Nedaří se mi zbavit policejního ransomware, prosím o kontrolu logu RSIT. Notebook jde spustit jen v režimu nouze s příkazovou řádkou.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Marťa at 2013-06-04 17:53:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 151 GB (52%) free of 293 GB
Total RAM: 2036 MB (66% free)
HijackThis download failed
=========Mozilla firefox=========
ProfilePath - C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default
prefs.js - "browser.startup.homepage" - "http://www.msn.com/?pc=UP22&ocid=UP22DHP&dt=020413"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP22DF& ... =020413&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default\extensions\
DTToolbar@toolbarnet.com
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default\searchplugins\
bingp.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-19 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-10-16 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-10-16 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-10-16 150552]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-03 1594664]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-10-12 495708]
"HP"=C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe [2009-07-14 589104]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104]
"HPToneControl"=C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [2009-08-21 100408]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-02-19 149280]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]
"ZumoDrive"=C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2010-07-08 2038]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-06-07 421776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Simplify Media"=C:\Program Files\Hp\HP MediaStream\HPMediaStream.exe [2009-11-11 21499400]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Pin Stardock MyColors.lnk - C:\Program Files\Stardock\MyColors\SDDelayedLaunch.exe
Stardock MyColors.lnk - C:\Program Files\Stardock\MyColors\SDDelayedLaunch.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Users\Marťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2010-01-08 177512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-06-04 22:35:46 ----AD---- C:\$Anvi Rescue Disk$
2013-06-04 17:53:17 ----D---- C:\Program Files\trend micro
2013-06-04 17:53:16 ----D---- C:\rsit
2013-06-02 15:09:03 ----D---- C:\FRST
2013-06-02 11:10:02 ----A---- C:\Windows\ntbtlog.txt
2013-06-02 10:59:42 ----A---- C:\Users\Marťa\AppData\Roaming\skype.ini
2013-05-26 11:06:59 ----A---- C:\Windows\system32\wininet.dll
2013-05-26 11:06:59 ----A---- C:\Windows\system32\urlmon.dll
2013-05-26 11:06:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-26 11:06:59 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-26 11:06:59 ----A---- C:\Windows\system32\msrating.dll
2013-05-26 11:06:59 ----A---- C:\Windows\system32\msls31.dll
2013-05-26 11:06:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-26 11:06:59 ----A---- C:\Windows\system32\iertutil.dll
2013-05-26 11:06:59 ----A---- C:\Windows\system32\elshyph.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\wextract.exe
2013-05-26 11:06:58 ----A---- C:\Windows\system32\webcheck.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\vbscript.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\url.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-26 11:06:58 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\occache.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\mshtml.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\mshta.exe
2013-05-26 11:06:58 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-26 11:06:58 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\jscript9.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\jscript.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\inseng.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\imgutil.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\iexpress.exe
2013-05-26 11:06:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-26 11:06:58 ----A---- C:\Windows\system32\ieui.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\iesetup.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\iernonce.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\iepeers.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\ieframe.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\ieapfltr.dat
2013-05-26 11:06:58 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-26 11:06:58 ----A---- C:\Windows\system32\icardie.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-26 11:06:58 ----A---- C:\Windows\system32\dxtmsft.dll
2013-05-24 10:00:10 ----D---- C:\Program Files\Mozilla Firefox
2013-05-15 19:52:15 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 19:52:14 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 19:52:11 ----A---- C:\Windows\system32\win32k.sys
2013-05-15 19:51:25 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 19:51:24 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 19:50:56 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 19:50:54 ----A---- C:\Windows\system32\consent.exe
2013-05-15 19:50:54 ----A---- C:\Windows\system32\authui.dll
2013-05-15 19:50:53 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 19:50:53 ----A---- C:\Windows\system32\appinfo.dll
======List of files/folders modified in the last 1 month======
2013-06-05 02:26:29 ----D---- C:\ProgramData\Recovery
2013-06-04 17:53:17 ----RD---- C:\Program Files
2013-06-04 17:53:11 ----D---- C:\Windows\System32
2013-06-04 17:53:11 ----D---- C:\Windows\inf
2013-06-04 17:53:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-06-04 17:53:02 ----D---- C:\Windows\Temp
2013-06-04 16:21:53 ----D---- C:\Windows\system32\config
2013-06-02 15:54:09 ----D---- C:\Windows\Prefetch
2013-06-02 15:47:23 ----HD---- C:\ProgramData
2013-06-02 15:47:23 ----A---- C:\ProgramData\HPWALog.txt
2013-06-02 15:09:06 ----D---- C:\Windows
2013-06-02 14:51:11 ----D---- C:\Windows\system32\catroot2
2013-06-02 10:43:30 ----D---- C:\Users\Marťa\AppData\Roaming\Skype
2013-05-28 17:49:48 ----SHD---- C:\Windows\Installer
2013-05-26 22:37:23 ----D---- C:\Windows\rescache
2013-05-26 12:25:53 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-26 12:23:08 ----D---- C:\Windows\winsxs
2013-05-26 12:19:31 ----D---- C:\Windows\system32\cs-CZ
2013-05-26 12:19:31 ----D---- C:\Program Files\Internet Explorer
2013-05-26 12:19:29 ----D---- C:\Windows\system32\migration
2013-05-26 12:19:29 ----D---- C:\Windows\system32\en-US
2013-05-26 12:19:29 ----D---- C:\Windows\PolicyDefinitions
2013-05-26 11:17:38 ----D---- C:\Windows\Logs
2013-05-26 11:16:13 ----D---- C:\Windows\system32\catroot
2013-05-17 19:32:27 ----D---- C:\Windows\Microsoft.NET
2013-05-17 19:32:26 ----RSD---- C:\Windows\assembly
2013-05-16 15:43:45 ----D---- C:\Windows\AppPatch
2013-05-16 15:43:44 ----D---- C:\Windows\system32\drivers
2013-05-16 12:45:36 ----D---- C:\ProgramData\Microsoft Help
2013-05-16 07:47:43 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-11-03 230192]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-05-03 691696]
S1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
S1 DVMIO;DVMIO; \??\C:\SPLASH.SYS\config\dvmio.sys [2009-12-23 17624]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-07-12 5120]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-10-27 2494968]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-09-17 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-09-17 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-09-17 18472]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-04-09 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-04-09 11104]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 174592]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-10-02 204288]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-10-12 420864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\aestsrv.exe [2009-03-02 81920]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 595232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DvmMDES;DeviceVM Meta Data Export Service; C:\SPLASH.SYS\config\DVMExportService.exe [2009-07-08 323584]
S2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-10-15 120832]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe [2009-10-12 221266]
S2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 110592]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S2 WindowBlinds;Stardock WindowBlinds; C:\Program Files\Stardock\MyColors\VistaSrv.exe [2009-06-09 230704]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 821648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-24 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-16 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vir policie - kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vir policie - kontrola
Log z dneška níže. Skript jsem žádný nepoužil, takže čekám na radu 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2013 02
Ran by Marťa (administrator) on 04-06-2013 18:09:39
Running from J:\
Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-11-03] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe [495708 2009-10-12] (IDT, Inc.)
HKLM\...\Run: [HP] C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe [589104 2009-07-14] (Hewlett-Packard)
HKLM\...\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [100408 2009-08-21] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [149280 2010-02-19] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [] [x]
HKLM\...\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [ZumoDrive] "C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk" [2038 2010-07-08] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKCU\...\Run: [Simplify Media] "C:\Program Files\Hp\HP MediaStream\HPMediaStream.exe" -splash [21499400 2009-11-11] (Simplify Media, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18705664 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Marťa\AppData\Roaming\skype.dat <==== ATTENTION
MountPoints2: {1afe693d-d4b0-11e0-9ff1-f07bcb9a76ec} - E:\AutoRun.exe
MountPoints2: {1c2fedcb-ecf2-11df-a256-fd2cce82e59c} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {dd0be646-8b19-11df-b547-806e6f6e6963} - E:\SETUP.EXE
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Pin Stardock MyColors.lnk
ShortcutTarget: Pin Stardock MyColors.lnk -> C:\Program Files\Stardock\MyColors\SDDelayedLaunch.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Stardock MyColors.lnk
ShortcutTarget: Stardock MyColors.lnk -> C:\Program Files\Stardock\MyColors\SDDelayedLaunch.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Marťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
ProxyServer: 10.2.10.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP22&ocid=UP22DHP&dt=020413
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {A0491B4C-14DF-46C2-AB1F-02F5965A0EFD} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {F7F6F7FB-FA8C-4E7F-B3DF-DF6468D7D9BC} URL =
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU -DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
PDF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{6E325440-430C-4775-AC32-4D4C589A6603}: [NameServer]208.67.222.222,208.67.220.220
FireFox:
========
FF ProfilePath: C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default
FF SearchEngine: Google
FF Homepage: hxxp://www.msn.com/?pc=UP22&ocid=UP22DHP&dt=020413
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=020413&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default\Extensions\DTToolbar@toolbarnet.com
FF Extension: No Name - C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
========================== Services (Whitelisted) =================
S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
S2 DvmMDES; C:\SPLASH.SYS\config\DVMExportService.exe [323584 2009-07-08] (DeviceVM, Inc.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [250616 2009-06-06] (WildTangent, Inc.)
S2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe [221266 2009-10-12] (IDT, Inc.)
S2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC)
S2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)
S2 WindowBlinds; C:\Program Files\Stardock\MyColors\VistaSrv.exe [230704 2009-06-09] (Stardock Corporation)
==================== Drivers (Whitelisted) ====================
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [55128 2011-11-28] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
S1 DVMIO; C:\SPLASH.SYS\config\dvmio.sys [17624 2009-12-23] (DeviceVM, Inc.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [101120 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2010-04-09] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-05-03] (Duplex Secure Ltd.)
S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-12] (Samsung Electronics)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-04 22:35 - 2013-06-04 22:35 - 00000000 ___AD C:\$Anvi Rescue Disk$
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\rsit
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\Program Files\trend micro
2013-06-02 15:09 - 2013-06-02 15:09 - 00000000 ____D C:\FRST
2013-06-02 10:59 - 2013-06-04 16:21 - 00000004 ____A C:\Users\Marťa\AppData\Roaming\skype.ini
2013-05-26 11:06 - 2013-05-26 11:06 - 14323712 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-26 11:06 - 2013-05-26 11:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01767424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-26 11:06 - 2013-05-26 11:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-26 11:06 - 2013-05-26 11:06 - 01130496 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-26 11:06 - 2013-05-26 11:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-26 11:06 - 2013-05-26 11:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-26 11:03 - 2013-05-26 11:17 - 00010529 ____A C:\Windows\IE10_main.log
2013-05-24 10:00 - 2013-05-26 12:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-20 14:10 - 2013-05-20 14:12 - 00000000 ____D C:\Users\Marťa\Desktop\201305A0
2013-05-15 19:59 - 2013-05-17 12:55 - 00000000 ____D C:\Users\Marťa\Desktop\Nová složka
2013-05-15 19:52 - 2013-04-10 05:14 - 02347520 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 19:52 - 2013-03-19 06:53 - 00186368 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 19:52 - 2013-03-19 05:33 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-15 19:51 - 2013-04-10 07:18 - 00728424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 19:51 - 2013-04-10 07:18 - 00218984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 19:50 - 2013-02-27 07:05 - 00101720 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 19:50 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 19:50 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 19:50 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 19:50 - 2013-02-27 06:49 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 18:24 - 2013-05-14 18:25 - 00000000 ____D C:\Users\Marťa\Desktop\foto klára jaro
==================== One Month Modified Files and Folders ========
2013-06-05 02:26 - 2010-07-09 01:18 - 00000000 ____D C:\ProgramData\Recovery
2013-06-04 22:35 - 2013-06-04 22:35 - 00000000 ___AD C:\$Anvi Rescue Disk$
2013-06-04 18:08 - 2009-07-14 06:39 - 00167913 ____A C:\Windows\setupact.log
2013-06-04 17:54 - 2009-09-07 01:02 - 01478822 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\rsit
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\Program Files\trend micro
2013-06-04 16:31 - 2010-03-25 18:16 - 00000177 ____H C:\dvmexp.idx
2013-06-04 16:31 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-04 16:21 - 2013-06-02 10:59 - 00000004 ____A C:\Users\Marťa\AppData\Roaming\skype.ini
2013-06-04 16:21 - 2010-03-25 17:35 - 01777093 ____A C:\Windows\WindowsUpdate.log
2013-06-04 16:15 - 2009-07-14 06:34 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-04 16:15 - 2009-07-14 06:34 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-04 15:49 - 2011-09-20 15:58 - 00030208 __ASH C:\Users\Marťa\Thumbs.db
2013-06-02 15:09 - 2013-06-02 15:09 - 00000000 ____D C:\FRST
2013-06-02 10:43 - 2013-02-04 23:11 - 00000000 ____D C:\Users\Marťa\AppData\Roaming\Skype
2013-05-28 17:50 - 2013-03-26 20:47 - 00000052 ____A C:\Windows\System32\DOErrors.log
2013-05-27 13:39 - 2012-09-27 11:39 - 00000000 ____D C:\Users\Marťa\Desktop\FRRMS MENDELU 2012-2013
2013-05-26 22:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-05-26 12:26 - 2013-05-24 10:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-26 12:25 - 2012-04-25 11:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-26 11:17 - 2013-05-26 11:03 - 00010529 ____A C:\Windows\IE10_main.log
2013-05-26 11:06 - 2013-05-26 11:06 - 14323712 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-26 11:06 - 2013-05-26 11:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01767424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-26 11:06 - 2013-05-26 11:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-26 11:06 - 2013-05-26 11:06 - 01130496 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-26 11:06 - 2013-05-26 11:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-26 11:06 - 2013-05-26 11:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-25 23:03 - 2013-03-13 00:15 - 00000000 ____D C:\Users\Marťa\Desktop\životopisy
2013-05-24 14:25 - 2010-07-08 12:31 - 00000000 ____D C:\Users\Marťa\Documents\Youcam
2013-05-20 14:12 - 2013-05-20 14:10 - 00000000 ____D C:\Users\Marťa\Desktop\201305A0
2013-05-17 19:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-17 12:55 - 2013-05-15 19:59 - 00000000 ____D C:\Users\Marťa\Desktop\Nová složka
2013-05-16 15:46 - 2009-07-14 06:33 - 00422208 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 12:45 - 2010-02-19 07:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 07:47 - 2010-09-25 08:27 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-14 19:07 - 2013-03-29 11:54 - 00000000 ____D C:\Users\Marťa\Desktop\Foto 2013
2013-05-14 18:25 - 2013-05-14 18:24 - 00000000 ____D C:\Users\Marťa\Desktop\foto klára jaro
Files to move or delete:
====================
C:\Users\Marťa\AppData\Roaming\skype.dat
C:\Users\Marťa\AppData\Roaming\skype.ini
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Last Boot: 2013-05-26 22:29
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2013 02
Ran by Marťa (administrator) on 04-06-2013 18:09:39
Running from J:\
Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-11-03] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe [495708 2009-10-12] (IDT, Inc.)
HKLM\...\Run: [HP] C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe [589104 2009-07-14] (Hewlett-Packard)
HKLM\...\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe [100408 2009-08-21] (Hewlett-Packard )
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [149280 2010-02-19] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [] [x]
HKLM\...\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [ZumoDrive] "C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk" [2038 2010-07-08] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKCU\...\Run: [Simplify Media] "C:\Program Files\Hp\HP MediaStream\HPMediaStream.exe" -splash [21499400 2009-11-11] (Simplify Media, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18705664 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Marťa\AppData\Roaming\skype.dat <==== ATTENTION
MountPoints2: {1afe693d-d4b0-11e0-9ff1-f07bcb9a76ec} - E:\AutoRun.exe
MountPoints2: {1c2fedcb-ecf2-11df-a256-fd2cce82e59c} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {dd0be646-8b19-11df-b547-806e6f6e6963} - E:\SETUP.EXE
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Pin Stardock MyColors.lnk
ShortcutTarget: Pin Stardock MyColors.lnk -> C:\Program Files\Stardock\MyColors\SDDelayedLaunch.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Stardock MyColors.lnk
ShortcutTarget: Stardock MyColors.lnk -> C:\Program Files\Stardock\MyColors\SDDelayedLaunch.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Marťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
ProxyServer: 10.2.10.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP22&ocid=UP22DHP&dt=020413
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {A0491B4C-14DF-46C2-AB1F-02F5965A0EFD} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {F7F6F7FB-FA8C-4E7F-B3DF-DF6468D7D9BC} URL =
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU -DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
PDF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{6E325440-430C-4775-AC32-4D4C589A6603}: [NameServer]208.67.222.222,208.67.220.220
FireFox:
========
FF ProfilePath: C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default
FF SearchEngine: Google
FF Homepage: hxxp://www.msn.com/?pc=UP22&ocid=UP22DHP&dt=020413
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=020413&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default\Extensions\DTToolbar@toolbarnet.com
FF Extension: No Name - C:\Users\Marťa\AppData\Roaming\Mozilla\Firefox\Profiles\gdvjzgtp.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
========================== Services (Whitelisted) =================
S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
S2 DvmMDES; C:\SPLASH.SYS\config\DVMExportService.exe [323584 2009-07-08] (DeviceVM, Inc.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [250616 2009-06-06] (WildTangent, Inc.)
S2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe [221266 2009-10-12] (IDT, Inc.)
S2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC)
S2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)
S2 WindowBlinds; C:\Program Files\Stardock\MyColors\VistaSrv.exe [230704 2009-06-09] (Stardock Corporation)
==================== Drivers (Whitelisted) ====================
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [55128 2011-11-28] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
S1 DVMIO; C:\SPLASH.SYS\config\dvmio.sys [17624 2009-12-23] (DeviceVM, Inc.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [101120 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2010-04-09] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-05-03] (Duplex Secure Ltd.)
S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-12] (Samsung Electronics)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-04 22:35 - 2013-06-04 22:35 - 00000000 ___AD C:\$Anvi Rescue Disk$
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\rsit
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\Program Files\trend micro
2013-06-02 15:09 - 2013-06-02 15:09 - 00000000 ____D C:\FRST
2013-06-02 10:59 - 2013-06-04 16:21 - 00000004 ____A C:\Users\Marťa\AppData\Roaming\skype.ini
2013-05-26 11:06 - 2013-05-26 11:06 - 14323712 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-26 11:06 - 2013-05-26 11:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01767424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-26 11:06 - 2013-05-26 11:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-26 11:06 - 2013-05-26 11:06 - 01130496 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-26 11:06 - 2013-05-26 11:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-26 11:06 - 2013-05-26 11:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-26 11:03 - 2013-05-26 11:17 - 00010529 ____A C:\Windows\IE10_main.log
2013-05-24 10:00 - 2013-05-26 12:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-20 14:10 - 2013-05-20 14:12 - 00000000 ____D C:\Users\Marťa\Desktop\201305A0
2013-05-15 19:59 - 2013-05-17 12:55 - 00000000 ____D C:\Users\Marťa\Desktop\Nová složka
2013-05-15 19:52 - 2013-04-10 05:14 - 02347520 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 19:52 - 2013-03-19 06:53 - 00186368 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 19:52 - 2013-03-19 05:33 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-15 19:51 - 2013-04-10 07:18 - 00728424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 19:51 - 2013-04-10 07:18 - 00218984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 19:50 - 2013-02-27 07:05 - 00101720 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 19:50 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 19:50 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 19:50 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 19:50 - 2013-02-27 06:49 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 18:24 - 2013-05-14 18:25 - 00000000 ____D C:\Users\Marťa\Desktop\foto klára jaro
==================== One Month Modified Files and Folders ========
2013-06-05 02:26 - 2010-07-09 01:18 - 00000000 ____D C:\ProgramData\Recovery
2013-06-04 22:35 - 2013-06-04 22:35 - 00000000 ___AD C:\$Anvi Rescue Disk$
2013-06-04 18:08 - 2009-07-14 06:39 - 00167913 ____A C:\Windows\setupact.log
2013-06-04 17:54 - 2009-09-07 01:02 - 01478822 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\rsit
2013-06-04 17:53 - 2013-06-04 17:53 - 00000000 ____D C:\Program Files\trend micro
2013-06-04 16:31 - 2010-03-25 18:16 - 00000177 ____H C:\dvmexp.idx
2013-06-04 16:31 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-04 16:21 - 2013-06-02 10:59 - 00000004 ____A C:\Users\Marťa\AppData\Roaming\skype.ini
2013-06-04 16:21 - 2010-03-25 17:35 - 01777093 ____A C:\Windows\WindowsUpdate.log
2013-06-04 16:15 - 2009-07-14 06:34 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-04 16:15 - 2009-07-14 06:34 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-04 15:49 - 2011-09-20 15:58 - 00030208 __ASH C:\Users\Marťa\Thumbs.db
2013-06-02 15:09 - 2013-06-02 15:09 - 00000000 ____D C:\FRST
2013-06-02 10:43 - 2013-02-04 23:11 - 00000000 ____D C:\Users\Marťa\AppData\Roaming\Skype
2013-05-28 17:50 - 2013-03-26 20:47 - 00000052 ____A C:\Windows\System32\DOErrors.log
2013-05-27 13:39 - 2012-09-27 11:39 - 00000000 ____D C:\Users\Marťa\Desktop\FRRMS MENDELU 2012-2013
2013-05-26 22:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-05-26 12:26 - 2013-05-24 10:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-26 12:25 - 2012-04-25 11:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-26 11:17 - 2013-05-26 11:03 - 00010529 ____A C:\Windows\IE10_main.log
2013-05-26 11:06 - 2013-05-26 11:06 - 14323712 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-26 11:06 - 2013-05-26 11:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01767424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-26 11:06 - 2013-05-26 11:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-26 11:06 - 2013-05-26 11:06 - 01130496 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-26 11:06 - 2013-05-26 11:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-26 11:06 - 2013-05-26 11:06 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-26 11:06 - 2013-05-26 11:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-26 11:06 - 2013-05-26 11:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-25 23:03 - 2013-03-13 00:15 - 00000000 ____D C:\Users\Marťa\Desktop\životopisy
2013-05-24 14:25 - 2010-07-08 12:31 - 00000000 ____D C:\Users\Marťa\Documents\Youcam
2013-05-20 14:12 - 2013-05-20 14:10 - 00000000 ____D C:\Users\Marťa\Desktop\201305A0
2013-05-17 19:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-17 12:55 - 2013-05-15 19:59 - 00000000 ____D C:\Users\Marťa\Desktop\Nová složka
2013-05-16 15:46 - 2009-07-14 06:33 - 00422208 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 12:45 - 2010-02-19 07:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 07:47 - 2010-09-25 08:27 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-14 19:07 - 2013-03-29 11:54 - 00000000 ____D C:\Users\Marťa\Desktop\Foto 2013
2013-05-14 18:25 - 2013-05-14 18:24 - 00000000 ____D C:\Users\Marťa\Desktop\foto klára jaro
Files to move or delete:
====================
C:\Users\Marťa\AppData\Roaming\skype.dat
C:\Users\Marťa\AppData\Roaming\skype.ini
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Last Boot: 2013-05-26 22:29
==================== End Of Log ============================
Re: Vir policie - kontrola
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-06-2013 02
Ran by Marťa at 2013-06-04 19:45:42 Run:1
Running from J:\
Boot Mode: Safe Mode (minimal)
==============================================
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon => Key deleted successfully.
C:\Users\Marťa\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Marťa\AppData\Roaming\skype.ini => Moved successfully.
==== End of Fixlog ====
OTL se nepodařilo udělat, vždy to jen zamrzlo. Jinak vše funguje jak má.
Ran by Marťa at 2013-06-04 19:45:42 Run:1
Running from J:\
Boot Mode: Safe Mode (minimal)
==============================================
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon => Key deleted successfully.
C:\Users\Marťa\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Marťa\AppData\Roaming\skype.ini => Moved successfully.
==== End of Fixlog ====
OTL se nepodařilo udělat, vždy to jen zamrzlo. Jinak vše funguje jak má.
Re: Vir policie - kontrola
Super, díky za pomoc!
Přispějete na provoz fóra?