útok na router

Zpráva

sejky · #1 Příspěvek od **sejky** » 30 pro 2013 16:48

ahoj,
jakmile připojím doma do sítě PC tak vidím na routeru příchozí útoky ze všech různých IP adres z celého světa. Je tam pravděpodobně nějaký trojan který toto spustí. Nedaří se mi ho však najít.
Můžete mi s tím pomoci? připojuji logy.

# AdwCleaner v3.016 - Report created 30/12/2013 at 16:41:51
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : turkova - TURKOVA-AK
# Running from : C:\Users\turkova.AK\Desktop\Nová složka\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

*************************

AdwCleaner[R0].txt - [1698 octets] - [30/12/2013 16:40:00]
AdwCleaner[S0].txt - [1629 octets] - [30/12/2013 16:41:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1689 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by turkova on po 30.12.2013 at 16:34:17,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 30.12.2013 at 16:38:59,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Professional Service Pack 1
Program started at: 12/30/2013 04:20:55 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\turkova.AK\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\turkova.AK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\turkova.AK\Desktop

0 bad shortcuts found.

Program finished at: 12/30/2013 04:20:55 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

díky za pomoc.

#2 Příspěvek od **Rudy** » 30 pro 2013 17:30

Zdravím!
Zkusíme tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

sejky · #3 Příspěvek od **sejky** » 30 pro 2013 17:59

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by turkova (administrator) on TURKOVA-AK on 30-12-2013 17:55:43
Running from C:\Users\turkova.AK\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Dell Computer Corporation) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(forum.viry.cz) C:\Users\turkova.AK\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [684016 2012-12-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-20] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation)
HKLM\...\Run: [TdmNotify] - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [370584 2012-11-09] (Wave Systems Corp.)
HKLM\...\Run: [DFEPApplication] - C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [DBRMTray] - C:\dell\DBRM\Reminder\DbrmTrayicon.exe [227328 2011-03-08] (Dell Computer Corporation)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4131984 2012-04-16] (ESET)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-10-16] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134176 2012-10-23] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [DBRMTray] - C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-02-05] (Microsoft)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-05-09] (Skype Technologies S.A.)
HKU\Turkova\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
Lsa: [Authentication Packages] msv1_0 wvauth
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Turkova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\turkova.AK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\vinduska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM - DefaultScope {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKLM-x32 - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKCU - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

==================== Services (Whitelisted) =================

R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [35680 2012-04-16] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [999664 2012-04-16] (ESET)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [225720 2012-11-20] ()
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [190168 2012-04-16] (ESET)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-23] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] ()
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] ()
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.)
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2013-03-28] (Broadcom Corporation.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213376 2012-03-29] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [179368 2012-03-29] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [152136 2012-03-29] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [140752 2012-03-29] (ESET)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-30 17:55 - 2013-12-30 17:56 - 00013181 _____ C:\Users\turkova.AK\Desktop\FRST.txt
2013-12-30 17:55 - 2013-12-30 17:55 - 00000000 ____D C:\FRST
2013-12-30 17:53 - 2013-12-30 17:52 - 01931302 _____ (Farbar) C:\Users\turkova.AK\Desktop\FRST64.exe
2013-12-30 17:53 - 2013-12-30 17:52 - 00112640 _____ (forum.viry.cz) C:\Users\turkova.AK\Desktop\FRSTLauncher.exe
2013-12-30 16:39 - 2013-12-30 16:41 - 00000000 ____D C:\AdwCleaner
2013-12-30 16:34 - 2013-12-30 16:34 - 00001826 _____ C:\sc-cleaner.txt
2013-12-30 16:22 - 2013-12-30 16:22 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:40 - 2013-12-19 15:21 - 00016443 _____ C:\Users\turkova.AK\Desktop\za HK-tabulka pro zpracování kvalifikace - Ředitelství silnic a dálnic ČR.xlsx
2013-12-18 15:39 - 2013-12-18 15:47 - 00000000 ____D C:\Users\turkova.AK\Desktop\LT+MJ+JM
2013-12-18 09:49 - 2013-12-20 10:30 - 00050176 _____ C:\Users\turkova.AK\Desktop\odměny za cíle - Praha.xls
2013-12-17 08:30 - 2013-12-17 08:30 - 00070144 _____ C:\Users\turkova.AK\Downloads\turkova_export (11).xls
2013-12-16 07:20 - 2013-12-17 16:48 - 00000000 ____D C:\Users\turkova.AK\Desktop\VZ ŘSD
2013-12-12 15:54 - 2013-12-12 15:54 - 00049152 _____ C:\Users\turkova.AK\Desktop\Přehled změn mezd u jednotlivců PHA-HK- 12 12 2013.xls
2013-12-11 08:48 - 2013-12-11 08:48 - 00025288 _____ C:\Users\turkova.AK\Downloads\11122013084950_14135.xls
2013-12-03 14:25 - 2013-12-16 11:00 - 00000000 ____D C:\Users\turkova.AK\Desktop\Představenstvo 19.12.2013
2013-12-03 13:41 - 2013-12-03 13:41 - 00417792 _____ C:\Users\turkova.AK\Downloads\turkova_export (10).xls

==================== One Month Modified Files and Folders =======

2013-12-30 17:56 - 2013-12-30 17:55 - 00013181 _____ C:\Users\turkova.AK\Desktop\FRST.txt
2013-12-30 17:55 - 2013-12-30 17:55 - 00000000 ____D C:\FRST
2013-12-30 17:54 - 2010-11-21 10:27 - 00666444 _____ C:\Windows\system32\perfh005.dat
2013-12-30 17:54 - 2010-11-21 10:27 - 00140108 _____ C:\Windows\system32\perfc005.dat
2013-12-30 17:54 - 2009-07-14 06:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-30 17:52 - 2013-12-30 17:53 - 01931302 _____ (Farbar) C:\Users\turkova.AK\Desktop\FRST64.exe
2013-12-30 17:52 - 2013-12-30 17:53 - 00112640 _____ (forum.viry.cz) C:\Users\turkova.AK\Desktop\FRSTLauncher.exe
2013-12-30 17:49 - 2013-10-08 08:48 - 00005014 _____ C:\Windows\System32\Tasks\WSCEAA
2013-12-30 17:38 - 2013-03-28 00:47 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-30 16:49 - 2009-07-14 05:45 - 00025040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-30 16:49 - 2009-07-14 05:45 - 00025040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-30 16:42 - 2013-03-28 00:46 - 01764053 _____ C:\Windows\WindowsUpdate.log
2013-12-30 16:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-30 16:42 - 2009-07-14 05:51 - 00050039 _____ C:\Windows\setupact.log
2013-12-30 16:41 - 2013-12-30 16:39 - 00000000 ____D C:\AdwCleaner
2013-12-30 16:34 - 2013-12-30 16:34 - 00001826 _____ C:\sc-cleaner.txt
2013-12-30 16:22 - 2013-12-30 16:22 - 00000000 ____D C:\Windows\ERUNT
2013-12-30 15:59 - 2013-04-23 14:08 - 4209525760 _____ C:\Users\turkova.AK\archive.pst
2013-12-30 15:58 - 2013-04-16 08:26 - 00000000 ____D C:\Users\turkova.AK\AppData\Roaming\Skype
2013-12-25 20:03 - 2013-04-16 09:36 - 00023567 _____ C:\Users\turkova.AK\intlname.ols
2013-12-20 10:30 - 2013-12-18 09:49 - 00050176 _____ C:\Users\turkova.AK\Desktop\odměny za cíle - Praha.xls
2013-12-20 09:57 - 2013-04-16 07:16 - 00000104 _____ C:\Windows\system32\config\netlogon.ftl
2013-12-20 08:57 - 2013-04-16 08:55 - 00000000 ____D C:\Users\turkova.AK\Desktop\Složka - veřejné zakázky
2013-12-19 15:21 - 2013-12-18 20:40 - 00016443 _____ C:\Users\turkova.AK\Desktop\za HK-tabulka pro zpracování kvalifikace - Ředitelství silnic a dálnic ČR.xlsx
2013-12-19 10:04 - 2013-04-16 08:55 - 00000000 ____D C:\Users\turkova.AK\Desktop\MZDY
2013-12-18 15:47 - 2013-12-18 15:39 - 00000000 ____D C:\Users\turkova.AK\Desktop\LT+MJ+JM
2013-12-18 14:17 - 2013-04-16 08:56 - 00000000 ____D C:\Users\turkova.AK\Desktop\T- Mobile
2013-12-18 12:36 - 2013-11-20 12:58 - 00000000 ____D C:\Users\turkova.AK\Desktop\CÍLE 2013 - odměny
2013-12-17 16:48 - 2013-12-16 07:20 - 00000000 ____D C:\Users\turkova.AK\Desktop\VZ ŘSD
2013-12-17 16:48 - 2013-04-16 08:56 - 00000000 ____D C:\Users\turkova.AK\Desktop\SVJ
2013-12-17 08:30 - 2013-12-17 08:30 - 00070144 _____ C:\Users\turkova.AK\Downloads\turkova_export (11).xls
2013-12-16 11:00 - 2013-12-03 14:25 - 00000000 ____D C:\Users\turkova.AK\Desktop\Představenstvo 19.12.2013
2013-12-12 15:54 - 2013-12-12 15:54 - 00049152 _____ C:\Users\turkova.AK\Desktop\Přehled změn mezd u jednotlivců PHA-HK- 12 12 2013.xls
2013-12-11 14:46 - 2013-04-16 08:48 - 00031232 _____ C:\Users\turkova.AK\Desktop\výpočet jízdného r. 2013.xls
2013-12-11 08:48 - 2013-12-11 08:48 - 00025288 _____ C:\Users\turkova.AK\Downloads\11122013084950_14135.xls
2013-12-03 13:41 - 2013-12-03 13:41 - 00417792 _____ C:\Users\turkova.AK\Downloads\turkova_export (10).xls
2013-12-02 11:13 - 2013-11-07 17:03 - 00026624 _____ C:\Users\turkova.AK\Desktop\plán x skutečnost PT.xls

Some content of TEMP:
====================
C:\Users\Turkova\AppData\Local\Temp\install_reader11_cz_gtbd_chrd_dn_aih.exe
C:\Users\turkova.AK\AppData\Local\Temp\APNStub.exe
C:\Users\turkova.AK\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\turkova.AK\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-10 10:19

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:286.29 GB) (Free:207.43 GB) NTFS
Drive e: () (Removable) (Total:0.12 GB) (Free:0.08 GB) FAT32

Available physical RAM: 2222.41 MB
Total physical RAM: 3969.85 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 423087AE)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)
Disk: 1 (Size: 125 MB) (Disk ID: BBEFE06D)
Partition 1: (Active) - (Size=125 MB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\turkova.AK\Desktop" je 24172 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

sejky · #4 Příspěvek od **sejky** » 30 pro 2013 17:59

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01
Ran by turkova at 2013-12-30 17:56:30
Running from C:\Users\turkova.AK\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard)
Adobe Flash Player 11 ActiveX (x32 Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Czech (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Custom (Version: 01.00.00.002 - Wave Systems Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft)
Dell Backup and Recovery Manager (Version: 1.3.1 - Dell Inc.)
Dell Client System Update (x32 Version: 1.3.0 - Dell Inc.)
Dell Data Protection | Access (Version: 2.3.00001.021 - Dell Inc.)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Feature Enhancement Pack (Version: 2.2.1 - Dell)
Dell Touchpad (Version: 8.1200.101.124 - ALPS ELECTRIC CO., LTD.)
DellAccess (Version: 01.03.00.046 - Wave Systems Corp.)
EMBASSY Client Core (Version: 01.03.00.092 - Wave Systems Corp.)
Epson Universal Laser P6 (Version: - )
ERAS Connector (Version: 02.09.05.0330 - Wave Systems Corp)
ESET Endpoint Antivirus (Version: 5.0.2122.10 - ESET, spol. s r.o.)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp)
GemPcCCID (Version: 2.0.1 - Gemalto)
Intel PROSet Wireless (Version: - )
Intel(R) Control Center (x32 Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Network Connections 16.8.45.00 (Version: 16.8.45.00 - Dell)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2639 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.6.245 - Intel Corporation)
Intel(R) WiDi (Version: 3.5.40.0 - Intel Corporation)
Intel(R) Wireless Display (Version: - )
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
K-Lite Mega Codec Pack 8.9.5 (x32 Version: 8.9.5 - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation)
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (x32 Version: 4.1.10111.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Premium (x32 Version: 7.02.6446 - Nero AG)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (x32 Version: 15.4.5722.2 - Microsoft Corporation)
PBA Driver (Version: 1.0.1.7 - Dell Inc.)
Preboot Manager (Version: 03.05.00.026 - Wave Systems Corp.)
Private Information Manager (Version: 07.03.00.016 - Wave Systems Corp.)
Sada Compatibility Pack pro systém Office 2007 (x32 Version: 12.0.6514.5001 - Microsoft Corporation)
SI TSS (Version: 2.1.41 - Security Innovation)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
Software Intel® PROSet/Wireless WiFi (Version: 15.03.1000.1637 - Intel Corporation)
SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (x32 Version: 4.10.0036 - ST Microelectronics)
TeamViewer 8 (x32 Version: 8.0.17396 - TeamViewer)
toolkit32for64bit (x32 Version: 7.68.85.0013 - Wave Systems Corp)
Total Commander 64-bit (Remove or Repair) (Version: 8.0 - Ghisler Software GmbH)
Trusted Drive Manager (Version: 5.0.0.304 - Wave Systems Corp.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp)
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp)
Wave Infrastructure Installer (Version: 07.68.85.0014 - Wave Systems Corp)
Wave Support Software Installer (Version: 05.15.00.021 - Wave Systems Corp)
WIDCOMM Bluetooth Software (Version: 6.5.1.2410 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Small Business Server 2008 ClientAgent (Version: 6.0.5601.6 - Microsoft Corporation)
Windows Small Business Server 2008 Desktop Links Gadget (Version: 6.0.5601.6 - Microsoft Corporation)
Windows Small Business Server 2008 WMI Provider (x32 Version: 6.0.5601.6 - Microsoft Corporation)

==================== Restore Points =========================

17-10-2013 15:38:33 Naplánovaný kontrolní bod
29-10-2013 11:42:53 Naplánovaný kontrolní bod
06-11-2013 09:47:09 Installed Java 7 Update 45
10-11-2013 02:16:04 Windows Update
18-11-2013 15:34:07 Naplánovaný kontrolní bod
27-11-2013 11:29:27 Naplánovaný kontrolní bod
04-12-2013 23:00:05 Naplánovaný kontrolní bod
09-12-2013 03:43:00 Windows Update
16-12-2013 23:00:04 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {8F7A5652-5B27-4774-A9FC-48C7F5DD6801} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-28] (Adobe Systems Incorporated)
Task: {B8BCE166-73B7-46DE-913D-F7C8FBE45F67} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.)
Task: {DF6783AD-D2ED-4AD1-B0E6-936A94E76913} - \Scheduled Update for Ask Toolbar No Task File
Task: {F27063B9-648D-4E14-A973-81A0CE0FE216} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\wsceaa.exe [2012-10-17] (Wave Systems Corp.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-03-28 03:26 - 2012-02-01 19:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-04-12 08:53 - 2013-04-12 08:53 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\4a95e57f496b639719d700b5d5758800\IsdiInterop.ni.dll
2013-03-28 01:07 - 2012-05-30 19:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-03-28 01:10 - 2012-10-23 01:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/30/2013 04:42:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (12/30/2013 05:51:54 PM) (Source: TermService) (User: )
Description: Terminálový server nemohl pro používání k ověření serveru zaregistrovat hlavní název služby TERMSRV. Došlo k následující chybě: Zadaná doména neexistuje nebo není k dispozici.
.

Error: (12/30/2013 05:25:45 PM) (Source: TermService) (User: )
Description: Terminálový server nemohl pro používání k ověření serveru zaregistrovat hlavní název služby TERMSRV. Došlo k následující chybě: Zadaná doména neexistuje nebo není k dispozici.
.

Error: (12/30/2013 04:44:54 PM) (Source: TermService) (User: )
Description: Terminálový server nemohl pro používání k ověření serveru zaregistrovat hlavní název služby TERMSRV. Došlo k následující chybě: Zadaná doména neexistuje nebo není k dispozici.
.

Error: (12/30/2013 04:43:44 PM) (Source: Microsoft-Windows-GroupPolicy) (User: AK)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (12/30/2013 04:43:17 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (12/30/2013 04:42:45 PM) (Source: Service Control Manager) (User: )
Description: Služba WvPCR závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (12/30/2013 04:42:45 PM) (Source: Service Control Manager) (User: )
Description: Služba SI TSS v1.2.1.41 TCS závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (12/30/2013 04:42:46 PM) (Source: NETLOGON) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně AK z následujícího důvodu:
%%1311

To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.

DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Microsoft Office Sessions:
=========================
Error: (12/30/2013 04:42:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 3969.85 MB
Available physical RAM: 2222.41 MB
Total Pagefile: 7937.88 MB
Available Pagefile: 6017.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:286.29 GB) (Free:207.43 GB) NTFS
Drive e: () (Removable) (Total:0.12 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 423087AE)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 125 MB) (Disk ID: BBEFE06D)
Partition 1: (Active) - (Size=125 MB) - (Type=0B)

==================== End Of Log ============================

#5 Příspěvek od **Rudy** » 30 pro 2013 18:11

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {DF6783AD-D2ED-4AD1-B0E6-936A94E76913} - \Scheduled Update for Ask Toolbar No Task File
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKLM - DefaultScope {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKLM-x32 - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKCU - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL =
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
C:\Users\turkova.AK\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

sejky · #6 Příspěvek od **sejky** » 30 pro 2013 18:33

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-12-2013 01
Ran by turkova at 2013-12-30 18:30:57 Run:1
Running from C:\Users\turkova.AK\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Task: {DF6783AD-D2ED-4AD1-B0E6-936A94E76913} - \Scheduled Update for Ask Toolbar No Task File
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKLM - DefaultScope {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKLM-x32 - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL = http://www.bing.com/search?q={searchTer ... &pc=MDDRJS
SearchScopes: HKCU - {430AC018-DA27-45EF-8CD6-4B23AE190FB5} URL =
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
C:\Users\turkova.AK\AppData\Local\Temp
End
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF6783AD-D2ED-4AD1-B0E6-936A94E76913} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF6783AD-D2ED-4AD1-B0E6-936A94E76913} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{430AC018-DA27-45EF-8CD6-4B23AE190FB5} => Key deleted successfully.
HKCR\CLSID\{430AC018-DA27-45EF-8CD6-4B23AE190FB5} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{430AC018-DA27-45EF-8CD6-4B23AE190FB5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{430AC018-DA27-45EF-8CD6-4B23AE190FB5} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{430AC018-DA27-45EF-8CD6-4B23AE190FB5} => Key deleted successfully.
HKCR\CLSID\{430AC018-DA27-45EF-8CD6-4B23AE190FB5} => Key not found.
HKCR\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945} => Key not found.

"C:\Users\turkova.AK\AppData\Local\Temp" directory move:

C:\Users\turkova.AK\AppData\Local\Temp\6J1I566S.htm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\9EA0.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\AK+turkova.bmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\APNStub.exe => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\au-descriptor-1.7.0_21-b11.xml => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\BLCZCYIN.htm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\DMI4CBA.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\DMI64CA.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\EMS_34E1.RHC => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\ExchangePerflog_8484fa3130a6bea83241b085.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\ExchangePerflog_8484fa3130a6bea8cfcccd43.dat => Moved successfully.
Could not move "C:\Users\turkova.AK\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\turkova.AK\AppData\Local\Temp\FXSTIFFDebugLogFile.txt => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\hpcCS140.chm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\hpcCS140.hlp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\JDLUQB13.htm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jinstall.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\JRT.txt => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\MSB1CACH.LEX => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\OOBE(20130826093848404).log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\POWERPNT.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\RD2246.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\RD4674.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\RD4F6A.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\RDB27.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\RDCAFC.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\RDD020.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\RDDB05.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Sada Compatibility Pack pro systém Office 2007 (0).log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\TMB9NPHU.htm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\users00 => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wecerr.txt => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wmplog02.sqm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wmplog03.sqm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wmplog04.sqm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wmplog05.sqm => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~5A41.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF0B763062AB6BC86E.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF11119D5E8F145A08.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF131FEDAC0898C362.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF174F2B4F8E8F8E36.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF1C72823A63667F54.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF20FB5785EAD0F3B4.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF299D213D6AF3F789.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF301A1DD2C97B0C9C.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF36C02FF705C02BA7.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF3A10B20CAE67488A.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF3AADA412C8D1D783.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF49C5AD890045FCC2.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF4F61AC7E8D61F0CE.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF50D2856C23A1974F.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF5634B59E07065D0D.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF570338941D8F8F30.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF62F69918B56C2005.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF6C73B8E149D15541.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF6E36DD1FAD8D3191.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF7EEAC5B249522A56.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF817604925F108491.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF8AAA1B110CB0B277.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF8ACFDEA938D489A1.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF8B4844B7B9C57F3A.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF90FF0E3B57C1881C.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF92C0F514D68308A0.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF991A436BF4F1EAD7.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF9B5C424BDC78DBC7.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DF9DF35D9AE96D824C.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFA00B5D5ABAE9F590.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFB37F389E99F6939C.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFB5AD7269FF47C72C.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFB7F35F1E7FE00ED6.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFB8580C280FF67C56.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFB9719F155C541729.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFBCAC1E8316A95673.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFC7C7FCBFD328C5C0.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFCCAECFAB82052D6B.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFCF1DB9EA41FBFA69.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFDC08DCD073531BD0.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFDCCB9D4D0197AAA5.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFE42E2322274CFA3B.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFEA11F1383B992F49.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFEBC04AA49465F8BF.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~DFEEAC6507607E032E.TMP => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~PIBCDA.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~PIBCDB.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0001.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0003.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0004.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0005.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0006.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0565.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0643.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0758.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0925.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD0939.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD1234.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD2239.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD2247.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD2440.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD3000.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD3010.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD3015.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD4059.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\~WRD4079.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Word8.0\MSForms.exd => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\tmp78424.WMC\serviceinfo.xml => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\tmp75017.WMC\serviceinfo.xml => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\tmp41289.WMC\serviceinfo.xml => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\tmp02802.WMC\serviceinfo.xml => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Temp1_Čestná prohlášení.zip\Čestná prohlášení\Čestné prohlášení - Milan Jelínek.doc => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\TeamViewer\Version8\logo.bmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\TeamViewer\Version8\x64\TVMonitor.sy_ => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\outlook logging\firstrun.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Low\dat3658.tmp => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Low\jawshtml.html => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\kbpki\555ff7aeb2bbd89ffdf1.dll => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\APPID_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\APPID_files.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\appinit64_null.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\appinit_null.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\APPPATHS.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\APPROVEDEXTENSIONS_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\ask.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\askCLSID.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\askregkey_x64.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\askregkey_x86.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\askregvalue_x64.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\askregvalue_x86.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\askservices.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\badAPPINIT.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\badFOLDERS.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\badFOLDERScom.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\badFOLDERSstart.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\badLNK.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\badvalues.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\BHO_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\BHO_name.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\browsermngr_keys.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\browsermngr_values.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CHOICE.DAT => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\chrome.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CHRregkey_x64.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CHRregkey_x86.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CHR_extensions.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CHR_open_x64.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CHR_open_x86.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\clean_shortcut.vbs => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CLSID_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\currentmd5.txt => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\CUT.DAT => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\datamngr_del.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\defaultscope.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\delfolders.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\delorphans.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\ELEVATIONPOLICY_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\ev_clear.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\EXT.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFbrowsermngr.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFextensions.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFpluginREG.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFplugins.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFprefs.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFregkey_x64.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFregkey_x86.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFwhtlist.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFXML.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FFXPI.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FF_open_x64.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FF_open_x86.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\firefox.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FWCLSID.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\FWPolicy.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\get.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\IEwhtlst.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\iexplore.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\IE_open_x64.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\IE_open_x86.reg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\IFEO.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\INTERFACE_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\JRT.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\medfos.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\MENUEXT.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\misc.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\modules.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\modules.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\moduleservices.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\NIRCMD.DAT => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\NOTIFY.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\PREAPPROVED_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\prelim.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\PRODUCTS.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\REGhcr.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\REGhkcu_and_hklm_allow.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\REGhkcu_and_hklm_software.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\REGhkcu_software_appdatalow.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\REGhkcu_software_microsoft.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\REGhklm_software_classes.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\REGISTRYUSERSID.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\runvalues.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\runvalues_x64.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\runvalues_x86.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\S1518COMPONENTS.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\searchlnk.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\SED.DAT => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\sednewline.txt => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\services.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\serviceseventlog.cfg => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\SETTINGS_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\SHORTCUT.DAT => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\STATS_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\TDL4.bat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\TRACING.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\TYPELIB_clsid.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\UNINSTALL.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\UpgradeCodes.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\WGET.DAT => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\WOW6432NODE.dat => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\temp\null.txt => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\erunt\ERDNT.E_E => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\erunt\ERDNTDOS.LOC => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\erunt\ERDNTWIN.LOC => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\erunt\ERUNT.EXE => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\erunt\ERUNT.LOC => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\jrt\erunt\README.TXT => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\Excel8.0\MSForms.exd => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\APNLogs\ci.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\APNLogs\iw.log => Moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp\APN-Stub\Stb90fce59c-e8db-4a77-b103-d54cf36e45ab.log => Moved successfully.
Could not move "C:\Users\turkova.AK\AppData\Local\Temp" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-30 18:32:39)<=

C:\Users\turkova.AK\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\turkova.AK\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

#7 Příspěvek od **Rudy** » 30 pro 2013 19:46

Vše smazáno. Jak to vypadá s těmi útoky?

sejky · #8 Příspěvek od **sejky** » 30 pro 2013 20:05

bohuzel pokracuji takze davam logy z dalsiho zarizeni ktere je na siti, dekuji moc za pomoc

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by sejky (administrator) on SEJKY-THINK on 30-12-2013 20:03:14
Running from C:\Users\sejky\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(stardevelop.com) C:\Program Files (x86)\Stardevelop Pty Ltd\Live Help Messenger Desktop\LiveMessengerDesktop.exe
(QIP) C:\Program Files (x86)\QIP 2012\qip.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(TTYPlus) C:\Program Files (x86)\MTPuTTY\mtputty.exe
(Simon Tatham) C:\Users\sejky\Desktop\putty\pageant.exe
(Kerio Technologies Inc.) C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Kerio Technologies Inc.) C:\Program Files\Kerio\Outlook Connector (Offline Edition)\KoffRtfWrapper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPUIManager.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\klwtblfs.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\sejky\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [384296 2013-10-28] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe [295720 2013-10-15] (Lenovo Group Limited)
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-10-22] (Lenovo)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-11-15] ()
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [6619432 2013-09-03] (Lenovo Group Limited)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKCU\...\Run: [Live Help Messenger Desktop] - C:\Program Files (x86)\Stardevelop Pty Ltd\Live Help Messenger Desktop\LiveMessengerDesktop.exe [6566056 2013-05-10] (stardevelop.com)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKCU\...\Run: [Infium] - C:\Program Files (x86)\QIP 2012\qip.exe [8378408 2013-01-10] (QIP)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -update activex [524680 2013-10-24] (Adobe Systems Incorporated)
MountPoints2: {616d7f95-91ff-4111-b783-f803f134c88b} - Q:\LenovoQDrive.exe
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutoRunReg.exe [159744 2011-12-15] ()
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
HKU\Default User\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutoRunReg.exe [159744 2011-12-15] ()
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\UpdatusUser\...\Run: [Google Update] - C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-17] (Google Inc.)
HKU\UpdatusUser\...\Run: [Infium] - C:\Program Files (x86)\QIP 2012\qip.exe [8378408 2013-01-10] (QIP)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [245872 2013-11-15] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll [201576 2013-11-15] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ACGina

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={sear ... n=browsers
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... lz=1I7LENP
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={sear ... n=browsers
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: QipLI Class - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\sejky\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {FA203BD0-36D6-46FF-92A0-7E90B07EF40C} http://monitoring.seonet.cz:8080/classe ... V_H264.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Easy Auto Refresh) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.9_0
CHR Extension: (Google Docs) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Safe Money) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: () - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdefnbcpjeflgggkipfemfckjicceiii\1.0_0
CHR Extension: (Google Wallet) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\sejky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [949760 2013-11-03] (Kerio Technologies Inc.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197928 2013-10-15] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-02] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-09-17] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-02] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-17] (DT Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-02] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-08-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-16] (Kaspersky Lab ZAO)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-11-15] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-09-26] (Synaptics Incorporated)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-16] (Kaspersky Lab ZAO)
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-30 20:03 - 2013-12-30 20:03 - 00027569 _____ C:\Users\sejky\Desktop\FRST.txt
2013-12-30 20:02 - 2013-12-30 20:02 - 00000000 ____D C:\FRST
2013-12-30 20:02 - 2013-12-30 17:52 - 01931302 _____ (Farbar) C:\Users\sejky\Desktop\FRST64.exe
2013-12-30 20:02 - 2013-12-30 17:52 - 00112640 _____ (forum.viry.cz) C:\Users\sejky\Desktop\FRSTLauncher.exe
2013-12-30 17:52 - 2013-12-30 17:52 - 01931302 _____ (Farbar) C:\Users\sejky\Downloads\FRST64.exe
2013-12-30 17:52 - 2013-12-30 17:52 - 00112640 _____ (forum.viry.cz) C:\Users\sejky\Downloads\FRSTLauncher.exe
2013-12-30 16:18 - 2013-12-30 16:18 - 01233962 _____ C:\Users\sejky\Downloads\adwcleaner.exe
2013-12-30 16:18 - 2013-12-30 16:18 - 01034531 _____ (Thisisu) C:\Users\sejky\Downloads\JRT.exe
2013-12-30 16:18 - 2013-12-30 16:18 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\sejky\Downloads\sc-cleaner.exe
2013-12-30 02:11 - 2013-12-30 02:11 - 00012771 _____ C:\Users\sejky\Downloads\Pohyby_na_účtu-2600295817.csv
2013-12-30 02:05 - 2013-12-30 02:05 - 00534954 _____ C:\Users\sejky\Downloads\Pohyby_na_účtu-2000295813.csv
2013-12-29 12:13 - 2013-12-29 12:28 - 00086528 _____ C:\Users\sejky\Downloads\message-1-494459.msg
2013-12-29 11:08 - 2013-12-29 11:10 - 00100352 _____ C:\Users\sejky\Downloads\message-1-640931.msg
2013-12-29 09:54 - 2013-12-29 09:54 - 00088460 _____ C:\Users\sejky\Downloads\IN-20131229084639-00420774333393-12.WAV
2013-12-28 22:36 - 2013-12-28 23:06 - 00104960 _____ C:\Users\sejky\Downloads\message-1-637173 (1).msg
2013-12-28 22:07 - 2013-12-28 22:07 - 00090624 _____ C:\Users\sejky\Downloads\message-1-637173.msg
2013-12-28 20:33 - 2013-12-28 20:33 - 00403968 _____ C:\Users\sejky\Downloads\message-1-631731.msg
2013-12-28 13:12 - 2013-12-28 13:12 - 01738240 _____ C:\Users\sejky\Downloads\message-1-511522.msg
2013-12-28 13:12 - 2013-12-28 13:12 - 00195584 _____ C:\Users\sejky\Downloads\message-1-513164 (1).msg
2013-12-28 13:11 - 2013-12-28 13:11 - 00335360 _____ C:\Users\sejky\Downloads\message-1-513151.msg
2013-12-28 13:10 - 2013-12-28 13:10 - 00687616 _____ C:\Users\sejky\Downloads\message-1-546723.msg
2013-12-28 13:08 - 2013-12-28 13:08 - 00195584 _____ C:\Users\sejky\Downloads\message-1-513164.msg
2013-12-28 13:08 - 2013-12-28 13:08 - 00073216 _____ C:\Users\sejky\Downloads\message-1-507198.msg
2013-12-28 13:07 - 2013-12-28 13:07 - 00410112 _____ C:\Users\sejky\Downloads\message-1-638276.msg
2013-12-27 19:21 - 2013-12-27 19:21 - 00131685 _____ C:\Users\sejky\Downloads\OUT-20131227184900-00420777991025-00420774151731.WAV
2013-12-27 16:00 - 2013-12-27 16:00 - 00028160 _____ C:\Users\sejky\Downloads\message-1-635734.msg
2013-12-26 16:12 - 2013-12-26 16:12 - 00001781 _____ C:\Users\sejky\Downloads\20131226-JXL393.csv
2013-12-26 01:27 - 2013-12-26 01:27 - 00465497 _____ C:\Users\sejky\Downloads\SurveyReport-3581478-12-25-2013.xlsx
2013-12-25 23:34 - 2013-12-25 23:34 - 00075776 _____ C:\Users\sejky\Downloads\RE GIGASERVER.CZ - fakturace sluzeb - SZ1326324.msg
2013-12-25 14:37 - 2013-12-25 14:40 - 00078336 _____ C:\Users\sejky\Downloads\message-1-632460.msg
2013-12-25 13:46 - 2013-12-25 13:46 - 00080896 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December (2).msg
2013-12-25 13:46 - 2013-12-25 13:46 - 00063488 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December (3).msg
2013-12-25 13:33 - 2013-12-25 13:33 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (4).msg
2013-12-25 13:31 - 2013-12-25 13:31 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (3).msg
2013-12-25 11:47 - 2013-12-25 11:47 - 00000000 ____D C:\Users\sejky\AppData\Roaming\Mozilla
2013-12-25 11:42 - 2013-12-30 16:18 - 00000900 _____ C:\windows\setupact.log
2013-12-25 11:42 - 2013-12-25 11:42 - 00000000 _____ C:\windows\setuperr.log
2013-12-23 20:56 - 2013-12-23 20:56 - 00059989 _____ C:\Users\sejky\Downloads\mailing_komercni.xlsx
2013-12-23 20:53 - 2013-12-23 20:53 - 00566175 _____ C:\Users\sejky\Downloads\exúport_kontakty.CSV
2013-12-23 20:53 - 2013-12-23 20:53 - 00038521 _____ C:\Users\sejky\AppData\Roaming\Hodnoty oddělené čárkami (DOS).ADR
2013-12-23 20:45 - 2013-12-23 20:45 - 00389352 _____ C:\Users\sejky\Downloads\mailing_final.xlsx
2013-12-23 20:42 - 2013-12-23 20:43 - 00357868 _____ C:\Users\sejky\Downloads\mailing.xlsx
2013-12-23 20:41 - 2013-12-23 20:41 - 00017297 _____ C:\Users\sejky\Downloads\nezasilat mailing.xlsx
2013-12-23 20:37 - 2013-12-23 20:37 - 00266686 _____ C:\Users\sejky\Downloads\soutezici.csv
2013-12-23 20:36 - 2013-12-23 20:36 - 14693128 _____ C:\Users\sejky\Downloads\objednavky.csv
2013-12-23 20:36 - 2013-12-23 20:36 - 00383955 _____ C:\Users\sejky\Downloads\vyzkousej_net.csv
2013-12-23 14:51 - 2013-12-23 14:51 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (2).msg
2013-12-22 17:38 - 2013-12-22 17:38 - 00080896 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December (1).msg
2013-12-22 17:38 - 2013-12-22 17:38 - 00038400 _____ C:\Users\sejky\Downloads\Žádost o kalkulaci.msg
2013-12-21 11:35 - 2013-12-21 11:35 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender.msg
2013-12-21 11:35 - 2013-12-21 11:35 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (1).msg
2013-12-21 02:29 - 2013-12-21 02:29 - 00040448 _____ C:\Users\sejky\Documents\Mail delivery failed returning message to sender.msg
2013-12-19 00:26 - 2013-12-19 00:26 - 00063488 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December.msg
2013-12-16 22:37 - 2013-12-25 11:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-16 22:37 - 2013-12-16 22:37 - 00000000 ____D C:\Users\sejky\AppData\Local\Mozilla
2013-12-16 22:36 - 2013-12-16 22:36 - 23882680 _____ (Mozilla) C:\Users\sejky\Downloads\Firefox Setup 26.0.exe
2013-12-15 13:22 - 2013-08-21 01:27 - 00494864 _____ (Intel Corporation) C:\windows\system32\Drivers\e1c62x64.sys
2013-12-15 13:22 - 2013-08-09 01:04 - 00553784 _____ (Intel Corporation) C:\windows\system32\PROUnstl.exe
2013-12-15 13:22 - 2013-07-25 02:08 - 00073480 _____ (Intel Corporation) C:\windows\system32\e1cmsg.dll
2013-12-15 13:22 - 2013-07-11 02:27 - 00089888 _____ (Intel Corporation) C:\windows\system32\NicInstC.dll
2013-12-15 13:22 - 2012-01-06 13:02 - 00003114 _____ C:\windows\system32\e1c62x64.din
2013-12-15 13:22 - 2006-01-12 14:52 - 00001904 ____N C:\windows\system32\SetupBD.din
2013-12-15 13:12 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2013-12-15 13:11 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-15 13:11 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-15 13:11 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-12-15 13:11 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-12-15 13:11 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-15 13:11 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-12-15 13:11 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-15 13:11 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-15 13:11 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-15 13:11 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-12-15 13:11 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-15 13:11 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-12-15 13:11 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-12-15 13:11 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-12-15 13:11 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-15 13:11 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-12-15 13:11 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-12-15 13:11 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-15 13:11 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-12-15 13:11 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-12-15 13:11 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-12-15 13:11 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-12-15 13:11 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-15 13:11 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-12-15 13:11 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-12-15 13:11 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-15 13:11 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-15 13:11 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-12-15 13:11 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-12-15 13:11 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-12-15 13:11 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-12-15 13:11 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-12-15 13:11 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2013-12-15 13:11 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2013-12-15 13:08 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2013-12-15 13:08 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2013-12-15 13:08 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-12-15 13:08 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2013-12-15 13:08 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2013-12-15 13:08 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2013-12-15 13:08 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-12-15 13:08 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2013-12-15 13:08 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2013-12-15 13:08 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2013-12-15 13:08 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2013-12-15 13:08 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2013-12-15 13:08 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2013-12-15 13:08 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2013-12-15 13:08 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2013-12-15 13:08 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2013-12-15 13:08 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2013-12-15 13:08 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2013-12-15 13:08 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2013-12-15 13:02 - 2013-08-02 10:40 - 00644968 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorA.sys
2013-12-15 13:02 - 2013-08-02 10:39 - 00028008 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorF.sys
2013-12-15 13:02 - 2013-05-22 16:17 - 00015472 _____ (Lenovo Group Limited) C:\windows\system32\Drivers\smiifx64.sys
2013-12-15 12:47 - 2013-12-15 12:47 - 02063823 _____ C:\Users\sejky\Downloads\20121204 - VH - zapis.zip
2013-12-15 12:23 - 2013-12-15 12:23 - 00044835 _____ C:\Users\sejky\Downloads\CZNIC_vzor_dokumenty_vstup.zip
2013-12-14 23:40 - 2013-12-14 23:40 - 01535778 _____ C:\Users\sejky\Downloads\android-portable.apk
2013-12-11 20:21 - 2013-12-11 23:58 - 00317402 _____ C:\Users\sejky\Desktop\Hist_.txt
2013-12-11 01:56 - 2013-12-15 18:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-05 09:37 - 2013-12-05 09:38 - 00462848 _____ C:\Users\sejky\Documents\Database6.accdb
2013-12-03 20:14 - 2013-12-03 20:14 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\Program Files\iTunes
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\Program Files\iPod
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-03 20:14 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\windows\system32\Drivers\GEARAspiWDM.sys
2013-12-01 15:57 - 2013-12-02 08:36 - 00000000 ____D C:\Users\sejky\Desktop\migrace
2013-11-30 00:17 - 2013-11-30 00:17 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2013-11-30 00:17 - 2013-11-30 00:17 - 00000000 ____D C:\Users\sejky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERMICRO
2013-11-30 00:17 - 2013-11-30 00:17 - 00000000 ____D C:\Program Files (x86)\SUPERMICRO
2013-11-30 00:16 - 2013-11-30 00:16 - 00000000 ___HD C:\Users\sejky\InstallAnywhere

==================== One Month Modified Files and Folders =======

2013-12-30 20:03 - 2013-12-30 20:03 - 00027569 _____ C:\Users\sejky\Desktop\FRST.txt
2013-12-30 20:02 - 2013-12-30 20:02 - 00000000 ____D C:\FRST
2013-12-30 19:56 - 2013-06-17 21:04 - 00000966 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-30 19:35 - 2013-08-19 20:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-30 19:17 - 2013-06-17 13:27 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job
2013-12-30 18:56 - 2013-06-17 21:04 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-30 17:52 - 2013-12-30 20:02 - 01931302 _____ (Farbar) C:\Users\sejky\Desktop\FRST64.exe
2013-12-30 17:52 - 2013-12-30 20:02 - 00112640 _____ (forum.viry.cz) C:\Users\sejky\Desktop\FRSTLauncher.exe
2013-12-30 17:52 - 2013-12-30 17:52 - 01931302 _____ (Farbar) C:\Users\sejky\Downloads\FRST64.exe
2013-12-30 17:52 - 2013-12-30 17:52 - 00112640 _____ (forum.viry.cz) C:\Users\sejky\Downloads\FRSTLauncher.exe
2013-12-30 16:49 - 2013-06-17 20:44 - 00669116 _____ C:\windows\system32\perfh005.dat
2013-12-30 16:49 - 2013-06-17 20:44 - 00141744 _____ C:\windows\system32\perfc005.dat
2013-12-30 16:49 - 2009-07-14 06:13 - 01584554 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-30 16:18 - 2013-12-30 16:18 - 01233962 _____ C:\Users\sejky\Downloads\adwcleaner.exe
2013-12-30 16:18 - 2013-12-30 16:18 - 01034531 _____ (Thisisu) C:\Users\sejky\Downloads\JRT.exe
2013-12-30 16:18 - 2013-12-30 16:18 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\sejky\Downloads\sc-cleaner.exe
2013-12-30 16:18 - 2013-12-25 11:42 - 00000900 _____ C:\windows\setupact.log
2013-12-30 16:06 - 2013-06-17 20:53 - 00144195 _____ C:\windows\WindowsUpdate.log
2013-12-30 14:17 - 2013-06-17 13:27 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core.job
2013-12-30 08:20 - 2009-07-14 05:45 - 00034432 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-30 08:20 - 2009-07-14 05:45 - 00034432 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-30 02:11 - 2013-12-30 02:11 - 00012771 _____ C:\Users\sejky\Downloads\Pohyby_na_účtu-2600295817.csv
2013-12-30 02:05 - 2013-12-30 02:05 - 00534954 _____ C:\Users\sejky\Downloads\Pohyby_na_účtu-2000295813.csv
2013-12-29 12:28 - 2013-12-29 12:13 - 00086528 _____ C:\Users\sejky\Downloads\message-1-494459.msg
2013-12-29 12:27 - 2013-06-17 22:09 - 00000600 _____ C:\Users\sejky\AppData\Local\PUTTY.RND
2013-12-29 12:21 - 2013-06-18 23:23 - 00002208 ____H C:\Users\sejky\Documents\Default.rdp
2013-12-29 11:10 - 2013-12-29 11:08 - 00100352 _____ C:\Users\sejky\Downloads\message-1-640931.msg
2013-12-29 09:54 - 2013-12-29 09:54 - 00088460 _____ C:\Users\sejky\Downloads\IN-20131229084639-00420774333393-12.WAV
2013-12-28 23:08 - 2013-06-17 18:52 - 00000000 ____D C:\ProgramData\firebird
2013-12-28 23:06 - 2013-12-28 22:36 - 00104960 _____ C:\Users\sejky\Downloads\message-1-637173 (1).msg
2013-12-28 22:07 - 2013-12-28 22:07 - 00090624 _____ C:\Users\sejky\Downloads\message-1-637173.msg
2013-12-28 20:33 - 2013-12-28 20:33 - 00403968 _____ C:\Users\sejky\Downloads\message-1-631731.msg
2013-12-28 19:04 - 2013-06-17 13:20 - 00000000 ____D C:\Users\sejky\AppData\Roaming\FileZilla
2013-12-28 18:47 - 2013-10-20 17:04 - 00000600 _____ C:\Users\sejky\AppData\Roaming\winscp.rnd
2013-12-28 13:12 - 2013-12-28 13:12 - 01738240 _____ C:\Users\sejky\Downloads\message-1-511522.msg
2013-12-28 13:12 - 2013-12-28 13:12 - 00195584 _____ C:\Users\sejky\Downloads\message-1-513164 (1).msg
2013-12-28 13:11 - 2013-12-28 13:11 - 00335360 _____ C:\Users\sejky\Downloads\message-1-513151.msg
2013-12-28 13:10 - 2013-12-28 13:10 - 00687616 _____ C:\Users\sejky\Downloads\message-1-546723.msg
2013-12-28 13:08 - 2013-12-28 13:08 - 00195584 _____ C:\Users\sejky\Downloads\message-1-513164.msg
2013-12-28 13:08 - 2013-12-28 13:08 - 00073216 _____ C:\Users\sejky\Downloads\message-1-507198.msg
2013-12-28 13:07 - 2013-12-28 13:07 - 00410112 _____ C:\Users\sejky\Downloads\message-1-638276.msg
2013-12-27 19:21 - 2013-12-27 19:21 - 00131685 _____ C:\Users\sejky\Downloads\OUT-20131227184900-00420777991025-00420774151731.WAV
2013-12-27 16:00 - 2013-12-27 16:00 - 00028160 _____ C:\Users\sejky\Downloads\message-1-635734.msg
2013-12-26 16:12 - 2013-12-26 16:12 - 00001781 _____ C:\Users\sejky\Downloads\20131226-JXL393.csv
2013-12-26 12:07 - 2013-06-17 21:00 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-26 12:07 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-26 01:27 - 2013-12-26 01:27 - 00465497 _____ C:\Users\sejky\Downloads\SurveyReport-3581478-12-25-2013.xlsx
2013-12-25 23:34 - 2013-12-25 23:34 - 00075776 _____ C:\Users\sejky\Downloads\RE GIGASERVER.CZ - fakturace sluzeb - SZ1326324.msg
2013-12-25 14:40 - 2013-12-25 14:37 - 00078336 _____ C:\Users\sejky\Downloads\message-1-632460.msg
2013-12-25 13:46 - 2013-12-25 13:46 - 00080896 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December (2).msg
2013-12-25 13:46 - 2013-12-25 13:46 - 00063488 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December (3).msg
2013-12-25 13:33 - 2013-12-25 13:33 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (4).msg
2013-12-25 13:31 - 2013-12-25 13:31 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (3).msg
2013-12-25 11:47 - 2013-12-25 11:47 - 00000000 ____D C:\Users\sejky\AppData\Roaming\Mozilla
2013-12-25 11:42 - 2013-12-25 11:42 - 00000000 _____ C:\windows\setuperr.log
2013-12-25 11:41 - 2013-12-16 22:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-25 11:39 - 2013-07-02 19:13 - 00000000 ____D C:\Users\sejky\AppData\Roaming\Seznam.cz
2013-12-25 11:32 - 2013-07-07 17:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-25 11:18 - 2013-06-17 20:34 - 00000000 ____D C:\Users\sejky\AppData\Roaming\Skype
2013-12-23 20:56 - 2013-12-23 20:56 - 00059989 _____ C:\Users\sejky\Downloads\mailing_komercni.xlsx
2013-12-23 20:53 - 2013-12-23 20:53 - 00566175 _____ C:\Users\sejky\Downloads\exúport_kontakty.CSV
2013-12-23 20:53 - 2013-12-23 20:53 - 00038521 _____ C:\Users\sejky\AppData\Roaming\Hodnoty oddělené čárkami (DOS).ADR
2013-12-23 20:45 - 2013-12-23 20:45 - 00389352 _____ C:\Users\sejky\Downloads\mailing_final.xlsx
2013-12-23 20:43 - 2013-12-23 20:42 - 00357868 _____ C:\Users\sejky\Downloads\mailing.xlsx
2013-12-23 20:41 - 2013-12-23 20:41 - 00017297 _____ C:\Users\sejky\Downloads\nezasilat mailing.xlsx
2013-12-23 20:37 - 2013-12-23 20:37 - 00266686 _____ C:\Users\sejky\Downloads\soutezici.csv
2013-12-23 20:36 - 2013-12-23 20:36 - 14693128 _____ C:\Users\sejky\Downloads\objednavky.csv
2013-12-23 20:36 - 2013-12-23 20:36 - 00383955 _____ C:\Users\sejky\Downloads\vyzkousej_net.csv
2013-12-23 14:51 - 2013-12-23 14:51 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (2).msg
2013-12-22 17:38 - 2013-12-22 17:38 - 00080896 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December (1).msg
2013-12-22 17:38 - 2013-12-22 17:38 - 00038400 _____ C:\Users\sejky\Downloads\Žádost o kalkulaci.msg
2013-12-21 11:35 - 2013-12-21 11:35 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender.msg
2013-12-21 11:35 - 2013-12-21 11:35 - 00040448 _____ C:\Users\sejky\Downloads\Mail delivery failed returning message to sender (1).msg
2013-12-21 02:29 - 2013-12-21 02:29 - 00040448 _____ C:\Users\sejky\Documents\Mail delivery failed returning message to sender.msg
2013-12-19 00:26 - 2013-12-19 00:26 - 00063488 _____ C:\Users\sejky\Downloads\COM at $8 59 and other Promos this December.msg
2013-12-16 22:37 - 2013-12-16 22:37 - 00000000 ____D C:\Users\sejky\AppData\Local\Mozilla
2013-12-16 22:36 - 2013-12-16 22:36 - 23882680 _____ (Mozilla) C:\Users\sejky\Downloads\Firefox Setup 26.0.exe
2013-12-15 20:44 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2013-12-15 18:21 - 2013-12-11 01:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-15 13:22 - 2013-07-17 07:46 - 01560204 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-12-15 13:21 - 2013-06-17 21:02 - 00000000 ____D C:\windows\Downloaded Installations
2013-12-15 13:19 - 2009-07-14 06:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2013-12-15 13:17 - 2009-07-14 05:45 - 00341600 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-15 13:11 - 2013-06-17 17:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-15 13:10 - 2013-07-19 00:00 - 00000000 ____D C:\windows\system32\MRT
2013-12-15 13:10 - 2013-06-17 19:29 - 90708896 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-12-15 13:02 - 2013-06-17 20:57 - 00000000 ____D C:\Program Files\Lenovo
2013-12-15 12:47 - 2013-12-15 12:47 - 02063823 _____ C:\Users\sejky\Downloads\20121204 - VH - zapis.zip
2013-12-15 12:23 - 2013-12-15 12:23 - 00044835 _____ C:\Users\sejky\Downloads\CZNIC_vzor_dokumenty_vstup.zip
2013-12-14 23:40 - 2013-12-14 23:40 - 01535778 _____ C:\Users\sejky\Downloads\android-portable.apk
2013-12-11 23:58 - 2013-12-11 20:21 - 00317402 _____ C:\Users\sejky\Desktop\Hist_.txt
2013-12-11 18:03 - 2013-06-17 18:33 - 00000000 ____D C:\windows\system32\appmgmt
2013-12-11 08:56 - 2012-08-02 14:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klim6.sys
2013-12-11 08:56 - 2012-06-19 16:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kl1.sys
2013-12-11 00:56 - 2013-06-23 22:03 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-12-11 00:56 - 2013-06-17 18:29 - 00000000 ____D C:\Users\sejky\AppData\Roaming\DAEMON Tools Lite
2013-12-11 00:36 - 2013-06-20 15:31 - 00000000 ____D C:\windows\Minidump
2013-12-11 00:36 - 2011-02-24 18:03 - 00000000 ____D C:\windows\Panther
2013-12-10 18:31 - 2013-11-10 16:43 - 00000000 ____D C:\Users\sejky\AppData\Roaming\LSC
2013-12-05 12:19 - 2013-06-17 13:28 - 00002383 _____ C:\Users\sejky\Desktop\Google Chrome.lnk
2013-12-05 09:38 - 2013-12-05 09:37 - 00462848 _____ C:\Users\sejky\Documents\Database6.accdb
2013-12-03 20:14 - 2013-12-03 20:14 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\Program Files\iTunes
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\Program Files\iPod
2013-12-03 20:14 - 2013-12-03 20:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-03 19:29 - 2013-06-20 21:51 - 00000000 ____D C:\Users\sejky\AppData\Roaming\Apple Computer
2013-12-03 17:31 - 2013-06-17 21:12 - 00000000 ____D C:\Users\sejky\AppData\Roaming\TeamViewer
2013-12-03 14:12 - 2013-06-17 13:27 - 00003936 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA
2013-12-03 14:12 - 2013-06-17 13:27 - 00003540 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core
2013-12-02 08:36 - 2013-12-01 15:57 - 00000000 ____D C:\Users\sejky\Desktop\migrace
2013-12-01 15:56 - 2013-09-29 21:14 - 00000000 ____D C:\Users\sejky\Desktop\kontrola_servery
2013-12-01 15:52 - 2013-06-27 10:58 - 00000000 ____D C:\Users\sejky\Desktop\migrace_kontrola
2013-11-30 00:17 - 2013-11-30 00:17 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2013-11-30 00:17 - 2013-11-30 00:17 - 00000000 ____D C:\Users\sejky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERMICRO
2013-11-30 00:17 - 2013-11-30 00:17 - 00000000 ____D C:\Program Files (x86)\SUPERMICRO
2013-11-30 00:16 - 2013-11-30 00:16 - 00000000 ___HD C:\Users\sejky\InstallAnywhere
2013-11-30 00:16 - 2013-06-17 11:41 - 00000000 ____D C:\Users\sejky

Some content of TEMP:
====================
C:\Users\sejky\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-30 03:26

==================== End Of Log ============================

sejky · #9 Příspěvek od **sejky** » 30 pro 2013 20:06

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01
Ran by sejky at 2013-12-30 20:03:33
Running from C:\Users\sejky\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
Aplikace Intel® PROSet/Wireless (x32 Version: 16.1.3 - Intel Corporation)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BOSSAFX (x32 Version: 4.00 - MetaQuotes Software Corp.)
CCleaner (Version: 4.02 - Piriform)
Corel WinDVD (x32 Version: 10.0.6.392 - Corel Inc.)
Create Recovery Media (x32 Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft)
DAEMON Tools Lite (x32 Version: 4.47.1.0333 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version: - Microsoft)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (Version: 1.00 - )
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.17 - Dolby Laboratories Inc)
Evernote v. 4.2.3 (x32 Version: 4.2.3.15 - Evernote Corp.)
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Gigaserver Outlook Addin (Version: 1.0.0.11 - LernFilme.com)
Google Chrome (HKCU Version: 31.0.1650.63 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.)
HP LaserJet M1522 MFP Series 4.2 (Version: 4.2 - HP)
Integrated Camera Driver Installer Package Ver.1.2.1.18 (x32 Version: 1.2.1.18 - RICOH)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10 - Intel)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Network Connections Drivers (Version: 18.7 - Intel)
Intel(R) OpenCL CPU Runtime (x32 Version: - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.3000.0512 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (Version: 4.2.19.0 - Intel Corporation)
Intel(R) Wireless Display (Version: - )
Intel® PROSet/Wireless WiFi Software (Version: 16.01.3000.0254 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation)
IPMIView (x32 Version: 2.6.0.0 - SUPERMICRO)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab)
Kerio Outlook Connector (Offline Edition) (Version: 8.2.2096 - Kerio Technologies Inc.)
Kerio Updater Service (x32 Version: 1.2.59914 - Kerio Technologies, Inc.) <==== ATTENTION
Lenovo Auto Scroll Utility (Version: 2.02 - )
Lenovo Patch Utility (x32 Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited)
Lenovo Power Management Driver (Version: 1.67.04.04 - )
Lenovo Registration (x32 Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (Version: 3.2.0004.00 - Lenovo Group Limited)
Lenovo Solution Center (Version: 2.3.002.00 - Lenovo Group Limited)
Lenovo System Interface Driver (Version: 1.05 - )
Lenovo System Update (x32 Version: 5.03.0005 - Lenovo)
Lenovo User Guide (x32 Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (x32 Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (x32 Version: 3.1.0020.00 - Lenovo Group Limited)
Live Help Messenger Desktop (x32 Version: 4.0.24.0 - Stardevelop Pty Ltd)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Message Center Plus (Version: 3.1.0004.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (x32 Version: 14.0.4763.1024 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office PowerPoint MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (Slovak) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Slovak) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Publisher MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Publisher MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Shared 32-bit MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Shared 64-bit MUI (Czech) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Shared MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Shared MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Word MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Word MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 cs) (x32 Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MTPuTTY 1.6 beta (x32 Version: 1.6 - TTYPlus)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation)
NVIDIA nView 140.75 (Version: 140.75 - NVIDIA Corporation)
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 312.69 (Version: 312.69 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.24.2 (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 312.69 (Version: 312.69 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1269 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation)
On Screen Display (Version: 7.12.23 - )
Ovládací panel NVIDIA 312.69 (Version: 312.69 - NVIDIA Corporation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (x32 Version: 15.4.5722.2 - Microsoft Corporation)
PDFCreator (x32 Version: 1.7.0 - pdfforge)
Power Manager (x32 Version: 6.63.1 - Lenovo Group Limited)
PSPad editor (x32 Version: 4.5.7.2450 - Jan Fiala)
QIP 2012 4.0.8921 (HKCU Version: 4.0.8921 - )
RapidBoot Shield (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (x32 Version: 2.14.18.01 - RICOH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SugarSync Manager (x32 Version: 1.9.61.90905 - SugarSync, Inc.)
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (Version: 16.2.19.13 - )
ThinkVantage Access Connections (x32 Version: 6.11 - Lenovo)
ThinkVantage Active Protection System (Version: 1.78.0.10 - Lenovo)
ThinkVantage Communications Utility (Version: 3.1.6.0 - Lenovo)
ThinkVantage Fingerprint Software (Version: 5.9.9.7282 - Authentec Inc.)
Total Commander 64-bit (Remove or Repair) (Version: 8.01 - Ghisler Software GmbH)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version: - Microsoft)
VIP Access (x32 Version: 2.0.5.13 - VeriSign)
Windows Driver Package - Intel (e1cexpress) Net (01/11/2012 11.15.16.0) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows Driver Package - Intel System (01/11/2012 9.3.0.1020) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows Driver Package - Intel System (08/26/2011 9.3.0.1011) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows Driver Package - Intel USB (08/26/2011 9.3.0.1011) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows Driver Package - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows Driver Package - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse (04/06/2012 16.1.1.0) (Version: 04/06/2012 16.1.1.0 - Synaptics)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0 - win.rar GmbH)
WinSCP 5.1.7 (x32 Version: 5.1.7 - Martin Prikryl)

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-08-26 20:07 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0641A23F-9786-49CE-B658-D8FFF3F3AD0F} - System32\Tasks\{867A5928-CA9F-4502-99EE-D3C036F43394} => C:\Users\sejky\Downloads\Setup.exe
Task: {27E2A979-717C-47C3-AF82-DC48E6B7B7A9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {31E96A87-7E4A-441D-B459-96E6A39810F6} - System32\Tasks\{1F1FC2C1-DF66-4365-AD9A-6E04471B0FD6} => C:\Users\sejky\Downloads\Setup.exe
Task: {38B61DF6-4717-4D56-AA0D-47C0D71CC2D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {3B157581-026F-478E-BF0A-0A1C0415D716} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-09-25] ()
Task: {3F7E4FD6-108C-40E7-866C-6DEA3E45D9C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {56F1B36E-47B3-4D97-9498-7A7165CA874F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-09-17] ()
Task: {57734CFF-0C7B-49C8-BFDD-3F21F0487F44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {63F87D89-BF11-4CAC-9709-C3E5A543AFC8} - System32\Tasks\{094662A5-3F52-433F-8C44-219AC2F911CC} => C:\Users\sejky\Downloads\Setup.exe
Task: {8107739C-CFA8-47E3-85DE-3D3D28B4D404} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2013-09-03] (Lenovo Group Limited)
Task: {92A6C210-0DB9-42B7-A59D-942F63DBC151} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()
Task: {A16EBCD5-625C-4202-AAD3-F544EE1B90E3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-09-25] (Lenovo)
Task: {A6B3F07F-DBEF-45C0-90B2-B02BFA3F47E9} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-26] (Synaptics Incorporated)
Task: {A7829D21-CC9A-4E2D-A237-EB229F1427D2} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {AFBE6478-E939-4A89-9CEB-D000526674B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {B2FD0AFA-8E0E-4CB6-8C1F-57ED3ED940BF} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for sejky-THINK.sejky => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-16] (Lenovo)
Task: {C46B660A-BDCD-41FE-837F-5051CDA054DA} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {C91A8021-0C08-42B0-A05D-5402496BBA5B} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {C99B3698-9C2D-4DB7-B46C-6AA320D33D9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {D42E3F22-3BE4-4D73-BB61-399DB53D1341} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe [2012-05-16] (Lenovo)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core.job => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-06-17 20:59 - 2012-05-31 17:48 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-17 21:01 - 2013-09-03 06:03 - 00104448 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-17 23:28 - 2013-11-15 10:52 - 00518432 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2013-06-17 20:59 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-03 08:17 - 2013-11-03 08:17 - 00104448 _____ () C:\Program Files\Kerio\Outlook Connector (Offline Edition)\ktzlib100x64_1.2.3.dll
2013-11-03 08:28 - 2013-11-03 08:28 - 00347648 _____ () C:\Program Files\Kerio\Outlook Connector (Offline Edition)\gmime.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-10-10 23:07 - 2011-10-10 23:07 - 00012288 _____ () C:\Program Files\Gigaserver.Outlook\Gigaserver.Outlook.dll
2013-02-15 02:36 - 2013-02-15 02:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-16 21:58 - 2013-05-16 21:58 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2013-10-02 12:09 - 2013-10-02 12:09 - 00086016 _____ () C:\Program Files (x86)\Kerio\UpdaterService\ktzlib100_1.2.3.dll
2013-06-17 21:02 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-06-17 21:02 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2013-10-22 16:19 - 2013-10-22 16:19 - 00092456 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2013-06-17 17:49 - 2012-12-21 12:34 - 01072320 _____ () C:\Program Files (x86)\QIP 2012\Protos\InfICQ\InfICQ.dll
2013-06-17 17:49 - 2012-12-21 12:34 - 00519360 _____ () C:\Program Files (x86)\QIP 2012\Protos\MRA\MRA.dll
2013-06-17 17:49 - 2012-12-21 12:34 - 00878784 _____ () C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
2013-06-17 17:49 - 2012-12-21 12:33 - 04664000 _____ () C:\Program Files (x86)\QIP 2012\Core\voip.dll
2013-06-17 20:59 - 2012-05-31 17:48 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2013-07-17 07:49 - 2013-05-13 14:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-12-05 12:19 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 12:19 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 12:19 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 12:19 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 12:19 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 12:19 - 2013-12-04 03:48 - 13586896 _____ () C:\Users\sejky\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
2013-07-02 19:13 - 2012-08-03 07:01 - 00123536 _____ () C:\Program Files\totalcmd\wcmzip32.dll
2013-07-02 19:13 - 2012-08-03 07:01 - 00176128 _____ () C:\Program Files\totalcmd\UNRAR.DLL
2013-09-03 14:54 - 2013-09-03 14:54 - 00054784 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_cz\brdlang32.CZE
2013-06-17 20:52 - 2013-09-20 08:36 - 09393664 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
2013-09-03 14:53 - 2013-09-03 14:53 - 00305520 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2012-07-27 21:51 - 2012-07-27 21:51 - 06549432 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\authplay.dll
2013-06-17 20:53 - 2013-09-22 21:31 - 03025408 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.CZE
2013-06-23 22:10 - 2013-10-13 17:58 - 00022016 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_SendMail.CZE
2013-06-17 20:53 - 2013-09-23 18:17 - 00013824 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.CZE
2013-06-17 20:53 - 2013-09-22 21:31 - 01284096 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.CZE
2013-06-17 20:53 - 2013-09-22 21:31 - 00300544 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.CZE
2013-06-17 20:53 - 2013-09-22 21:31 - 01133568 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.CZE
2013-06-17 20:52 - 2013-09-22 21:31 - 00097792 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.CZE
2013-06-18 22:33 - 2013-09-29 11:22 - 00192512 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Checkers.CZE
2013-06-18 00:05 - 2013-09-22 21:31 - 00073216 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Accessibility.CZE
2013-06-17 20:52 - 2013-09-25 07:04 - 00043520 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_weblink.CZE
2013-06-18 00:03 - 2013-09-23 18:17 - 00024064 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_SaveAsRTF.CZE
2013-06-18 22:19 - 2013-10-05 12:05 - 00051200 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Search.CZE
2013-07-02 23:37 - 2013-10-13 22:54 - 00011776 _____ () C:\Users\sejky\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PDDom.CZE

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/30/2013 08:03:52 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: mtputty.exe, verze: 1.6.0.176, časové razítko: 0x2a425e19
Název chybujícího modulu: nvinit.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x526ed802
Kód výjimky: 0xc0000005
Posun chyby: 0x7512ce69
ID chybujícího procesu: 0x2718
Čas spuštění chybující aplikace: 0xmtputty.exe0
Cesta k chybující aplikaci: mtputty.exe1
Cesta k chybujícímu modulu: mtputty.exe2
ID zprávy: mtputty.exe3

Error: (12/28/2013 11:08:14 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: OUTLOOK.EXE, verze: 14.0.7109.5000, časové razítko: 0x522a32e6
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18229, časové razítko: 0x51fb1677
Kód výjimky: 0xe06d7363
Posun chyby: 0x000000000000940d
ID chybujícího procesu: 0x2684
Čas spuštění chybující aplikace: 0xOUTLOOK.EXE0
Cesta k chybující aplikaci: OUTLOOK.EXE1
Cesta k chybujícímu modulu: OUTLOOK.EXE2
ID zprávy: OUTLOOK.EXE3

Error: (12/28/2013 02:09:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

Error: (12/28/2013 02:09:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011

Error: (12/28/2013 02:09:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 02:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013

Error: (12/28/2013 02:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013

Error: (12/28/2013 02:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 02:09:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (12/28/2013 02:09:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

System errors:
=============
Error: (12/30/2013 11:46:44 AM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (12/29/2013 02:17:12 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (12/28/2013 11:58:19 AM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (12/27/2013 05:55:46 AM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (12/26/2013 00:09:16 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (12/26/2013 00:09:16 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/26/2013 00:07:12 PM) (Source: Service Control Manager) (User: )
Description: Služba SMI Helper Driver (smihlp2) neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (12/25/2013 11:44:30 AM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (12/25/2013 11:44:30 AM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/25/2013 11:42:27 AM) (Source: Service Control Manager) (User: )
Description: Služba SMI Helper Driver (smihlp2) neuspěla při spuštění v důsledku následující chyby:
%%2

Microsoft Office Sessions:
=========================
Error: (12/30/2013 08:03:52 PM) (Source: Application Error)(User: )
Description: mtputty.exe1.6.0.1762a425e19nvinit.dll_unloaded0.0.0.0526ed802c00000057512ce69271801cf022b64ee6c84C:\Program Files (x86)\MTPuTTY\mtputty.exenvinit.dll1ed5d907-7185-11e3-a50e-9c2a708797fa

Error: (12/28/2013 11:08:14 PM) (Source: Application Error)(User: )
Description: OUTLOOK.EXE14.0.7109.5000522a32e6KERNELBASE.dll6.1.7601.1822951fb1677e06d7363000000000000940d268401cf022b8d5a4e48C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXEC:\windows\system32\KERNELBASE.dll8b59b099-700c-11e3-a50e-9c2a708797fa

Error: (12/28/2013 02:09:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

Error: (12/28/2013 02:09:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011

Error: (12/28/2013 02:09:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 02:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013

Error: (12/28/2013 02:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013

Error: (12/28/2013 02:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 02:09:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (12/28/2013 02:09:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

CodeIntegrity Errors:
===================================
Date: 2013-12-16 21:18:02.554
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 18:41:35.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-04 22:26:43.979
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 23:19:37.997
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-29 23:19:21.050
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-28 01:56:28.708
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-28 01:56:28.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-28 01:56:28.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-28 01:56:28.702
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-28 01:56:28.701
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 75%
Total physical RAM: 8010.86 MB
Available physical RAM: 1966.62 MB
Total Pagefile: 16019.91 MB
Available Pagefile: 8334.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:111.57 GB) (Free:12.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Nový svazek) (Fixed) (Total:465.63 GB) (Free:386.3 GB) NTFS
Drive g: () (Removable) (Total:0.12 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2B13B00B)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 112 GB) (Disk ID: ADBB72F1)

Partition: GPT Partition Type
========================================================
Disk: 2 (Size: 125 MB) (Disk ID: BBEFE06D)
Partition 1: (Active) - (Size=125 MB) - (Type=0B)

==================== End Of Log ============================

#10 Příspěvek od **Rudy** » 30 pro 2013 21:14

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {38B61DF6-4717-4D56-AA0D-47C0D71CC2D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {3F7E4FD6-108C-40E7-866C-6DEA3E45D9C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {57734CFF-0C7B-49C8-BFDD-3F21F0487F44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {C99B3698-9C2D-4DB7-B46C-6AA320D33D9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core.job => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
MountPoints2: {616d7f95-91ff-4111-b783-f803f134c88b} - Q:\LenovoQDrive.exe
HKU\Default\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={sear ... n=browsers
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={sear ... n=browsers
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: QipLI Class - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\sejky\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {FA203BD0-36D6-46FF-92A0-7E90B07EF40C} http://monitoring.seonet.cz:8080/classe ... V_H264.cab
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job
C:\Users\sejky\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

sejky · #11 Příspěvek od **sejky** » 30 pro 2013 21:27

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-12-2013 01
Ran by sejky at 2013-12-30 21:25:16 Run:1
Running from C:\Users\sejky\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Task: {38B61DF6-4717-4D56-AA0D-47C0D71CC2D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {3F7E4FD6-108C-40E7-866C-6DEA3E45D9C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {57734CFF-0C7B-49C8-BFDD-3F21F0487F44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {C99B3698-9C2D-4DB7-B46C-6AA320D33D9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core.job => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job => C:\Users\sejky\AppData\Local\Google\Update\GoogleUpdate.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
MountPoints2: {616d7f95-91ff-4111-b783-f803f134c88b} - Q:\LenovoQDrive.exe
HKU\Default\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={sear ... n=browsers
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={sear ... n=browsers
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: QipLI Class - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\sejky\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {FA203BD0-36D6-46FF-92A0-7E90B07EF40C} http://monitoring.seonet.cz:8080/classe ... V_H264.cab
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job
C:\Users\sejky\AppData\Local\Temp
End
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38B61DF6-4717-4D56-AA0D-47C0D71CC2D6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38B61DF6-4717-4D56-AA0D-47C0D71CC2D6} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F7E4FD6-108C-40E7-866C-6DEA3E45D9C7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F7E4FD6-108C-40E7-866C-6DEA3E45D9C7} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57734CFF-0C7B-49C8-BFDD-3F21F0487F44} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57734CFF-0C7B-49C8-BFDD-3F21F0487F44} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C99B3698-9C2D-4DB7-B46C-6AA320D33D9C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C99B3698-9C2D-4DB7-B46C-6AA320D33D9C} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{616d7f95-91ff-4111-b783-f803f134c88b} => Key deleted successfully.
HKCR\CLSID\{616d7f95-91ff-4111-b783-f803f134c88b} => Key not found.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key deleted successfully.
HKCR\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6B5863A0-C43F-4C0A-982B-CC0E9125783F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{FA203BD0-36D6-46FF-92A0-7E90B07EF40C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{FA203BD0-36D6-46FF-92A0-7E90B07EF40C} => Key deleted successfully.
"C:\windows\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2329334214-4130132099-1595120037-1001UA.job" => File/Directory not found.

"C:\Users\sejky\AppData\Local\Temp" directory move:

C:\Users\sejky\AppData\Local\Temp\.challenge_plain => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\bgciu.bmp => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR1392.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR1F03.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR251E.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR2B82.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR310D.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR33B1.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR340A.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR43BA.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR43E4.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR4B41.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR4C6E.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR59F8.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR69AD.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR6DBE.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR6E2.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR76CB.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR7980.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR7AEA.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR7FB1.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR87D6.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR8EA9.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR8F35.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR957D.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR98B5.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVR9BB3.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRADAB.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRB27B.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRB28E.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRB3CB.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRBBFF.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRC1F.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRC21.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRC64C.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRCD40.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRCDCD.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRCFCE.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRDDD7.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRE59F.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVREF2F.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRF0BB.tmp.cvr => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\CVRF8F0.tmp.cvr => Moved successfully.
Could not move "C:\Users\sejky\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\sejky\AppData\Local\Temp\iTvN5Vm+.pdf.part => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\LoadedBodyStream-212470678-0.out => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\MSI3a727.LOG => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\qtsingleapp-ebecef-2f41-1-lockfile => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\qtsingleapp-FFDCAB-be4b-1-lockfile => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\skenovat0001.pdf => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\smlouva_faktura-1.pdf => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\users00 => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\yQTUnMRb.pdf.part => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\~DF77C2D91C511CD239.TMP => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\OICE_D35BA86F-7AD6-4BAE-97AF-1B6A88A66AA2.0\8D7C12FB. not found.
C:\Users\sejky\AppData\Local\Temp\OICE_D35BA86F-7AD6-4BAE-97AF-1B6A88A66AA2.0\mso97BB.tmp => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\9616_32402\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\9616_32402\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\9616_32402\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\7300_31867\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\7300_31867\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\7300_31867\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\7300_17296\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\7300_17296\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\7300_17296\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_7798\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_7798\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_7798\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_5275\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_5275\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_5275\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_32181\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_32181\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_32181\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_29783\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_29783\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_29783\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_26196\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_26196\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_26196\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_24781\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_24781\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_24781\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_20884\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_20884\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_20884\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_15351\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_15351\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_15351\manifest.json => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_11766\crl-set => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_11766\manifest.fingerprint => Moved successfully.
C:\Users\sejky\AppData\Local\Temp\4252_11766\manifest.json => Moved successfully.
Could not move "C:\Users\sejky\AppData\Local\Temp" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-30 21:26:27)<=

C:\Users\sejky\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\sejky\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

#12 Příspěvek od **Rudy** » 30 pro 2013 22:08

Smazáno. Nastala nějaká změna?

sejky · #13 Příspěvek od **sejky** » 30 pro 2013 22:10

bohužel na routeru na příchozích portech je stále tato komunikace
Jiné zařízení v sítí není

Date & Time Name SourceIP MacAddress DestinationIP Port

2013-12-30 17:46:47 Unknown 178.162.201.86 Unknown LAN(TCP,port 19634) WAN
2013-12-30 17:49:25 Unknown 213.199.179.142 Unknown LAN(UDP,port 36853) WAN
2013-12-30 17:51:25 Unknown 77.93.207.20 Unknown LAN(TCP,port 25815) WAN
2013-12-30 17:51:53 Unknown 77.93.207.20 Unknown LAN(TCP,port 25047) WAN
2013-12-30 17:52:04 Unknown 69.171.235.48 Unknown LAN(TCP,port 54725) WAN
2013-12-30 17:52:42 Unknown 5.166.95.15 Unknown LAN(UDP,port 35433) WAN
2013-12-30 17:57:30 Unknown 178.187.89.44 Unknown LAN(TCP,port 39173) WAN
2013-12-30 17:59:13 Unknown 176.31.238.80 Unknown LAN(TCP,port 31748) WAN
2013-12-30 18:00:44 Unknown 222.173.104.203 Unknown LAN(TCP,port 5632) WAN
2013-12-30 18:08:18 Unknown 46.174.48.42 Unknown LAN(TCP,port 752) WAN
2013-12-30 18:08:22 Unknown 178.162.201.86 Unknown LAN(TCP,port 30831) WAN
2013-12-30 18:09:37 Unknown 69.171.235.48 Unknown LAN(TCP,port 56261) WAN
2013-12-30 18:11:35 Unknown 77.93.207.20 Unknown LAN(TCP,port 26583) WAN
2013-12-30 18:12:59 Unknown 77.93.207.20 Unknown LAN(TCP,port 28119) WAN
2013-12-30 18:16:02 Unknown 203.170.193.202 Unknown LAN(TCP,port 15629) WAN
2013-12-30 18:17:35 Unknown 77.93.207.20 Unknown LAN(TCP,port 28887) WAN
2013-12-30 18:18:26 Unknown 178.162.201.86 Unknown LAN(TCP,port 2391) WAN
2013-12-30 18:18:58 Unknown 69.171.235.48 Unknown LAN(TCP,port 58565) WAN
2013-12-30 18:19:21 Unknown 77.0.207.20 Unknown LAN(TCP,port 29399) WAN
2013-12-30 18:29:07 Unknown 69.171.235.48 Unknown LAN(TCP,port 59845) WAN
2013-12-30 18:30:26 Unknown 77.93.207.20 Unknown LAN(TCP,port 23493) WAN
2013-12-30 18:32:04 Unknown 77.93.207.20 Unknown LAN(TCP,port 31447) WAN
2013-12-30 18:34:17 Unknown 85.118.128.3 Unknown LAN(TCP,port 4337) WAN
2013-12-30 18:40:03 Unknown 173.194.70.109 Unknown LAN(TCP,port 12985) WAN
2013-12-30 18:40:03 Unknown 173.194.70.109 Unknown LAN(TCP,port 20637) WAN
2013-12-30 18:43:03 Unknown 173.252.103.16 Unknown LAN(TCP,port 60357) WAN
2013-12-30 18:43:41 Unknown 77.93.207.20 Unknown LAN(TCP,port 60101) WAN
2013-12-30 18:44:17 Unknown 59.53.67.13 Unknown LAN(TCP,port 39173) WAN
2013-12-30 18:45:28 Unknown 46.174.48.42 Unknown LAN(TCP,port 26520) WAN
2013-12-30 18:46:14 Unknown 213.199.179.141 Unknown LAN(UDP,port 35229) WAN
2013-12-30 18:47:09 Unknown 198.20.70.114 Unknown LAN(UDP,port 39429) WAN
2013-12-30 18:48:26 Unknown 61.231.6.33 Unknown LAN(TCP,port 14348) WAN
2013-12-30 18:49:12 Unknown 46.174.48.42 Unknown LAN(TCP,port 29465) WAN
2013-12-30 18:50:01 Unknown 198.13.106.147 Unknown LAN(TCP,port 39173) WAN
2013-12-30 18:50:08 Unknown 77.67.96.223 Unknown LAN(TCP,port 33751) WAN
2013-12-30 18:50:14 Unknown 95.100.210.217 Unknown LAN(TCP,port 34263) WAN
2013-12-30 18:50:15 Unknown 95.100.210.217 Unknown LAN(TCP,port 34519) WAN
2013-12-30 18:57:06 Unknown 46.174.48.42 Unknown LAN(TCP,port 21787) WAN
2013-12-30 18:57:15 Unknown 69.171.235.48 Unknown LAN(TCP,port 63685) WAN
2013-12-30 19:11:28 Unknown 69.171.235.48 Unknown LAN(TCP,port 64197) WAN
2013-12-30 19:18:05 Unknown 192.210.62.30 Unknown LAN(TCP,port 39173) WAN
2013-12-30 19:22:03 Unknown 17.130.254.21 Unknown LAN(TCP,port 34007) WAN
2013-12-30 19:23:44 Unknown 61.147.113.66 Unknown LAN(TCP,port 5632) WAN
2013-12-30 19:25:41 Unknown 69.171.235.48 Unknown LAN(TCP,port 454) WAN
2013-12-30 19:39:54 Unknown 69.171.235.48 Unknown LAN(TCP,port 1734) WAN
2013-12-30 19:40:13 Unknown 77.93.207.20 Unknown LAN(TCP,port 1478) WAN
2013-12-30 19:40:19 Unknown 77.93.207.20 Unknown LAN(TCP,port 1990) WAN
2013-12-30 19:40:20 Unknown 77.93.207.20 Unknown LAN(TCP,port 2246) WAN
2013-12-30 19:42:16 Unknown 178.77.232.78 Unknown LAN(UDP,port 36853) WAN
2013-12-30 19:44:23 Unknown 85.118.128.3 Unknown LAN(TCP,port 27613) WAN
2013-12-30 19:48:50 Unknown 88.103.170.106 Unknown LAN(UDP,port 36853) WAN
2013-12-30 19:49:15 Unknown 1.182.126.253 Unknown LAN(TCP,port 14348) WAN
2013-12-30 19:49:24 Unknown 118.123.13.189 Unknown LAN(TCP,port 20480) WAN
2013-12-30 19:52:26 Unknown 151.217.84.215 Unknown LAN(TCP,port 15629) WAN
2013-12-30 19:54:07 Unknown 69.171.235.48 Unknown LAN(TCP,port 2758) WAN
2013-12-30 19:57:52 Unknown 46.13.101.66 Unknown LAN(UDP,port 36853) WAN
2013-12-30 19:59:34 Unknown 62.77.91.43 Unknown LAN(UDP,port 36853) WAN
2013-12-30 19:59:52 Unknown 50.30.42.5 Unknown LAN(UDP,port 44055) WAN
2013-12-30 20:01:40 Unknown 61.147.116.54 Unknown LAN(TCP,port 5632) WAN
2013-12-30 20:06:27 Unknown 81.248.29.151 Unknown LAN(TCP,port 48385) WAN
2013-12-30 20:22:29 Unknown 213.226.216.169 Unknown LAN(UDP,port 35229) WAN
2013-12-30 20:27:21 Unknown 119.84.63.30 Unknown LAN(TCP,port 5632) WAN
2013-12-30 20:29:26 Unknown 77.93.207.20 Unknown LAN(TCP,port 39383) WAN
2013-12-30 20:30:33 Unknown 69.171.235.48 Unknown LAN(TCP,port 6854) WAN
2013-12-30 20:35:56 Unknown 61.147.116.51 Unknown LAN(TCP,port 5632) WAN
2013-12-30 20:42:11 Unknown 77.93.207.20 Unknown LAN(TCP,port 7110) WAN
2013-12-30 20:42:16 Unknown 173.242.117.168 Unknown LAN(UDP,port 50195) WAN
2013-12-30 20:42:17 Unknown 77.93.207.20 Unknown LAN(TCP,port 7366) WAN
2013-12-30 20:42:17 Unknown 77.93.207.20 Unknown LAN(TCP,port 7622) WAN
2013-12-30 20:42:44 Unknown 218.28.116.238 Unknown LAN(TCP,port 39173) WAN
2013-12-30 20:46:33 Unknown 69.171.235.48 Unknown LAN(TCP,port 7878) WAN
2013-12-30 20:52:03 Unknown 212.67.154.71 Unknown LAN(TCP,port 47873) WAN
2013-12-30 20:52:07 Unknown 39.48.101.64 Unknown LAN(TCP,port 20480) WAN
2013-12-30 20:52:41 Unknown 77.93.207.20 Unknown LAN(TCP,port 42219) WAN
2013-12-30 21:00:50 Unknown 69.171.235.48 Unknown LAN(TCP,port 8646) WAN
2013-12-30 21:01:21 Unknown 77.93.207.20 Unknown LAN(TCP,port 41687) WAN
2013-12-30 21:01:50 Unknown 87.98.166.128 Unknown LAN(ICMP,port 0) WAN
2013-12-30 21:08:52 Unknown 66.84.17.210 Unknown LAN(TCP,port 5632) WAN
2013-12-30 21:10:27 Unknown 69.171.235.48 Unknown LAN(TCP,port 10438) WAN
2013-12-30 21:12:49 Unknown 60.191.170.125 Unknown LAN(TCP,port 39173) WAN
2013-12-30 21:16:33 Unknown 77.93.207.20 Unknown LAN(TCP,port 43223) WAN
2013-12-30 21:22:15 Unknown 222.175.114.134 Unknown LAN(TCP,port 5632) WAN
2013-12-30 21:25:43 Unknown 69.171.235.48 Unknown LAN(TCP,port 14790) WAN
2013-12-30 21:32:06 Unknown 80.82.70.107 Unknown LAN(TCP,port 18515) WAN
2013-12-30 21:33:09 Unknown 77.93.207.20 Unknown LAN(TCP,port 44759) WAN
2013-12-30 21:37:49 Unknown 37.143.11.25 Unknown LAN(TCP,port 59795) WAN
2013-12-30 21:37:49 Unknown 37.143.11.25 Unknown LAN(TCP,port 58515) WAN
2013-12-30 21:39:38 Unknown 84.16.89.109 Unknown LAN(TCP,port 12648) WAN
2013-12-30 21:40:22 Unknown 77.93.207.20 Unknown LAN(TCP,port 15814) WAN
2013-12-30 21:40:22 Unknown 77.93.207.20 Unknown LAN(TCP,port 16070) WAN
2013-12-30 21:40:24 Unknown 69.171.235.48 Unknown LAN(TCP,port 17862) WAN
2013-12-30 21:41:23 Unknown 77.93.207.20 Unknown LAN(TCP,port 45271) WAN
2013-12-30 21:42:42 Unknown 77.93.207.20 Unknown LAN(TCP,port 46807) WAN
2013-12-30 21:53:50 Unknown 89.223.50.12 Unknown LAN(TCP,port 16671) WAN
2013-12-30 21:54:39 Unknown 69.171.235.48 Unknown LAN(TCP,port 21190) WAN
2013-12-30 21:58:20 Unknown 113.57.25.108 Unknown LAN(TCP,port 39173) WAN
2013-12-30 21:58:29 Unknown 77.93.207.20 Unknown LAN(TCP,port 19140) WAN
2013-12-30 21:58:38 Unknown 77.93.207.20 Unknown LAN(TCP,port 18628) WAN
2013-12-30 21:58:51 Unknown 77.93.207.20 Unknown LAN(TCP,port 48087) WAN
2013-12-30 22:02:48 Unknown 46.174.48.42 Unknown LAN(TCP,port 46125) WAN

#14 Příspěvek od **Rudy** » 30 pro 2013 22:24

Zkusíme hloubkovou kontrolu. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

sejky · #15 Příspěvek od **sejky** » 19 led 2014 11:34

díky moc za pomoc. situaci jsem vyřešil.
P.

VIRY.CZ

útok na router

útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router

Re: útok na router