VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

nemocnej explorer

https://forum.viry.cz:443/viewtopic.php?t=129057

Stránka 1 z 2

nemocnej explorer

Napsal: 24 bře 2013 18:41
od ebola
zdravim -po zapnutí exploreru trvá naběhnutí asi 30 vteřin.každé další okno to samé.prosim o kontrol logu -díky



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16521 BrowserJavaVersion: 10.17.2
Run by jemin at 18:33:35 on 2013-03-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3070.1738 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
D:\Fraps\fraps.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Program Files\Skype\Phone\Skype.exe
F:\Kies\Kies.exe
C:\Program Files\NoC:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WebTransBHO Class: {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - c:\programdata\langsoft\WebIE.dll
BHO: Groove GFS Browser Helper: {4DB74D06-491C-440D-305E-012400990F3E} - c:\windows\system32\cii.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - f:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Svátky a výročí] c:\program files\oksoftware\svátky a výročí\Vyroci.exe
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [] f:\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [KiesAirMessage] f:\kies\KiesAirMessage.exe -startup
uRun: [KiesPreload] f:\kies\Kies.exe /preload
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [GrooveMonitor] "f:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SpywareTerminatorShield] c:\program files\spyware terminator\SpywareTerminatorShield.exe
mRun: [SpywareTerminatorUpdater] c:\program files\spyware terminator\SpywareTerminatorUpdate.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\jemin\appdata\roaming\micros~1\windows\startm~1\programs\startup\vesmrn~1.lnk - c:\program files\noční obloha\vesmir.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kasper~1.lnk - c:\program files\kaspersky security scan\KSS.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - f:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - f:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - f:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - f:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - f:\program files\microsoft office\office12\ONBttnIE.dll
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\langsoft\WebIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\langsoft\WebIE.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{F5F9714F-8253-4118-93DC-41DFCB3E7387} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - f:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - f:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 validation.sls.microsoft.com
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 atitray;atitray;c:\program files\ray adams\ati tray tools\atitray.sys [2010-10-30 19360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-14 218688]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-11-25 32768]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-11-16 291840]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-3-20 233472]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 100328]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\spyware terminator\st_rsser.exe [2011-11-25 587472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-3-14 383264]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-2-13 37944]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2013-3-20 37344]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 AODDriver4.0;AODDriver4.0;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-3-5 45184]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-5-14 86656]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-2-23 15872]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-23 52224]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-2-14 1343400]
.
=============== Created Last 30 ================
.
2013-03-23 17:31:20 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{31d5bdbd-d79d-46f7-bd98-778cd1fb3c96}\offreg.dll
2013-03-23 08:38:55 7108640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{31d5bdbd-d79d-46f7-bd98-778cd1fb3c96}\mpengine.dll
2013-03-21 10:20:31 740840 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f596c12f-278b-426a-ac33-37785819496d}\gapaengine.dll
2013-03-21 10:20:15 7108640 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-03-20 15:22:35 37344 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2013-03-20 15:22:35 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe
2013-03-20 15:22:35 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2013-03-18 19:35:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-18 19:32:21 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-18 15:01:45 8952608 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-18 15:01:45 892704 ----a-w- c:\windows\system32\nvdispgenco3231421.dll
2013-03-18 15:01:45 7959000 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-18 15:01:45 6271872 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-18 15:01:45 481056 ----a-w- c:\windows\system32\nvEncodeAPI.dll
2013-03-18 15:01:45 2728736 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-18 15:01:45 205184 ----a-w- c:\windows\system32\nvinit.dll
2013-03-18 15:01:45 1995552 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-18 15:01:45 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-18 15:01:45 1012512 ----a-w- c:\windows\system32\nvdispco3231421.dll
2013-03-18 15:01:44 20542752 ----a-w- c:\windows\system32\nvoglv32.dll
2013-03-17 15:56:31 -------- d-----w- C:\CFLog
2013-03-15 22:10:13 -------- d-----w- c:\users\jemin\.objectdb
2013-03-15 16:55:34 28600 ----a-w- c:\windows\system32\nvhdap32.dll
2013-03-15 16:55:34 154040 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2013-03-15 16:55:30 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll
2013-03-15 16:55:30 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll
2013-03-15 09:18:48 -------- d-----w- c:\users\jemin\appdata\roaming\NVIDIA
2013-03-15 08:39:10 634144 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 08:39:10 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 08:39:10 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-15 08:39:10 3014432 ----a-w- c:\windows\system32\nvsvc.dll
2013-03-15 08:39:10 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 08:39:09 4119328 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 08:39:09 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 08:38:41 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-03-15 08:38:28 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2013-03-15 08:38:27 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-03-15 08:37:36 13001456 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-03-15 08:37:28 968408 ----a-w- c:\windows\system32\nvumdshim.dll
2013-03-15 08:37:27 15042928 ----a-w- c:\windows\system32\nvd3dum.dll
2013-03-15 08:37:26 2539128 ----a-w- c:\windows\system32\nvapi.dll
2013-03-14 02:38:26 559904 ----a-w- c:\windows\system32\nvStreaming.exe
2013-03-09 05:40:19 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-04 16:53:54 -------- d-----w- c:\users\jemin\appdata\roaming\LangSoft
2013-02-26 06:55:22 65536 ----a-w- c:\windows\system32\frapsvid.dll
2013-02-23 08:37:47 -------- d-----w- c:\windows\system32\3045
2013-02-22 14:37:49 -------- d-----w- c:\users\jemin\appdata\roaming\Mikrotik
.
==================== Find3M ====================
.
2013-03-23 17:17:49 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-03-23 17:17:49 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-03-19 18:36:18 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-03-19 18:35:52 214520 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-03-18 19:35:21 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-15 09:36:36 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-15 09:36:36 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-09 05:40:09 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-09 05:40:09 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-06 06:42:10 83864 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-02-06 06:42:08 181784 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 14:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59:04 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-05 05:00:15 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 04:50:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-01-03 05:05:20 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 05:04:43 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
============= FINISH: 18:34:58,82 ===============

Re: nemocnej explorer

Napsal: 24 bře 2013 19:07
od Rudy
Zdravím!
Nejprve spusťte tuto utilitu:
Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: nemocnej explorer

Napsal: 24 bře 2013 19:19
od ebola
zdravíčko :) log je zde :


# AdwCleaner v2.109 - Logfile created 03/23/2013 at 19:18:48
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : jemin - JEMIN-PC
# Boot Mode : Normal
# Running from : C:\Users\jemin\Desktop\adwcleaner_2.110.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKU\S-1-5-21-1988456262-1892088117-3691384259-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [9100 octets] - [01/11/2012 21:08:13]
AdwCleaner[R2].txt - [9160 octets] - [01/11/2012 21:08:40]
AdwCleaner[R3].txt - [9218 octets] - [02/11/2012 18:24:42]
AdwCleaner[R4].txt - [3207 octets] - [23/03/2013 18:20:51]
AdwCleaner[R5].txt - [3267 octets] - [23/03/2013 18:21:10]
AdwCleaner[R6].txt - [2933 octets] - [23/03/2013 19:18:48]
AdwCleaner[S1].txt - [8457 octets] - [02/11/2012 18:24:54]
AdwCleaner[S2].txt - [3073 octets] - [23/03/2013 18:21:19]

########## EOF - C:\AdwCleaner[R6].txt - [3113 octets] ##########

Re: nemocnej explorer

Napsal: 24 bře 2013 19:43
od Rudy
Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

Re: nemocnej explorer

Napsal: 24 bře 2013 21:28
od ebola
tady je log :

# AdwCleaner v2.109 - Logfile created 03/23/2013 at 21:22:54
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : jemin - JEMIN-PC
# Boot Mode : Normal
# Running from : C:\Users\jemin\Desktop\adwcleaner_2.110.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [9100 octets] - [01/11/2012 21:08:13]
AdwCleaner[R2].txt - [9160 octets] - [01/11/2012 21:08:40]
AdwCleaner[R3].txt - [9218 octets] - [02/11/2012 18:24:42]
AdwCleaner[R4].txt - [3207 octets] - [23/03/2013 18:20:51]
AdwCleaner[R5].txt - [3267 octets] - [23/03/2013 18:21:10]
AdwCleaner[R6].txt - [3182 octets] - [23/03/2013 19:18:48]
AdwCleaner[R7].txt - [3242 octets] - [23/03/2013 21:22:44]
AdwCleaner[S1].txt - [8457 octets] - [02/11/2012 18:24:54]
AdwCleaner[S2].txt - [3073 octets] - [23/03/2013 18:21:19]
AdwCleaner[S3].txt - [3060 octets] - [23/03/2013 21:22:54]

########## EOF - C:\AdwCleaner[S3].txt - [3120 octets] ##########

Re: nemocnej explorer

Napsal: 24 bře 2013 22:13
od Rudy
Dejte nový log RSIT.

Re: nemocnej explorer

Napsal: 25 bře 2013 15:57
od ebola
-RSIT nejde udělat log.program se sekne a jde ukončit jen přes správce úloh.
zde je log z DDS :

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16521 BrowserJavaVersion: 10.17.2
Run by jemin at 15:55:58 on 2013-03-24
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3070.1340 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
D:\Fraps\fraps.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
F:\Kies\Kies.exe
C:\Program Files\NoC:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
f:\Program Files\DAEMON Tools Pro\DTProShellHlp.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WebTransBHO Class: {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - c:\programdata\langsoft\WebIE.dll
BHO: Groove GFS Browser Helper: {4DB74D06-491C-440D-305E-012400990F3E} - c:\windows\system32\cii.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - f:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Svátky a výročí] c:\program files\oksoftware\svátky a výročí\Vyroci.exe
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [KiesAirMessage] f:\kies\KiesAirMessage.exe -startup
uRun: [KiesPreload] f:\kies\Kies.exe /preload
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [GrooveMonitor] "f:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SpywareTerminatorShield] c:\program files\spyware terminator\SpywareTerminatorShield.exe
mRun: [SpywareTerminatorUpdater] c:\program files\spyware terminator\SpywareTerminatorUpdate.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\jemin\appdata\roaming\micros~1\windows\startm~1\programs\startup\vesmrn~1.lnk - c:\program files\noční obloha\vesmir.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kasper~1.lnk - c:\program files\kaspersky security scan\KSS.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - f:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - f:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - f:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - f:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - f:\program files\microsoft office\office12\ONBttnIE.dll
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\langsoft\WebIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\langsoft\WebIE.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{F5F9714F-8253-4118-93DC-41DFCB3E7387} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - f:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - f:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 validation.sls.microsoft.com
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 atitray;atitray;c:\program files\ray adams\ati tray tools\atitray.sys [2010-10-30 19360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-14 218688]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-11-25 32768]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-11-16 291840]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-3-20 233472]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 100328]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\spyware terminator\st_rsser.exe [2011-11-25 587472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-3-14 383264]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-2-13 37944]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2013-3-20 37344]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 AODDriver4.0;AODDriver4.0;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-3-5 45184]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-5-14 86656]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-2-23 15872]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-23 52224]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-2-14 1343400]
.
=============== Created Last 30 ================
.
2013-03-24 14:22:50 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{31d5bdbd-d79d-46f7-bd98-778cd1fb3c96}\offreg.dll
2013-03-23 08:38:55 7108640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{31d5bdbd-d79d-46f7-bd98-778cd1fb3c96}\mpengine.dll
2013-03-21 10:20:31 740840 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f596c12f-278b-426a-ac33-37785819496d}\gapaengine.dll
2013-03-21 10:20:15 7108640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-03-20 15:22:35 37344 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2013-03-20 15:22:35 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe
2013-03-20 15:22:35 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2013-03-18 19:35:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-18 19:32:21 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-18 15:01:45 8952608 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-18 15:01:45 892704 ----a-w- c:\windows\system32\nvdispgenco3231421.dll
2013-03-18 15:01:45 7959000 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-18 15:01:45 6271872 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-18 15:01:45 481056 ----a-w- c:\windows\system32\nvEncodeAPI.dll
2013-03-18 15:01:45 2728736 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-18 15:01:45 205184 ----a-w- c:\windows\system32\nvinit.dll
2013-03-18 15:01:45 1995552 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-18 15:01:45 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-18 15:01:45 1012512 ----a-w- c:\windows\system32\nvdispco3231421.dll
2013-03-18 15:01:44 20542752 ----a-w- c:\windows\system32\nvoglv32.dll
2013-03-17 15:56:31 -------- d-----w- C:\CFLog
2013-03-15 22:10:13 -------- d-----w- c:\users\jemin\.objectdb
2013-03-15 16:55:34 28600 ----a-w- c:\windows\system32\nvhdap32.dll
2013-03-15 16:55:34 154040 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2013-03-15 16:55:30 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll
2013-03-15 16:55:30 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll
2013-03-15 09:18:48 -------- d-----w- c:\users\jemin\appdata\roaming\NVIDIA
2013-03-15 08:39:10 634144 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 08:39:10 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 08:39:10 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-15 08:39:10 3014432 ----a-w- c:\windows\system32\nvsvc.dll
2013-03-15 08:39:10 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 08:39:09 4119328 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 08:39:09 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 08:38:41 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-03-15 08:38:28 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2013-03-15 08:38:27 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-03-15 08:37:36 13001456 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-03-15 08:37:28 968408 ----a-w- c:\windows\system32\nvumdshim.dll
2013-03-15 08:37:27 15042928 ----a-w- c:\windows\system32\nvd3dum.dll
2013-03-15 08:37:26 2539128 ----a-w- c:\windows\system32\nvapi.dll
2013-03-14 02:38:26 559904 ----a-w- c:\windows\system32\nvStreaming.exe
2013-03-09 05:40:19 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-04 16:53:54 -------- d-----w- c:\users\jemin\appdata\roaming\LangSoft
2013-02-26 06:55:22 65536 ----a-w- c:\windows\system32\frapsvid.dll
2013-02-23 08:37:47 -------- d-----w- c:\windows\system32\3045
.
==================== Find3M ====================
.
2013-03-23 17:17:49 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-03-23 17:17:49 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-03-19 18:36:18 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-03-19 18:35:52 214520 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-03-18 19:35:21 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-15 09:36:36 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-15 09:36:36 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-09 05:40:09 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-09 05:40:09 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-06 06:42:10 83864 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-02-06 06:42:08 181784 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 14:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59:04 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-05 05:00:15 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 04:50:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-01-03 05:05:20 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 05:04:43 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
============= FINISH: 15:56:38,26 ===============

Re: nemocnej explorer

Napsal: 25 bře 2013 18:16
od Rudy
Pomocí CCleaneru: http://forum.viry.cz/viewtopic.php?f=46&t=7478 vyčistěte systém od dočasných souborů a prázdných registry klíčů.

Re: nemocnej explorer

Napsal: 25 bře 2013 19:44
od ebola
tak tady je log :


Logfile of random's system information tool 1.09 (written by random/random)
Run by jemin at 2013-03-24 19:44:07
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 1 GB (4%) free of 30 GB
Total RAM: 3070 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:26, on 24.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
D:\Fraps\fraps.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
F:\Kies\Kies.exe
C:\Program Files\Noční obloha\vesmir.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wuauclt.exe
f:\Program Files\DAEMON Tools Pro\DTProShellHlp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\jemin\Desktop\RSIT.exe
C:\Program Files\trend micro\jemin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {4DB74D06-491C-440D-305E-012400990F3E} - C:\Windows\system32\cii.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesAirMessage] F:\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPreload] F:\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1988456262-1892088117-3691384259-1020\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1988456262-1892088117-3691384259-1020\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: Kaspersky Security Scan.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://f:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://f:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://f:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 10092 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-10-22 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DB74D06-491C-440D-305E-012400990F3E}]
Groove GFS Browser Helper - C:\Windows\system32\cii.dll [2010-11-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-09 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
"GrooveMonitor"=F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-09-07 3673808]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe [2006-04-28 1019904]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2012-08-23 366576]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"KiesAirMessage"=F:\Kies\KiesAirMessage.exe [2013-02-06 578560]
"KiesPreload"=F:\Kies\Kies.exe [2013-02-13 1509232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Kaspersky Security Scan.lnk - C:\Program Files\Kaspersky Security Scan\KSS.exe

C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Vesmír na dlani.lnk - C:\Program Files\Noční obloha\vesmir.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2011-06-19 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3radius"=l3codecp.acm
"msacm.divxa"=divxa32.acm
"msacm.a3d"=a3d.dll
"msacm.ogg"=ogg.dll
"msacm.vorbisenc"=vorbisenc.dll
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.3ivx"=3ivx.dll
"vidc.3ivxvfw"=3ivxVfWCodec.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.lameacm"=LameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-24 15:50:55 ----D---- C:\rsit
2013-03-23 21:22:54 ----A---- C:\AdwCleaner[S3].txt
2013-03-23 21:22:44 ----A---- C:\AdwCleaner[R7].txt
2013-03-23 19:18:48 ----A---- C:\AdwCleaner[R6].txt
2013-03-23 18:21:19 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 18:21:10 ----A---- C:\AdwCleaner[R5].txt
2013-03-23 18:20:51 ----A---- C:\AdwCleaner[R4].txt
2013-03-20 16:22:35 ----A---- C:\Windows\system32\FsUsbExService.Exe
2013-03-20 16:22:35 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2013-03-20 16:22:35 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2013-03-18 20:36:43 ----A---- C:\Windows\system32\wininet.dll
2013-03-18 20:36:43 ----A---- C:\Windows\system32\urlmon.dll
2013-03-18 20:36:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-18 20:36:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-18 20:36:43 ----A---- C:\Windows\system32\msls31.dll
2013-03-18 20:36:43 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-18 20:36:43 ----A---- C:\Windows\system32\elshyph.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\wextract.exe
2013-03-18 20:36:42 ----A---- C:\Windows\system32\vbscript.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\occache.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\msrating.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\mshtml.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\mshta.exe
2013-03-18 20:36:42 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-18 20:36:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\jscript.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\inseng.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\imgutil.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\iexpress.exe
2013-03-18 20:36:42 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-18 20:36:42 ----A---- C:\Windows\system32\iertutil.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\iepeers.dll
2013-03-18 20:36:42 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\webcheck.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\url.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-18 20:36:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\jscript9.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\ieui.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\iesetup.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\iernonce.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\ieframe.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-18 20:36:41 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-18 20:36:41 ----A---- C:\Windows\system32\icardie.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-18 20:36:41 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-18 20:35:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-18 20:35:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\FntCache.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\dxgi.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\DWrite.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d3d11.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d3d10.dll
2013-03-18 20:35:20 ----A---- C:\Windows\system32\d2d1.dll
2013-03-18 20:32:21 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvopencl.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvinit.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvEncodeAPI.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvdispgenco3231421.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvdispco3231421.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvcuvid.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvcuda.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\nvcompiler.dll
2013-03-18 16:01:45 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-03-18 16:01:44 ----A---- C:\Windows\system32\nvoglv32.dll
2013-03-17 16:56:31 ----D---- C:\CFLog
2013-03-15 17:57:53 ----D---- C:\Program Files\AGEIA Technologies
2013-03-15 17:55:34 ----A---- C:\Windows\system32\nvhdap32.dll
2013-03-15 17:55:34 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2013-03-15 17:55:30 ----A---- C:\Windows\system32\nvdispgenco3220162.dll
2013-03-15 17:55:30 ----A---- C:\Windows\system32\nvdispco3220294.dll
2013-03-15 10:18:48 ----D---- C:\Users\jemin\AppData\Roaming\NVIDIA
2013-03-15 09:39:35 ----D---- C:\ProgramData\NVIDIA
2013-03-15 09:39:10 ----A---- C:\Windows\system32\nvvsvc.exe
2013-03-15 09:39:10 ----A---- C:\Windows\system32\nvsvcr.dll
2013-03-15 09:39:10 ----A---- C:\Windows\system32\nvsvc.dll
2013-03-15 09:39:10 ----A---- C:\Windows\system32\nvshext.dll
2013-03-15 09:39:09 ----A---- C:\Windows\system32\nvmctray.dll
2013-03-15 09:39:09 ----A---- C:\Windows\system32\nvcpl.dll
2013-03-15 09:38:41 ----D---- C:\ProgramData\NVIDIA Corporation
2013-03-15 09:38:28 ----A---- C:\Windows\system32\nvdispco32.dll
2013-03-15 09:38:27 ----A---- C:\Windows\system32\nvdispgenco32.dll
2013-03-15 09:37:36 ----A---- C:\Windows\system32\nvwgf2um.dll
2013-03-15 09:37:28 ----A---- C:\Windows\system32\nvumdshim.dll
2013-03-15 09:37:27 ----A---- C:\Windows\system32\nvd3dum.dll
2013-03-15 09:37:26 ----A---- C:\Windows\system32\nvapi.dll
2013-03-14 03:38:26 ----A---- C:\Windows\system32\nvStreaming.exe
2013-03-09 06:40:48 ----A---- C:\Windows\system32\javaws.exe
2013-03-09 06:40:19 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-09 06:40:19 ----A---- C:\Windows\system32\javaw.exe
2013-03-09 06:40:19 ----A---- C:\Windows\system32\java.exe
2013-03-04 17:53:54 ----D---- C:\Users\jemin\AppData\Roaming\LangSoft
2013-02-26 07:55:22 ----A---- C:\Windows\system32\frapsvid.dll

======List of files/folders modified in the last 1 month======

2013-03-24 19:44:10 ----D---- C:\Program Files\trend micro
2013-03-24 19:43:40 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2013-03-24 19:43:04 ----D---- C:\Windows\Temp
2013-03-24 19:43:04 ----D---- C:\Windows\debug
2013-03-24 19:43:04 ----D---- C:\Windows
2013-03-24 19:42:04 ----D---- C:\Windows\Prefetch
2013-03-24 17:43:54 ----D---- C:\Windows\System32
2013-03-24 15:54:39 ----D---- C:\Windows\system32\NDF
2013-03-24 15:22:21 ----D---- C:\Windows\system32\Tasks
2013-03-24 15:22:02 ----D---- C:\ProgramData\Spyware Terminator
2013-03-24 13:33:19 ----D---- C:\Windows\system32\config
2013-03-23 20:23:39 ----SHD---- C:\System Volume Information
2013-03-23 18:21:19 ----HD---- C:\ProgramData
2013-03-23 18:21:19 ----D---- C:\Program Files
2013-03-23 18:17:49 ----A---- C:\Windows\system32\PnkBstrB.exe
2013-03-22 06:57:39 ----D---- C:\ProgramData\Steam
2013-03-22 06:56:37 ----RSD---- C:\Windows\assembly
2013-03-20 22:14:35 ----D---- C:\Windows\system32\catroot
2013-03-20 18:34:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-20 18:31:25 ----D---- C:\Windows\system32\drivers
2013-03-20 18:31:25 ----D---- C:\Windows\inf
2013-03-20 18:31:24 ----D---- C:\Windows\system32\DriverStore
2013-03-20 18:26:59 ----D---- C:\Windows\system32\catroot2
2013-03-20 17:57:04 ----D---- C:\Windows\Microsoft.NET
2013-03-20 15:32:24 ----SD---- C:\Users\jemin\AppData\Roaming\Microsoft
2013-03-20 11:17:00 ----D---- C:\Users\jemin\AppData\Roaming\vlc
2013-03-18 21:09:28 ----D---- C:\Windows\winsxs
2013-03-18 21:08:25 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-18 21:07:28 ----D---- C:\Windows\system32\sk-SK
2013-03-18 21:07:28 ----D---- C:\Windows\system32\cs-CZ
2013-03-18 21:07:28 ----D---- C:\Windows\AppPatch
2013-03-18 21:07:28 ----D---- C:\Program Files\Internet Explorer
2013-03-18 21:07:27 ----D---- C:\Windows\system32\migration
2013-03-18 21:07:27 ----D---- C:\Windows\system32\en-US
2013-03-18 21:07:27 ----D---- C:\Windows\PolicyDefinitions
2013-03-18 21:07:26 ----D---- C:\Windows\system32\zh-TW
2013-03-18 21:07:26 ----D---- C:\Windows\system32\zh-HK
2013-03-18 21:07:26 ----D---- C:\Windows\system32\zh-CN
2013-03-18 21:07:26 ----D---- C:\Windows\system32\tr-TR
2013-03-18 21:07:26 ----D---- C:\Windows\system32\sv-SE
2013-03-18 21:07:26 ----D---- C:\Windows\system32\ru-RU
2013-03-18 21:07:26 ----D---- C:\Windows\system32\pt-PT
2013-03-18 21:07:26 ----D---- C:\Windows\system32\pt-BR
2013-03-18 21:07:26 ----D---- C:\Windows\system32\pl-PL
2013-03-18 21:07:26 ----D---- C:\Windows\system32\nl-NL
2013-03-18 21:07:26 ----D---- C:\Windows\system32\nb-NO
2013-03-18 21:07:26 ----D---- C:\Windows\system32\ko-KR
2013-03-18 21:07:26 ----D---- C:\Windows\system32\ja-JP
2013-03-18 21:07:26 ----D---- C:\Windows\system32\it-IT
2013-03-18 21:07:26 ----D---- C:\Windows\system32\hu-HU
2013-03-18 21:07:26 ----D---- C:\Windows\system32\fr-FR
2013-03-18 21:07:26 ----D---- C:\Windows\system32\fi-FI
2013-03-18 21:07:26 ----D---- C:\Windows\system32\es-ES
2013-03-18 21:07:26 ----D---- C:\Windows\system32\el-GR
2013-03-18 21:07:26 ----D---- C:\Windows\system32\de-DE
2013-03-18 21:07:26 ----D---- C:\Windows\system32\da-DK
2013-03-18 20:42:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-18 20:42:31 ----SHD---- C:\Windows\Installer
2013-03-18 20:42:30 ----SHD---- C:\Config.Msi
2013-03-18 20:41:03 ----D---- C:\Windows\Logs
2013-03-18 16:04:33 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-18 14:04:51 ----D---- C:\Users\jemin\AppData\Roaming\dvdcss
2013-03-17 16:31:04 ----D---- C:\ProgramData\PMB Files
2013-03-16 14:40:24 ----D---- C:\ProgramData\Electronic Arts
2013-03-16 01:07:08 ----D---- C:\Windows\Tasks
2013-03-16 00:27:05 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-15 21:53:34 ----HD---- C:\Program Files\Common Files\EAInstaller
2013-03-15 10:36:36 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-15 09:39:34 ----RD---- C:\Users
2013-03-15 09:39:00 ----D---- C:\Windows\Help
2013-03-15 09:38:49 ----D---- C:\Temp
2013-03-15 09:36:49 ----D---- C:\Windows\pss
2013-03-15 09:31:43 ----D---- C:\Users\jemin\AppData\Roaming\Media Player Classic
2013-03-15 09:31:43 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-03-14 17:02:18 ----D---- C:\Program Files\Common Files
2013-03-14 17:02:11 ----D---- C:\Program Files\ATI Technologies
2013-03-13 16:41:58 ----D---- C:\Windows\Minidump
2013-03-12 19:47:14 ----D---- C:\ProgramData\AMD
2013-03-09 06:40:09 ----A---- C:\Windows\system32\npdeployJava1.dll
2013-03-09 06:40:09 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-05 19:30:37 ----D---- C:\ProgramData\Adobe
2013-03-03 14:24:51 ----AD---- C:\ProgramData\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-13 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 atitray;atitray; \??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2010-10-30 19360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-14 218688]
R1 MpKsl5b05cedc;MpKsl5b05cedc; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31D5BDBD-D79D-46F7-BD98-778CD1FB3C96}\MpKsl5b05cedc.sys [2013-03-24 29904]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-02-13 281760]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-02-13 25888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-01-25 3386792]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-12-19 154040]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-11-11 295272]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 4194816]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 290304]
S3 AODDriver4.0;AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-03-05 45184]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 4194816]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 83864]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2011-08-02 18432]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 181784]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-09-28 44544]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 291840]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2013-02-05 233472]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 634144]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-14 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-11-30 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2013-03-23 214520]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 553440]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; F:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NBService;NBService; D:\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-14 1343400]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: nemocnej explorer

Napsal: 25 bře 2013 19:49
od Rudy
Log je OK. Nastala nějaká změna?

Re: nemocnej explorer

Napsal: 25 bře 2013 20:08
od ebola
bohužel ne :( -explorer nabíhá stále pomalu

Re: nemocnej explorer

Napsal: 25 bře 2013 20:35
od Rudy
Explorer, nebo internet explorer? To je totiž rozdíl.

Re: nemocnej explorer

Napsal: 25 bře 2013 21:02
od ebola
internet explorer

Re: nemocnej explorer

Napsal: 25 bře 2013 21:10
od Rudy
Myslíte start IE, nebo načtení stránky?

Re: nemocnej explorer

Napsal: 26 bře 2013 03:41
od ebola
po kliknutí na IE je vidět asi půl minuty jen bílá stránka. u každého nového okna to samé.po načtení už stránky nabíhají hned.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz