Prosím o kontrolu logu NTBK
Napsal: 23 bře 2013 13:26
Dobrý deň,
veľmi pekne Vás prosím či by ste sa mi mohli pozrieť na môj log NTBK, v poslednom čase som trošku zanedbal ochranu a hneď sa to podpísalo ...
ntbk mi ide pomaly a fučí aj keď na ňom dokopy nič nerobím aj po dôkladnom prečistení mám pocit že je asi poriadne zanesený .. 
neviem ako si pomôcť tak Vás prosím ak by ste mali chvíľku na to tak budem vďačný ak nie tak aj tak ďakujem za váš čas 
.. Vopred Ďakujem
Tu je log R I S T : ( dúfam že som to urobil správne)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ranevi at 2013-03-23 13:16:42
Microsoft Windows 7 Ultimate
System drive C: has 13 GB (10%) free of 132 GB
Total RAM: 3067 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:17:13, on 23. 3. 2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\BatteryCare\BatteryCare.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
E:\Programy\Viry.cz\RSIT-viry.cz.exe
C:\Program Files\trend micro\Ranevi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1197 ... 265E421FFE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=7 ... g=EN&cc=SK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 127.0.0.2 site2.localhost
O1 - Hosts: 127.0.0.3 site3.localhost
O2 - BHO: SeArcch-oNeewTab - {163B49C2-54DA-8DCA-4E66-65BD73CAF271} - C:\ProgramData\SeArcch-oNeewTab\513afa1b28b45.dll
O2 - BHO: Braouwse2save - {1678DF41-EA7C-60CB-EE03-B07B8C6DD1E4} - C:\ProgramData\Braouwse2save\513af9f71b9c0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ranevi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BatteryCare] C:\Program Files\BatteryCare\BatteryCare.exe
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\browse~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Glasovne poruke (Speechsrv) - Unknown owner - C:\Program Files\LAN Voice Chat\Speechs.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - c:\xampp\service.exe
--
End of file - 8488 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-628334552-2776211444-3103793618-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-628334552-2776211444-3103793618-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Ranevi\AppData\Roaming\Mozilla\Firefox\Profiles\ydbnq3bb.default
prefs.js - "browser.startup.homepage" - "http://www.delta-search.com/?affID=1197 ... 265E421FFE"
prefs.js - "keyword.URL" - "http://websearch.pu-results.info/?pid=7 ... =SK&l=1&q="
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{34712C68-7391-4c47-94F3-8F88D49AD632}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Ranevi\AppData\Roaming\Mozilla\Firefox\Profiles\ydbnq3bb.default\extensions\
ffxtlbr@babylon.com
ffxtlbr@delta.com
staged
C:\Users\Ranevi\AppData\Roaming\Mozilla\Firefox\Profiles\ydbnq3bb.default\searchplugins\
delta.xml
WebSearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{163B49C2-54DA-8DCA-4E66-65BD73CAF271}]
SeArcch-oNeewTab - C:\ProgramData\SeArcch-oNeewTab\513afa1b28b45.dll [2013-03-09 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1678DF41-EA7C-60CB-EE03-B07B8C6DD1E4}]
Braouwse2save - C:\ProgramData\Braouwse2save\513af9f71b9c0.dll [2013-03-09 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29 539888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
delta Helper Object - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll [2013-01-23 247704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll [2013-01-23 321944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [2009-07-20 484920]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-18 1157640]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-08-06 13797920]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-01-25 295072]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Ranevi\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-08 136176]
"AdobeBridge"= []
"BatteryCare"=C:\Program Files\BatteryCare\BatteryCare.exe [2013-02-10 740864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaMessenger]
E:\Hry\Warcraft III\Garena\!plus\Garena Plus\GarenaMessenger.exe [2012-06-20 6760824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
C:\Users\Ranevi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\browse~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAPower"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"VIDC.FMVC"=fmcodec.dll
"vidc.XVID"=xvidvfw.dll
"vidc.yv12"=DivX.dll
"vidc.DIVX"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-03-23 10:15:43 ----D---- C:\ProgramData\BrowserProtect
2013-03-23 10:15:31 ----D---- C:\Users\Ranevi\AppData\Roaming\BabSolution
2013-03-23 10:15:28 ----D---- C:\Program Files\Delta
2013-03-23 10:15:24 ----D---- C:\Users\Ranevi\AppData\Roaming\Delta
2013-03-23 10:14:55 ----D---- C:\Users\Ranevi\AppData\Roaming\Babylon
2013-03-23 10:14:55 ----D---- C:\ProgramData\Babylon
2013-03-09 12:27:24 ----A---- C:\Windows\unins000.exe
2013-03-09 12:27:24 ----A---- C:\Windows\unins000.dat
2013-03-09 12:19:26 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-03-09 12:19:26 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-03-09 12:19:24 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-03-09 12:19:24 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-03-09 12:19:24 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-03-09 12:19:23 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-09 12:19:23 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-03-09 12:19:22 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-09 12:19:21 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-03-09 12:19:18 ----A---- C:\Windows\system32\aswBoot.exe
2013-03-09 12:18:29 ----A---- C:\Windows\avastSS.scr
2013-03-09 09:30:38 ----D---- C:\ProgramData\TEMP
2013-03-09 09:28:57 ----D---- C:\ProgramData\SoftSafe
2013-03-09 09:28:57 ----D---- C:\ProgramData\SeArcch-oNeewTab
2013-03-09 09:28:55 ----D---- C:\Program Files\WebSearch
2013-03-09 09:28:30 ----D---- C:\Program Files\BrowseToSave
2013-03-09 09:28:24 ----D---- C:\ProgramData\Braouwse2save
2013-03-09 09:28:00 ----D---- C:\ProgramData\InstallMate
2013-03-08 20:51:09 ----D---- C:\Users\Ranevi\AppData\Roaming\Malwarebytes
2013-03-08 20:51:03 ----D---- C:\ProgramData\Malwarebytes
2013-03-08 20:51:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-03-08 20:51:02 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-03-08 07:19:18 ----A---- C:\Windows\IsUninst.exe
2013-03-03 16:10:49 ----D---- C:\Users\Ranevi\AppData\Roaming\Mozilla
2013-03-03 16:10:46 ----D---- C:\ProgramData\Mozilla
2013-03-03 16:10:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-03 16:10:44 ----D---- C:\Program Files\Mozilla Firefox
2013-03-03 15:31:03 ----A---- C:\MSN Virus Remover Log 2013_3_3 15_30_59 (EN).txt
2013-03-03 15:28:27 ----A---- C:\MSN Virus Remover Log 2013_3_3 15_28_22 (EN).txt
2013-03-01 09:06:11 ----D---- C:\ProgramData\Local Settings
2013-03-01 09:06:08 ----D---- C:\Users\Ranevi\AppData\Roaming\{994F4882-DDEA-4BE4-81E8-EA6EEDAC6CE1}
2013-03-01 09:05:45 ----D---- C:\Users\Ranevi\AppData\Roaming\{C64C782F-F116-458F-971F-3CFEC4CD44CF}
2013-03-01 09:05:33 ----D---- C:\TEMP
2013-02-26 12:51:48 ----SHD---- C:\Windows\system32\%APPDATA%
======List of files/folders modified in the last 1 month======
2013-03-23 13:16:47 ----D---- C:\Program Files\trend micro
2013-03-23 13:04:21 ----D---- C:\Users\Ranevi\AppData\Roaming\Winamp
2013-03-23 13:03:51 ----D---- C:\Windows\inf
2013-03-23 13:03:50 ----D---- C:\Windows
2013-03-23 13:03:40 ----SHD---- C:\System Volume Information
2013-03-23 13:03:40 ----D---- C:\Windows\temp
2013-03-23 12:59:58 ----D---- C:\Windows\Prefetch
2013-03-23 10:24:06 ----D---- C:\Program Files
2013-03-23 10:18:14 ----D---- C:\Windows\system32\Tasks
2013-03-23 10:15:43 ----D---- C:\ProgramData
2013-03-21 08:19:57 ----D---- C:\Users\Ranevi\AppData\Roaming\Skype
2013-03-21 08:09:28 ----D---- C:\Windows\System32
2013-03-21 08:09:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-17 20:10:26 ----D---- C:\Windows\system32\config
2013-03-16 06:30:49 ----SHD---- C:\Windows\Installer
2013-03-16 06:30:46 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-03-15 03:16:56 ----D---- C:\ProgramData\Adobe
2013-03-15 03:16:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-14 08:09:10 ----D---- C:\Windows\system32\catroot2
2013-03-11 10:12:31 ----D---- C:\Program Files\Opera
2013-03-10 08:44:06 ----D---- C:\Windows\system32\drivers
2013-03-09 13:39:50 ----D---- C:\Filmy
2013-03-09 13:33:39 ----D---- C:\Program Files\Autodesk
2013-03-09 12:48:57 ----SD---- C:\ProgramData\Microsoft
2013-03-09 12:19:13 ----D---- C:\Windows\winsxs
2013-03-09 12:18:08 ----D---- C:\ProgramData\AVAST Software
2013-03-09 12:18:08 ----D---- C:\Program Files\AVAST Software
2013-03-09 09:34:07 ----D---- C:\Windows\Tasks
2013-03-09 09:16:02 ----D---- C:\Windows\TAPI
2013-03-08 20:55:22 ----D---- C:\Users\Ranevi\AppData\Roaming\DAEMON Tools Lite
2013-03-08 20:49:02 ----D---- C:\Program Files\CCleaner
2013-03-07 10:47:01 ----A---- C:\Windows\system32\ssprs.dll
2013-03-07 10:47:01 ----A---- C:\Windows\system32\lsprst7.dll
2013-03-07 10:47:01 ----A---- C:\Windows\SurCode.INI
2013-03-03 15:58:40 ----D---- C:\Users\Ranevi\AppData\Roaming\Real
2013-02-28 15:26:13 ----D---- C:\Users\Ranevi\AppData\Roaming\BatteryCare
2013-02-28 15:25:51 ----D---- C:\Program Files\BatteryCare
2013-02-26 20:01:25 ----D---- C:\Capman
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 21576]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-04 691696]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-08-15 158512]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-08-15 90928]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-08-11 488448]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-08-15 116016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\BatteryCare\WinRing0.sys [2008-07-26 14416]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a897yusr;a897yusr; C:\Windows\system32\drivers\a897yusr.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 catchme;catchme; \??\C:\Users\Ranevi\AppData\Local\Temp\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\E:\Hry\Warcraft III\Garena\!plus\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 mbr;mbr; \??\C:\Users\Ranevi\AppData\Local\Temp\mbr.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys []
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-08-15 104752]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-03-06 2569168]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-06 204800]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-12-10 66872]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 Speechsrv;Glasovne poruke; C:\Program Files\LAN Voice Chat\Speechs.exe [2006-01-11 487424]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 XAMPP;XAMPP Service; c:\xampp\service.exe [2007-12-21 60928]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-26 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-16 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-28 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
veľmi pekne Vás prosím či by ste sa mi mohli pozrieť na môj log NTBK, v poslednom čase som trošku zanedbal ochranu a hneď sa to podpísalo ...
ntbk mi ide pomaly a fučí aj keď na ňom dokopy nič nerobím aj po dôkladnom prečistení mám pocit že je asi poriadne zanesený .. neviem ako si pomôcť tak Vás prosím ak by ste mali chvíľku na to tak budem vďačný ak nie tak aj tak ďakujem za váš čas .. Vopred Ďakujem Tu je log R I S T : ( dúfam že som to urobil správne)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ranevi at 2013-03-23 13:16:42
Microsoft Windows 7 Ultimate
System drive C: has 13 GB (10%) free of 132 GB
Total RAM: 3067 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:17:13, on 23. 3. 2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\BatteryCare\BatteryCare.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ranevi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
E:\Programy\Viry.cz\RSIT-viry.cz.exe
C:\Program Files\trend micro\Ranevi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1197 ... 265E421FFE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=7 ... g=EN&cc=SK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 127.0.0.2 site2.localhost
O1 - Hosts: 127.0.0.3 site3.localhost
O2 - BHO: SeArcch-oNeewTab - {163B49C2-54DA-8DCA-4E66-65BD73CAF271} - C:\ProgramData\SeArcch-oNeewTab\513afa1b28b45.dll
O2 - BHO: Braouwse2save - {1678DF41-EA7C-60CB-EE03-B07B8C6DD1E4} - C:\ProgramData\Braouwse2save\513af9f71b9c0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ranevi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BatteryCare] C:\Program Files\BatteryCare\BatteryCare.exe
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\browse~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Glasovne poruke (Speechsrv) - Unknown owner - C:\Program Files\LAN Voice Chat\Speechs.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - c:\xampp\service.exe
--
End of file - 8488 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-628334552-2776211444-3103793618-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-628334552-2776211444-3103793618-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Ranevi\AppData\Roaming\Mozilla\Firefox\Profiles\ydbnq3bb.default
prefs.js - "browser.startup.homepage" - "http://www.delta-search.com/?affID=1197 ... 265E421FFE"
prefs.js - "keyword.URL" - "http://websearch.pu-results.info/?pid=7 ... =SK&l=1&q="
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{34712C68-7391-4c47-94F3-8F88D49AD632}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Ranevi\AppData\Roaming\Mozilla\Firefox\Profiles\ydbnq3bb.default\extensions\
ffxtlbr@babylon.com
ffxtlbr@delta.com
staged
C:\Users\Ranevi\AppData\Roaming\Mozilla\Firefox\Profiles\ydbnq3bb.default\searchplugins\
delta.xml
WebSearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{163B49C2-54DA-8DCA-4E66-65BD73CAF271}]
SeArcch-oNeewTab - C:\ProgramData\SeArcch-oNeewTab\513afa1b28b45.dll [2013-03-09 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1678DF41-EA7C-60CB-EE03-B07B8C6DD1E4}]
Braouwse2save - C:\ProgramData\Braouwse2save\513af9f71b9c0.dll [2013-03-09 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29 539888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
delta Helper Object - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll [2013-01-23 247704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll [2013-01-23 321944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [2009-07-20 484920]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-18 1157640]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-08-06 13797920]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-01-25 295072]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Ranevi\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-08 136176]
"AdobeBridge"= []
"BatteryCare"=C:\Program Files\BatteryCare\BatteryCare.exe [2013-02-10 740864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaMessenger]
E:\Hry\Warcraft III\Garena\!plus\Garena Plus\GarenaMessenger.exe [2012-06-20 6760824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
C:\Users\Ranevi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\browse~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAPower"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"VIDC.FMVC"=fmcodec.dll
"vidc.XVID"=xvidvfw.dll
"vidc.yv12"=DivX.dll
"vidc.DIVX"=DivX.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-03-23 10:15:43 ----D---- C:\ProgramData\BrowserProtect
2013-03-23 10:15:31 ----D---- C:\Users\Ranevi\AppData\Roaming\BabSolution
2013-03-23 10:15:28 ----D---- C:\Program Files\Delta
2013-03-23 10:15:24 ----D---- C:\Users\Ranevi\AppData\Roaming\Delta
2013-03-23 10:14:55 ----D---- C:\Users\Ranevi\AppData\Roaming\Babylon
2013-03-23 10:14:55 ----D---- C:\ProgramData\Babylon
2013-03-09 12:27:24 ----A---- C:\Windows\unins000.exe
2013-03-09 12:27:24 ----A---- C:\Windows\unins000.dat
2013-03-09 12:19:26 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-03-09 12:19:26 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-03-09 12:19:24 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-03-09 12:19:24 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-03-09 12:19:24 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-03-09 12:19:23 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-09 12:19:23 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-03-09 12:19:22 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-09 12:19:21 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-03-09 12:19:18 ----A---- C:\Windows\system32\aswBoot.exe
2013-03-09 12:18:29 ----A---- C:\Windows\avastSS.scr
2013-03-09 09:30:38 ----D---- C:\ProgramData\TEMP
2013-03-09 09:28:57 ----D---- C:\ProgramData\SoftSafe
2013-03-09 09:28:57 ----D---- C:\ProgramData\SeArcch-oNeewTab
2013-03-09 09:28:55 ----D---- C:\Program Files\WebSearch
2013-03-09 09:28:30 ----D---- C:\Program Files\BrowseToSave
2013-03-09 09:28:24 ----D---- C:\ProgramData\Braouwse2save
2013-03-09 09:28:00 ----D---- C:\ProgramData\InstallMate
2013-03-08 20:51:09 ----D---- C:\Users\Ranevi\AppData\Roaming\Malwarebytes
2013-03-08 20:51:03 ----D---- C:\ProgramData\Malwarebytes
2013-03-08 20:51:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-03-08 20:51:02 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-03-08 07:19:18 ----A---- C:\Windows\IsUninst.exe
2013-03-03 16:10:49 ----D---- C:\Users\Ranevi\AppData\Roaming\Mozilla
2013-03-03 16:10:46 ----D---- C:\ProgramData\Mozilla
2013-03-03 16:10:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-03 16:10:44 ----D---- C:\Program Files\Mozilla Firefox
2013-03-03 15:31:03 ----A---- C:\MSN Virus Remover Log 2013_3_3 15_30_59 (EN).txt
2013-03-03 15:28:27 ----A---- C:\MSN Virus Remover Log 2013_3_3 15_28_22 (EN).txt
2013-03-01 09:06:11 ----D---- C:\ProgramData\Local Settings
2013-03-01 09:06:08 ----D---- C:\Users\Ranevi\AppData\Roaming\{994F4882-DDEA-4BE4-81E8-EA6EEDAC6CE1}
2013-03-01 09:05:45 ----D---- C:\Users\Ranevi\AppData\Roaming\{C64C782F-F116-458F-971F-3CFEC4CD44CF}
2013-03-01 09:05:33 ----D---- C:\TEMP
2013-02-26 12:51:48 ----SHD---- C:\Windows\system32\%APPDATA%
======List of files/folders modified in the last 1 month======
2013-03-23 13:16:47 ----D---- C:\Program Files\trend micro
2013-03-23 13:04:21 ----D---- C:\Users\Ranevi\AppData\Roaming\Winamp
2013-03-23 13:03:51 ----D---- C:\Windows\inf
2013-03-23 13:03:50 ----D---- C:\Windows
2013-03-23 13:03:40 ----SHD---- C:\System Volume Information
2013-03-23 13:03:40 ----D---- C:\Windows\temp
2013-03-23 12:59:58 ----D---- C:\Windows\Prefetch
2013-03-23 10:24:06 ----D---- C:\Program Files
2013-03-23 10:18:14 ----D---- C:\Windows\system32\Tasks
2013-03-23 10:15:43 ----D---- C:\ProgramData
2013-03-21 08:19:57 ----D---- C:\Users\Ranevi\AppData\Roaming\Skype
2013-03-21 08:09:28 ----D---- C:\Windows\System32
2013-03-21 08:09:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-17 20:10:26 ----D---- C:\Windows\system32\config
2013-03-16 06:30:49 ----SHD---- C:\Windows\Installer
2013-03-16 06:30:46 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-03-15 03:16:56 ----D---- C:\ProgramData\Adobe
2013-03-15 03:16:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-14 08:09:10 ----D---- C:\Windows\system32\catroot2
2013-03-11 10:12:31 ----D---- C:\Program Files\Opera
2013-03-10 08:44:06 ----D---- C:\Windows\system32\drivers
2013-03-09 13:39:50 ----D---- C:\Filmy
2013-03-09 13:33:39 ----D---- C:\Program Files\Autodesk
2013-03-09 12:48:57 ----SD---- C:\ProgramData\Microsoft
2013-03-09 12:19:13 ----D---- C:\Windows\winsxs
2013-03-09 12:18:08 ----D---- C:\ProgramData\AVAST Software
2013-03-09 12:18:08 ----D---- C:\Program Files\AVAST Software
2013-03-09 09:34:07 ----D---- C:\Windows\Tasks
2013-03-09 09:16:02 ----D---- C:\Windows\TAPI
2013-03-08 20:55:22 ----D---- C:\Users\Ranevi\AppData\Roaming\DAEMON Tools Lite
2013-03-08 20:49:02 ----D---- C:\Program Files\CCleaner
2013-03-07 10:47:01 ----A---- C:\Windows\system32\ssprs.dll
2013-03-07 10:47:01 ----A---- C:\Windows\system32\lsprst7.dll
2013-03-07 10:47:01 ----A---- C:\Windows\SurCode.INI
2013-03-03 15:58:40 ----D---- C:\Users\Ranevi\AppData\Roaming\Real
2013-02-28 15:26:13 ----D---- C:\Users\Ranevi\AppData\Roaming\BatteryCare
2013-02-28 15:25:51 ----D---- C:\Program Files\BatteryCare
2013-02-26 20:01:25 ----D---- C:\Capman
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 21576]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-04 691696]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-08-15 158512]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-08-15 90928]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-08-11 488448]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-08-15 116016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\BatteryCare\WinRing0.sys [2008-07-26 14416]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a897yusr;a897yusr; C:\Windows\system32\drivers\a897yusr.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 catchme;catchme; \??\C:\Users\Ranevi\AppData\Local\Temp\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\E:\Hry\Warcraft III\Garena\!plus\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 mbr;mbr; \??\C:\Users\Ranevi\AppData\Local\Temp\mbr.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys []
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-08-15 104752]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-03-06 2569168]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-06 204800]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-12-10 66872]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 Speechsrv;Glasovne poruke; C:\Program Files\LAN Voice Chat\Speechs.exe [2006-01-11 487424]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 XAMPP;XAMPP Service; c:\xampp\service.exe [2007-12-21 60928]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-26 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-16 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-28 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL 
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
