-w- c:\windows\system32\drivers\Smb_driver.sys
2012-07-11 21:47 . 2012-07-11 21:47 43616 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-07-11 21:47 . 2012-07-11 21:47 20192 ----a-w- c:\windows\system32\btinstall.dll
2012-07-11 21:47 . 2012-07-11 21:47 9888360 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll
2012-07-11 21:47 . 2012-07-11 21:47 250984 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2012-07-11 21:47 . 2012-07-11 21:47 422504 ----a-w- c:\windows\system32\RtsUStor.dll
2012-07-11 21:45 . 2012-07-11 21:45 3580928 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-07-09 09:01 . 2012-07-09 09:01 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-07-09 09:01 . 2012-03-04 11:13 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-30 10:17 . 2012-03-01 19:22 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-09 05:43 . 2012-07-11 04:30 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 04:30 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 04:30 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 04:30 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 04:30 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 04:30 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 04:30 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-18 21:49 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-18 21:50 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-18 21:50 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-18 21:50 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-18 21:49 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-18 21:50 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-18 21:49 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-18 21:49 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-18 21:49 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-11 04:30 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 04:30 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 04:30 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 04:30 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 04:30 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 04:30 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 04:30 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 04:30 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 04:30 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"AppVodBurner"="c:\program files (x86)\VodBurner\vodburner.exe" [2012-03-23 4675072]
"RockMelt Update"="c:\users\Karel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" [2012-04-01 136336]
"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2012-08-03 406936]
"MicroSys"="c:\users\Karel\AppData\Roaming\MicroSys\Launch.exe" [2012-08-21 1395200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-01-22 1287760]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2012-06-22 188928]
.
c:\users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Preme.exe [2012-7-13 989374]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"UseOEMBackground"= 0 (0x0)
"DisplayLastLogonInfo"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 SBRE;SBRE; [x]
R2 BBSvc;BingBar Service; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-07-29 51872]
R3 BBUpdate;BBUpdate; [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-07-29 270496]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-07-11 250984]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-04-05 60504]
R3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys [2012-07-11 22800]
R3 Synth3dVsc;Synth3dVsc; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub; [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 VGPU;VGPU; [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R4 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-05 136176]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-08-18 19264]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-04-05 253528]
S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2011-04-05 94296]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-01-18 842784]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-03-26 329544]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-08-06 30848]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-06 18832]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-18 27960]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 12:47]
.
2012-08-22 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-07-11 10:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-16 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-16 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-09-16 415256]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-01-18 832544]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-11 11465832]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2012-08-06 626552]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 93.99.200.155
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-MicroUpdate - c:\users\Karel\AppData\Local\Temp\MSDCSC\msdcsc.exe
Wow6432Node-HKLM-Run-4StoryPrePatch - c:\program files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (Hodnota není nastavena.)
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-funmoods - c:\program files (x86)\Funmoods\funmoods\1.5.11.16\uninstall.exe
AddRemove-kmpmediatoolbar - c:\program files (x86)\kmpmediatoolbar\uninstall.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_F91D44FAA5479127.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3960194989-3141225315-4198832283-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:09,cc,e6,6c,17,c0,6a,2b,e6,66,c5,f2,ee,8b,77,d6,45,c3,ab,17,3e,bb,92,
ec,10,70,5f,60,b3,7f,fd,32,f0,8d,e6,a5,dd,c3,8e,a4,a1,14,c0,ac,4a,88,4c,04,\
"??"=hex:44,75,84,20,df,19,7b,d4,39,eb,a0,d5,2d,70,35,e9
.
[HKEY_USERS\S-1-5-21-3960194989-3141225315-4198832283-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:03,9f,e6,ba,fa,64,fd,d9,2f,cf,68,de,40,6b,74,ba,71,1d,72,0c,e4,
57,28,79,92,6a,21,7a,3e,0b,01,3c,6f,fe,c7,a7,bf,39,fe,c2,f5,d8,2e,e2,50,ba,\
"rkeysecu"=hex:58,1d,d3,8c,04,28,c4,c2,83,84,69,ee,ee,b3,c7,51
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-08-23 09:48:15
ComboFix-quarantined-files.txt 2012-08-23 07:48
.
Před spuštěním: Volných bajtů: 429 171 777 536
Po spuštění: Volných bajtů: 430 087 401 472
.
- - End Of File - - 8E355CE0CF196B75E8EB8AE9E653E2BE

[Rudy]

Jelikož se ukázalo, že váš systém je nelegální (CF smazal aktivátor), končím se všemi radami. Už pouze jenom jednu: zakupte si legální operační systém a budete mít od podobných jevů pokoj.

[lerak19]

Mám jestě jednu otázku a poslední mám doma originální instalační CD Windows XP Home Edition, které jsem zakoupil už před pár lety v prodejně PC Star. Stačilo by kdybych přeinstaloval tento windows 7 co mám za starší Windows XP Home Edition?

[Rudy]

Pokud je legální, klidně. Tohle fórum se nezabývá pirátským softwarem, pokud jste četl pravidla, vyplývá to z nich jednoznačně.