VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Win32.LoadMoney - skorojoerg

https://forum.viry.cz:443/viewtopic.php?t=135257

Stránka 1 z 2

Win32.LoadMoney - skorojoerg

Napsal: 05 led 2014 17:39
od skorojoerg
Mám na svém PC stejný problém, mám udělat to samé, co radíte slečně? Díky moc!

Re: Win32.LoadMoney - skorojoerg

Napsal: 05 led 2014 21:54
od vyosek
Zdravim :)

:arrow: Prispevek jsem Vam oddelil, do cizich temat se neleze

:arrow: Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784

Re: Win32.LoadMoney - skorojoerg

Napsal: 07 led 2014 12:08
od skorojoerg
Díky a omlouvám se, večer, až dorazím z práce pošlu log.

Re: Win32.LoadMoney - skorojoerg

Napsal: 07 led 2014 12:09
od vyosek
Ou Kej, tak at vam to ubiha :dunno:

Re: Win32.LoadMoney - skorojoerg

Napsal: 07 led 2014 19:14
od skorojoerg
Logfile of random's system information tool 1.09 (written by random/random)
Run by Marek Dvorský at 2014-01-07 19:11:35
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (20%) free of 60 GB
Total RAM: 2039 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:14, on 7.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkManagerDMS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\LGScsiCommandService.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\ASScrPro.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\P4P\P4P.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\System32\ssins.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Marek Dvorský\Plocha\RSIT.exe
C:\Program Files\trend micro\Marek Dvorský.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - Default URLSearchHook is missing
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\4.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=011914 serial=DR12WES-9453878-SEL lang=CZ
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Hard Disk Sentinel] "C:\Program Files\Hard Disk Sentinel\HDSentinel.exe" /AUTORUN
O4 - HKLM\..\Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O8 - Extra context menu item: &Clean Traces - c:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - c:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download &all with DAP - c:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout pomocí FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Stáhnout vše pomocí FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 8373468921
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkManagerDMS.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\ifxtcs.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\WINDOWS\system32\LGScsiCommandService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 21572 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1343024091-1547161642-725345543-1004Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1343024091-1547161642-725345543-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.4, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.5, fdm_ffext@freedownloadmanager.org:1.3.3, jqs@sun.com:1.0, LogMeInClient@logmein.com:1.0.0.664, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {37964A3C-4EE8-47b1-8321-34DE2C39BA4D}:2.5.2.14, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" - "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q="

"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\PROGRA~1\Crawler\firefox\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Picasa2\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\samsung.com/SamsungLinkPCPlugin]
"Description"=
"Path"=C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.bak
crawlersrch.xml
mall-cz.xml

C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\extensions\
ChoiceGuard@Microsoft
LogMeInClient@logmein.com
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{20a82645-c095-46ed-80e3-08825760534b}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\searchplugins\
Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-03-11 1232520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-09 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2013-01-11 365056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-03-11 1232520]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-13 166424]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-10-12 1826816]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-26 16855552]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-26 630784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-17 815104]
"IFXSPMGT"=C:\WINDOWS\system32\ifxspmgt.exe [2007-03-05 677408]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-11-13 851968]
"ASUS Camera ScreenSaver"=C:\WINDOWS\ASScrProlog.exe [2008-08-10 37232]
"ASUS Screen Saver Protector"=C:\WINDOWS\ASScrPro.exe [2008-08-10 33136]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2008-04-02 87336]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2008-02-22 62760]
"UpdatePPShortCut"=C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-01-04 222504]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-05-11 2512392]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2007-08-03 63048]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-22 729088]
"PowerForPhone"=C:\Program Files\P4P\P4P.exe [2007-07-19 778240]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-13 137752]
"Norton Ghost 12.0"=C:\Program Files\Norton Ghost\Agent\VProTray.exe [2007-03-28 2037352]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-13 141848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Hard Disk Sentinel"=C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [2013-02-22 4295312]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2013-11-05 567368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2008-03-18 2508072]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2013-01-16 6860288]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2013-05-02 802136]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-03 39408]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2012-10-18 752736]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-10 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2013-12-16 85832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\CyberLink\PowerDirector\PDR.exe"="C:\Program Files\CyberLink\PowerDirector\PDR.exe:*:Enabled:CyberLink PowerDirector"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe"="C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe:*:Enabled:Sony Vegas Network Render Service Control"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe:*:Enabled:Samsung Link"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"="C:\Program Files\Samsung\Samsung Link\Samsung Link.exe:*:Enabled:Samsung Link"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe"="C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe:*:Enabled:AllShareFrameworkDMS"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=serwvdrv.dll
"msacm.clmp3enc"=C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"VIDC.ACDV"=ACDV.dll
"msacm.siren"=sirenacm.dll
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 month======

2013-12-28 17:28:21 ----D---- C:\Program Files\Common Files\Skype
2013-12-28 17:03:09 ----A---- C:\WINDOWS\system32\ssinstall-uninstall.bat
2013-12-28 17:03:08 ----A---- C:\WINDOWS\system32\ssins.exe
2013-12-20 21:38:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\QuickSet
2013-12-20 21:34:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-12-20 19:16:29 ----D---- C:\Program Files\Mozilla Firefox
2013-12-15 12:32:45 ----D---- C:\Upload
2013-12-15 12:30:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\SAMSUNG
2013-12-15 12:29:43 ----D---- C:\Program Files\Samsung
2013-12-14 22:25:28 ----D---- C:\Documents and Settings\Marek Dvorský\Data aplikací\HellShare Upload Manager
2013-12-14 22:24:10 ----D---- C:\Program Files\HellShare Upload Manager
2013-12-11 00:57:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 00:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 00:49:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 00:49:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 00:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-10 21:56:41 ----A---- C:\Documents and Settings\Marek Dvorský\Data aplikací\inst.exe
2013-12-10 21:56:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\VSO
2013-12-08 18:57:48 ----A---- C:\WINDOWS\resetlog.txt

======List of files/folders modified in the last 1 month======

2014-01-07 19:11:56 ----D---- C:\WINDOWS\Prefetch
2014-01-07 19:11:46 ----D---- C:\Program Files\trend micro
2014-01-07 19:11:08 ----D---- C:\Documents and Settings\Marek Dvorský\Data aplikací\uTorrent
2014-01-07 18:43:16 ----A---- C:\WINDOWS\wincmd.ini
2014-01-07 18:39:42 ----D---- C:\WINDOWS\temp
2014-01-07 18:29:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2014-01-07 18:27:54 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-07 18:27:50 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt
2014-01-07 18:23:44 ----D---- C:\WINDOWS\system32
2014-01-07 06:58:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-07 06:58:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2014-01-07 06:58:04 ----D---- C:\Documents and Settings\Marek Dvorský\Data aplikací\vlc
2014-01-05 15:46:17 ----D---- C:\Program Files\Spybot - Search & Destroy
2014-01-05 15:03:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-12-30 18:39:35 ----D---- C:\Program Files\Hard Disk Sentinel
2013-12-28 22:19:25 ----D---- C:\Documents and Settings\Marek Dvorský\Data aplikací\Skype
2013-12-28 17:30:10 ----SHD---- C:\WINDOWS\Installer
2013-12-28 17:30:09 ----D---- C:\Config.Msi
2013-12-28 17:29:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-12-28 17:29:55 ----RD---- C:\Program Files\Skype
2013-12-28 17:28:21 ----D---- C:\Program Files\Common Files
2013-12-28 17:22:41 ----RD---- C:\Program Files
2013-12-28 02:26:07 ----D---- C:\Program Files\PokerStars
2013-12-28 02:22:50 ----D---- C:\Program Files\Full Tilt Poker
2013-12-25 13:54:55 ----A---- C:\WINDOWS\wcx_ftp.ini
2013-12-24 14:21:28 ----D---- C:\WINDOWS\system32\oodag
2013-12-22 10:43:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-21 01:39:53 ----SD---- C:\WINDOWS\Tasks
2013-12-20 19:17:35 ----D---- C:\Program Files\Mozilla Firefox.bak
2013-12-17 00:04:20 ----A---- C:\WINDOWS\win.ini
2013-12-16 21:23:33 ----D---- C:\Program Files\LogMeIn
2013-12-16 20:46:10 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2013-12-16 20:45:36 ----A---- C:\WINDOWS\system32\LMIport.dll
2013-12-16 20:45:33 ----A---- C:\WINDOWS\system32\LMIinit.dll
2013-12-15 03:38:57 ----D---- C:\Program Files\Google
2013-12-13 21:57:25 ----HD---- C:\WINDOWS\inf
2013-12-11 18:34:33 ----D---- C:\WINDOWS
2013-12-11 00:59:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-11 00:58:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-11 00:57:57 ----D---- C:\Program Files\Internet Explorer
2013-12-11 00:57:24 ----A---- C:\WINDOWS\imsins.BAK
2013-12-11 00:55:30 ----D---- C:\WINDOWS\system32\MRT
2013-12-11 00:49:50 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-10 21:57:08 ----D---- C:\Documents and Settings\Marek Dvorský\Data aplikací\Vso
2013-12-10 21:12:38 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-10 21:12:28 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 AsDsm;AsDsm; C:\WINDOWS\system32\drivers\AsDsm.sys [2007-08-10 29752]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 symsnap;Symantec Volume Snap Shot Driver; C:\WINDOWS\system32\DRIVERS\symsnap.sys [2007-03-28 131944]
R1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys []
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-01-30 39080]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-10 21393]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-05-29 12416]
R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2007-03-28 37864]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2007-03-28 15664]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-10 5776864]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-01-30 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-02 4620288]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-29 5632]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-08-03 10144]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-25 5760]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-06-21 2208512]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-10-04 102656]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-26 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-02 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-10-17 198976]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FlashUSB;FlashUSB; C:\WINDOWS\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nhcNT_driver;Notebook Hardware Control NT Driver; \??\C:\WINDOWS\system32\drivers\nhcNT.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-10 47360]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2012-03-02 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2012-03-02 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2012-03-02 25216]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2007-03-28 14072]
S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2007-03-28 128104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2012-02-11 3025112]
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkManagerDMS.exe [2013-10-11 401800]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\ifxspmgt.exe [2007-03-05 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\ifxtcs.exe [2007-03-01 849440]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-18 182696]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-04-12 47616]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2013-12-16 375120]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2013-12-16 202576]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-11-08 390528]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2007-03-28 3290728]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-05-11 1050120]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\WINDOWS\system32\IfxPsdSv.exe [2007-03-01 140832]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-06-01 327680]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-06-01 987136]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2013-11-05 574536]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 ssinstall;SInstalátor; C:\WINDOWS\System32\ssins.exe [2013-12-28 2324216]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-06-01 647168]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Re: Win32.LoadMoney - skorojoerg

Napsal: 07 led 2014 21:50
od vyosek
:arrow: Odinstalujte McAfee Security Scan, Spyware Terminator i Spybota

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: Win32.LoadMoney - skorojoerg

Napsal: 07 led 2014 23:07
od skorojoerg
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Microsoft Windows XP x86
Ran by Marek Dvorský on út 07.01.2014 at 22:07:13,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\free download manager
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\ctbr.r404pro
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\ctoolbar.tb4client
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\ctoolbar.tb4script
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\ctoolbar.tb4server
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protocols\handler\tbr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\crawler search
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ctoolbar_uninstall
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5763189C-4DD4-4AF6-B1D2-0ECCE832E50F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C978E715-786F-4868-B050-0A539A9220CB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}



~~~ Files

Successfully deleted: [File] "C:\Documents and Settings\Marek Dvorský\Data aplikací\microsoft\internet explorer\qipsearchbar.dll"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Marek Dvorský\Data aplikací\thinstall"
Successfully deleted: [Folder] "C:\Program Files\crawler"
Successfully deleted: [Folder] "C:\Program Files\software informer"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml"
Successfully deleted: [File] C:\Documents and Settings\Marek Dvorský\Data aplikací\mozilla\firefox\profiles\bgg2pc1l.default\searchplugins\search.xml
Successfully deleted: [Folder] C:\Documents and Settings\Marek Dvorský\Data aplikací\mozilla\firefox\profiles\bgg2pc1l.default\winamptoolbardata
Successfully deleted the following from C:\Documents and Settings\Marek Dvorský\Data aplikací\mozilla\firefox\profiles\bgg2pc1l.default\prefs.js

user_pref("mail.ru.toolbar.searchUrl", "h4XB1dOey9nBwdjf2YuXhYWai4jKwM7Dx8vPx5qB0ND9t6G/oKCXoOv//a6dn6n8//75toWHhIaKi7319eq7/ZqUnZ2H0I+J3IuQnpOFkJWZiYHUwJufgN3o6Onbk5eI5bO0ubi
user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
user_pref("surfcanyon.last_checked_ts", "1266951618563");
user_pref("winamp_toolbar.search.searchtype", "web");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on út 07.01.2014 at 22:23:22,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v3.016 - Report created 07/01/2014 at 22:46:44
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Marek Dvorský - DVORSKYPC
# Running from : C:\Documents and Settings\Marek Dvorský\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\QuickSet
Folder Deleted : C:\Program Files\Mail.Ru
Folder Deleted : C:\WINDOWS\TempDir
Folder Deleted : C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\Mail.Ru
Folder Deleted : C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\thinstall
Folder Deleted : C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
Folder Deleted : C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Crawler lišta\Nápověda pro lištu.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Crawler lišta\Více produktů Crawler.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CToolbar_UNINSTALL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4674 octets] - [07/01/2014 22:42:23]
AdwCleaner[S0].txt - [4578 octets] - [07/01/2014 22:46:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4638 octets] ##########

Re: Win32.LoadMoney - skorojoerg

Napsal: 07 led 2014 23:13
od vyosek
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: Win32.LoadMoney - skorojoerg

Napsal: 07 led 2014 23:36
od skorojoerg
při skenu FRST se to seklo a samo ukončilo s hlášením o chybách

log, co stihl udělat:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-01-2014
Ran by Marek Dvorský (administrator) on DVORSKYPC on 07-01-2014 23:30:38
Running from C:\Documents and Settings\Marek Dvorský\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Emsi Software GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
() C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkManagerDMS.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXSPMGT.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXTCS.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Mobile Leader Co.,Ltd.) C:\WINDOWS\system32\LGScsiCommandService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Symantec Corporation) C:\Program Files\Norton Ghost\Agent\VProSvc.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IfxPsdSv.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
() C:\WINDOWS\ASScrPro.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(ASUSTeK) C:\WINDOWS\system32\ACEngSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodtray.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
() C:\Program Files\P4P\P4P.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Symantec Corporation) C:\Program Files\Norton Ghost\Agent\VProTray.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(H.D.S. Hungary) C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Cyberlink) C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(BitTorrent Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\rapimgr.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriver.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SkyTel] - C:\WINDOWS\SkyTel.exe [1826816 2007-10-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16855552 2007-10-26] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-26] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-17] (Synaptics, Inc.)
HKLM\...\Run: [IFXSPMGT] - C:\WINDOWS\system32\IFXSPMGT.exe [677408 2007-03-05] (Infineon Technologies AG)
HKLM\...\Run: [Wireless Console 2] - C:\Program Files\Wireless Console 2\wcourier.exe [1040384 2007-07-05] ()
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ATKOSD2\ATKOSD2.exe [7737344 2007-10-17] ()
HKLM\...\Run: [ASUS Live Update] - C:\Program Files\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] ()
HKLM\...\Run: [Power_Gear] - C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [90112 2006-07-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ACMON] - C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2007-11-13] (ATK)
HKLM\...\Run: [ASUS Camera ScreenSaver] - C:\WINDOWS\ASScrProlog.exe [37232 2008-08-10] ()
HKLM\...\Run: [ASUS Screen Saver Protector] - C:\WINDOWS\ASScrPro.exe [33136 2008-08-10] ()
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2008-04-02] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [OODefragTray] - C:\WINDOWS\system32\oodtray.exe [2512392 2007-05-11] (O&O Software GmbH)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2007-08-03] (LogMeIn, Inc.)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [CorelDRAW Graphics Suite 11b] - C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe [729088 2004-06-22] (Corel Corporation)
HKLM\...\Run: [PowerForPhone] - C:\Program Files\P4P\P4P.exe [778240 2007-07-19] ()
HKLM\...\Run: [Norton Ghost 12.0] - C:\Program Files\Norton Ghost\Agent\VProTray.exe [2037352 2007-03-28] (Symantec Corporation)
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Hard Disk Sentinel] - C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [4295312 2013-02-22] (H.D.S. Hungary)
HKLM\...\Run: [Samsung Link] - C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [567368 2013-11-05] (Copyright 2013 SAMSUNG)
HKLM\...\Runonce: [!BingBar] - "C:\Documents and Settings\All Users\Data aplikací\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
Winlogon\Notify\LMIinit: C:\Windows\system32\LMIinit.dll (LogMeIn, Inc.)
HKCU\...\Run: [Power2GoExpress] - C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2508072 2008-03-18] (Cyberlink)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [802136 2013-05-02] (BitTorrent Inc.)
HKCU\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe [752736 2012-10-18] (ZONER software)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searc ... fr=chr-flv
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {95289393-33EA-4F8D-B952-483415B9C955} - No File
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default
FF Homepage: seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2321 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1483 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: samsung.com/SamsungLinkPCPlugin - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Documents and Settings\Marek Dvorský\Data aplikací\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\crawlersrch.bak
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Microsoft Choice Guard - C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\Extensions\ChoiceGuard@Microsoft
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\Extensions\LogMeInClient@logmein.com
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: DownloadHelper - C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: FlashGot - C:\Documents and Settings\Marek Dvorský\Data aplikací\Mozilla\Firefox\Profiles\bgg2pc1l.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - c:\Program Files\DAP\DAPFireFox
FF Extension: Download Accelerator Plus Integration - c:\Program Files\DAP\DAPFireFox

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Marek Dvorsk\u00FD\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Marek Dvorsk\u00FD\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Marek Dvorsk\u00FD\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.94\pdf.dll No File
CHR Plugin: (Skype Click to Call) - C:\Documents and Settings\Marek Dvorsk\u00FD\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Free Download Manager Click Catcher Plug-In for Netscape, Opera, Mozilla) - C:\Documents and Settings\Marek Dvorsk\u00FD\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\plugins\npfdm.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Facebook Plugin) - C:\Documents and Settings\Marek Dvorsk\u00FD\Data aplikac\u00ED\Facebook\npfbplugin_1_0_3.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [3025112 2012-02-11] (Emsi Software GmbH)
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [73728 2007-05-18] ()
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkManagerDMS.exe [401800 2013-10-11] (Samsung)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-12] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
R2 IFXSpMgtSrv; C:\WINDOWS\system32\ifxspmgt.exe [677408 2007-03-05] (Infineon Technologies AG)
R2 IFXTCS; C:\WINDOWS\system32\ifxtcs.exe [849440 2007-03-01] (Infineon Technologies AG)
R2 LGScsiCommandService; C:\WINDOWS\system32\LGScsiCommandService.exe [47616 2010-04-12] (Mobile Leader Co.,Ltd.)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation)
R2 Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [3290728 2007-03-28] (Symantec Corporation)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 PersonalSecureDriveService; C:\WINDOWS\system32\IfxPsdSv.exe [140832 2007-03-01] (Infineon Technologies AG)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [987136 2007-06-01] (Intel Corporation )
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [574536 2013-11-05] (Copyright 2013 SAMSUNG)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [51632 2012-02-11] (Emsi Software GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [17904 2011-05-19] (Emsi Software GmbH)
R0 a347bus; C:\Windows\System32\DRIVERS\a347bus.sys [160640 2004-04-30] ( )
R0 a347scsi; C:\Windows\System32\Drivers\a347scsi.sys [5248 2004-04-30] ( )
R1 Aavmker4; C:\Windows\System32\Drivers\Aavmker4.sys [30808 2011-11-28] (AVAST Software)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21393 2008-08-10] (Cisco Systems, Inc.)
R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [29752 2007-08-10] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
R2 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [111320 2011-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
R0 atapi; C:\Windows\System32\Drivers\atapi.sys [95360 2006-03-02] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [16896 2010-05-12] (Danish Wireless Design A/S)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-04] ()
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [36608 2007-01-30] (Infineon Technologies AG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-29] ( )
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [5760 2007-08-25] ()
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2208512 2007-06-21] (Intel Corporation)
S3 nhcNT_driver; C:\WINDOWS\system32\drivers\nhcNT.sys [8960 2008-08-11] ()
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [39080 2007-01-30] (Infineon Technologies AG)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [12416 2007-05-29] (Intel Corporation)
R3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-02] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2012-03-02] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2012-03-02] (LG Electronics Inc.)
R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [37864 2007-03-28] (Symantec Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [14072 2007-03-28] (Symantec Corporation)
S3 adusbser; system32\DRIVERS\adusbser.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 IntelIde; No ImagePath
S4 LMIRfsClientNP; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-07 23:30 - 2014-01-07 23:31 - 00031796 _____ C:\Documents and Settings\Marek Dvorský\Plocha\FRST.txt
2014-01-07 23:30 - 2014-01-07 23:30 - 00000000 ____D C:\FRST
2014-01-07 23:28 - 2014-01-07 23:28 - 01064805 _____ (Farbar) C:\Documents and Settings\Marek Dvorský\Plocha\FRST.exe
2014-01-07 22:42 - 2014-01-07 22:46 - 00000000 ____D C:\AdwCleaner
2014-01-07 22:41 - 2014-01-07 22:41 - 00006997 _____ C:\Documents and Settings\Marek Dvorský\Plocha\JRT.txt
2014-01-07 22:06 - 2014-01-07 22:06 - 01036305 _____ (Thisisu) C:\Documents and Settings\Marek Dvorský\Plocha\JRT.exe
2014-01-07 22:02 - 2014-01-07 22:02 - 01233962 _____ C:\Documents and Settings\Marek Dvorský\Plocha\adwcleaner.exe
2014-01-07 20:30 - 2014-01-07 20:30 - 00019886 _____ C:\Documents and Settings\Marek Dvorský\Plocha\6D15C449C77467484F5A8050FF43BD24008C9492.torrent
2014-01-07 20:26 - 2014-01-07 20:26 - 00021204 _____ C:\Documents and Settings\Marek Dvorský\Plocha\8F8CFF9BB054A9E45DA9B028FCA8C11E7B46EA27.torrent
2014-01-07 20:26 - 2014-01-07 20:26 - 00021096 _____ C:\Documents and Settings\Marek Dvorský\Plocha\C6FEC734D3F55BA50E9DB56E063811A087AC2D4C.torrent
2014-01-07 20:24 - 2014-01-07 20:24 - 00013370 _____ C:\Documents and Settings\Marek Dvorský\Plocha\C21583E3B2B629CB971ECE5CD74EB97B3121A4F0.torrent
2014-01-06 22:11 - 2014-01-06 22:11 - 00013782 _____ C:\Documents and Settings\Marek Dvorský\Plocha\9071C6E13BAD7EB5D360B318D4B626AADC91BB0B.torrent
2014-01-03 15:09 - 2014-01-03 17:19 - 398187686 _____ C:\Documents and Settings\Marek Dvorský\Plocha\CumLouder - Japanese schoolgirl suffering an anal break.mp4
2014-01-02 18:33 - 2014-01-02 18:33 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Plocha\Tor Browser
2013-12-28 17:28 - 2013-12-28 18:01 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-12-28 17:28 - 2013-12-28 17:28 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-12-28 17:28 - 2013-12-28 17:28 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2013-12-28 17:03 - 2014-01-07 23:20 - 00000000 _____ C:\WINDOWS\system32\sinstall.log
2013-12-28 17:03 - 2013-12-28 17:03 - 02324216 _____ (PS Media s.r.o.) C:\WINDOWS\system32\ssins.exe
2013-12-28 17:03 - 2013-12-28 17:03 - 00000079 _____ C:\WINDOWS\system32\ssinstall-uninstall.bat
2013-12-27 13:54 - 2013-12-27 18:48 - 902133334 _____ C:\Documents and Settings\Marek Dvorský\Plocha\24212_Chastity_hi.mp4
2013-12-20 21:34 - 2013-12-20 21:38 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-12-20 19:16 - 2013-12-20 19:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-15 12:32 - 2013-12-15 12:32 - 00000000 ____D C:\Upload
2013-12-15 12:31 - 2013-12-15 12:31 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\.swt
2013-12-15 12:31 - 2013-12-15 12:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Samsung
2013-12-15 12:30 - 2013-12-15 12:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\SAMSUNG
2013-12-15 12:29 - 2013-12-15 12:31 - 00000000 ____D C:\Program Files\Samsung
2013-12-15 03:39 - 2013-12-15 03:39 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
2013-12-14 22:25 - 2013-12-14 22:25 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\HellShare Upload Manager
2013-12-14 22:24 - 2013-12-14 22:24 - 00000819 _____ C:\Documents and Settings\All Users\Plocha\HellShare Upload Manager.lnk
2013-12-14 22:24 - 2013-12-14 22:24 - 00000000 ____D C:\Program Files\HellShare Upload Manager
2013-12-14 22:24 - 2013-12-14 22:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HellShare Upload Manager
2013-12-11 00:57 - 2013-12-11 00:58 - 00014286 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-11 00:57 - 2013-12-11 00:57 - 00005812 _____ C:\WINDOWS\KB2904266.log
2013-12-11 00:57 - 2013-12-11 00:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 00:57 - 2013-12-11 00:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 00:49 - 2013-12-11 00:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 00:49 - 2013-12-11 00:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 00:49 - 2013-12-11 00:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-10 23:34 - 2013-12-11 00:57 - 00011940 _____ C:\WINDOWS\KB2898715.log
2013-12-10 23:34 - 2013-12-11 00:49 - 00011521 _____ C:\WINDOWS\KB2893984.log
2013-12-10 23:34 - 2013-12-11 00:49 - 00010744 _____ C:\WINDOWS\KB2893294.log
2013-12-10 23:33 - 2013-12-11 00:49 - 00010161 _____ C:\WINDOWS\KB2892075.log
2013-12-10 21:56 - 2013-12-10 21:57 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\VSO
2013-12-10 21:56 - 2013-12-10 21:56 - 00087608 _____ C:\Documents and Settings\Marek Dvorský\Data aplikací\inst.exe
2013-12-10 21:56 - 2013-12-10 21:56 - 00000859 _____ C:\Documents and Settings\Marek Dvorský\Plocha\ConvertXtoDVD 5.lnk
2013-12-08 14:06 - 2013-12-08 14:06 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Plocha\ConvertXtoDvd-5.0.0.33_Full_CZ_and_Crack
2013-12-08 10:22 - 2013-12-08 14:15 - 557328090 _____ C:\Documents and Settings\Marek Dvorský\Plocha\Nancey - A Tight Takes A Thick - February 18, 2013.mp4

==================== One Month Modified Files and Folders =======

2014-01-07 23:31 - 2014-01-07 23:30 - 00031796 _____ C:\Documents and Settings\Marek Dvorský\Plocha\FRST.txt
2014-01-07 23:30 - 2014-01-07 23:30 - 00000000 ____D C:\FRST
2014-01-07 23:30 - 2008-10-16 19:12 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\uTorrent
2014-01-07 23:30 - 2008-08-10 10:36 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Plocha
2014-01-07 23:28 - 2014-01-07 23:28 - 01064805 _____ (Farbar) C:\Documents and Settings\Marek Dvorský\Plocha\FRST.exe
2014-01-07 23:25 - 2008-09-21 21:23 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\COWON
2014-01-07 23:25 - 2008-08-10 10:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-07 23:24 - 2008-08-10 12:09 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-01-07 23:24 - 2008-08-10 12:09 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2014-01-07 23:23 - 2008-08-10 12:06 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\Zoner
2014-01-07 23:21 - 2010-03-14 21:00 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Xilisoft
2014-01-07 23:20 - 2013-12-28 17:03 - 00000000 _____ C:\WINDOWS\system32\sinstall.log
2014-01-07 23:19 - 2008-08-10 10:36 - 00000000 ___RD C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy
2014-01-07 23:18 - 2010-01-17 10:15 - 00000000 ____D C:\Program Files\PSPad editor
2014-01-07 23:14 - 2009-06-04 16:27 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2014-01-07 23:14 - 2008-12-21 16:19 - 00000000 ____D C:\Program Files\Google
2014-01-07 23:14 - 2008-08-11 18:01 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\Google
2014-01-07 23:14 - 2008-08-10 10:29 - 01049741 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-07 23:12 - 2012-04-02 16:23 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-07 23:10 - 2013-08-04 14:28 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Applian Technologies
2014-01-07 23:06 - 2010-06-09 21:59 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-07 22:56 - 2009-07-03 17:17 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Tracing
2014-01-07 22:52 - 2008-08-10 11:22 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\CyberLink DVD Suite
2014-01-07 22:51 - 2008-08-10 12:12 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-07 22:51 - 2008-08-10 12:12 - 00000048 _____ C:\WINDOWS\wiaservc.log
2014-01-07 22:50 - 2010-03-16 00:33 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-07 22:49 - 2008-08-10 10:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-07 22:48 - 2008-08-10 13:46 - 02453117 _____ C:\WINDOWS\system32\oodbs.lor
2014-01-07 22:47 - 2008-08-10 10:36 - 00000178 ___SH C:\Documents and Settings\Marek Dvorský\ntuser.ini
2014-01-07 22:47 - 2008-08-10 10:35 - 00032464 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-07 22:46 - 2014-01-07 22:42 - 00000000 ____D C:\AdwCleaner
2014-01-07 22:46 - 2009-01-04 15:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Crawler lišta
2014-01-07 22:46 - 2008-08-10 12:09 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2014-01-07 22:46 - 2008-08-10 10:36 - 00000000 ___HD C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací
2014-01-07 22:41 - 2014-01-07 22:41 - 00006997 _____ C:\Documents and Settings\Marek Dvorský\Plocha\JRT.txt
2014-01-07 22:12 - 2008-08-10 13:57 - 00004016 _____ C:\WINDOWS\wincmd.ini
2014-01-07 22:09 - 2008-08-10 10:36 - 00000000 __RHD C:\Documents and Settings\Marek Dvorský\Data aplikací
2014-01-07 22:07 - 2009-01-05 17:38 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-07 22:06 - 2014-01-07 22:06 - 01036305 _____ (Thisisu) C:\Documents and Settings\Marek Dvorský\Plocha\JRT.exe
2014-01-07 22:02 - 2014-01-07 22:02 - 01233962 _____ C:\Documents and Settings\Marek Dvorský\Plocha\adwcleaner.exe
2014-01-07 22:00 - 2008-08-10 12:09 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2014-01-07 21:15 - 2012-07-30 23:10 - 00001024 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1343024091-1547161642-725345543-1004UA.job
2014-01-07 21:14 - 2010-10-01 17:01 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\vlc
2014-01-07 20:30 - 2014-01-07 20:30 - 00019886 _____ C:\Documents and Settings\Marek Dvorský\Plocha\6D15C449C77467484F5A8050FF43BD24008C9492.torrent
2014-01-07 20:26 - 2014-01-07 20:26 - 00021204 _____ C:\Documents and Settings\Marek Dvorský\Plocha\8F8CFF9BB054A9E45DA9B028FCA8C11E7B46EA27.torrent
2014-01-07 20:26 - 2014-01-07 20:26 - 00021096 _____ C:\Documents and Settings\Marek Dvorský\Plocha\C6FEC734D3F55BA50E9DB56E063811A087AC2D4C.torrent
2014-01-07 20:24 - 2014-01-07 20:24 - 00013370 _____ C:\Documents and Settings\Marek Dvorský\Plocha\C21583E3B2B629CB971ECE5CD74EB97B3121A4F0.torrent
2014-01-07 19:11 - 2011-07-31 11:11 - 00781383 _____ C:\Documents and Settings\Marek Dvorský\Plocha\RSIT.exe
2014-01-07 19:11 - 2010-01-23 11:46 - 00000000 ____D C:\Program Files\trend micro
2014-01-07 06:58 - 2008-08-10 18:14 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2014-01-07 00:15 - 2012-07-30 23:10 - 00001002 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1343024091-1547161642-725345543-1004Core.job
2014-01-06 22:11 - 2014-01-06 22:11 - 00013782 _____ C:\Documents and Settings\Marek Dvorský\Plocha\9071C6E13BAD7EB5D360B318D4B626AADC91BB0B.torrent
2014-01-06 19:08 - 2006-03-02 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-05 16:00 - 2009-03-16 01:28 - 00000304 _____ C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
2014-01-05 15:46 - 2008-08-10 22:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-05 15:03 - 2008-08-10 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-01-03 17:19 - 2014-01-03 15:09 - 398187686 _____ C:\Documents and Settings\Marek Dvorský\Plocha\CumLouder - Japanese schoolgirl suffering an anal break.mp4
2014-01-02 18:46 - 2009-06-19 19:11 - 00002090 _____ C:\Documents and Settings\Marek Dvorský\Plocha\upload.txt
2014-01-02 18:33 - 2014-01-02 18:33 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Plocha\Tor Browser
2013-12-30 18:39 - 2013-03-24 01:08 - 00000000 ____D C:\Program Files\Hard Disk Sentinel
2013-12-30 00:17 - 2013-10-11 06:25 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Plocha\přenos
2013-12-28 22:19 - 2008-08-10 17:23 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\Skype
2013-12-28 18:01 - 2013-12-28 17:28 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-12-28 17:29 - 2009-02-26 21:16 - 00000000 ___RD C:\Program Files\Skype
2013-12-28 17:29 - 2008-08-10 12:13 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2013-12-28 17:28 - 2013-12-28 17:28 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-12-28 17:28 - 2013-12-28 17:28 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2013-12-28 17:03 - 2013-12-28 17:03 - 02324216 _____ (PS Media s.r.o.) C:\WINDOWS\system32\ssins.exe
2013-12-28 17:03 - 2013-12-28 17:03 - 00000079 _____ C:\WINDOWS\system32\ssinstall-uninstall.bat
2013-12-28 02:26 - 2011-07-28 15:08 - 00000000 ____D C:\Program Files\PokerStars
2013-12-28 02:22 - 2013-01-06 23:07 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\FullTiltPoker
2013-12-28 02:22 - 2013-01-06 23:06 - 00000000 ____D C:\Program Files\Full Tilt Poker
2013-12-27 18:48 - 2013-12-27 13:54 - 902133334 _____ C:\Documents and Settings\Marek Dvorský\Plocha\24212_Chastity_hi.mp4
2013-12-25 13:54 - 2008-08-18 19:38 - 00000670 _____ C:\WINDOWS\wcx_ftp.ini
2013-12-24 14:21 - 2008-08-10 12:03 - 00000000 ____D C:\WINDOWS\system32\oodag
2013-12-22 10:43 - 2012-04-24 22:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-21 18:12 - 2008-08-10 14:39 - 00045568 _____ C:\Documents and Settings\Marek Dvorský\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-20 21:38 - 2013-12-20 21:34 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-12-20 19:17 - 2013-12-20 19:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 19:17 - 2013-11-16 18:27 - 00000000 ____D C:\Program Files\Mozilla Firefox.bak
2013-12-17 00:04 - 2006-03-02 13:00 - 00000899 _____ C:\WINDOWS\win.ini
2013-12-16 21:24 - 2008-08-10 18:10 - 00000719 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn.lnk
2013-12-16 21:23 - 2008-08-10 18:10 - 00000000 ____D C:\Program Files\LogMeIn
2013-12-16 20:46 - 2008-08-10 18:10 - 00086888 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2013-12-16 20:45 - 2008-08-10 18:10 - 00085832 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2013-12-16 20:45 - 2008-08-10 18:10 - 00031560 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIport.dll
2013-12-15 12:32 - 2013-12-15 12:32 - 00000000 ____D C:\Upload
2013-12-15 12:31 - 2013-12-15 12:31 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\.swt
2013-12-15 12:31 - 2013-12-15 12:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Samsung
2013-12-15 12:31 - 2013-12-15 12:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\SAMSUNG
2013-12-15 12:31 - 2013-12-15 12:29 - 00000000 ____D C:\Program Files\Samsung
2013-12-15 12:31 - 2008-08-10 10:36 - 00000000 ___RD C:\Documents and Settings\Marek Dvorský\Nabídka Start
2013-12-15 12:31 - 2008-08-10 10:36 - 00000000 ____D C:\Documents and Settings\Marek Dvorský
2013-12-15 03:39 - 2013-12-15 03:39 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
2013-12-14 22:25 - 2013-12-14 22:25 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\HellShare Upload Manager
2013-12-14 22:24 - 2013-12-14 22:24 - 00000819 _____ C:\Documents and Settings\All Users\Plocha\HellShare Upload Manager.lnk
2013-12-14 22:24 - 2013-12-14 22:24 - 00000000 ____D C:\Program Files\HellShare Upload Manager
2013-12-14 22:24 - 2013-12-14 22:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HellShare Upload Manager
2013-12-13 21:58 - 2013-08-15 00:21 - 00092717 _____ C:\WINDOWS\setupapi.log
2013-12-11 18:31 - 2008-08-10 12:09 - 00293272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 00:59 - 2008-08-10 11:38 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-11 00:58 - 2013-12-11 00:57 - 00014286 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00166934 _____ C:\WINDOWS\FaxSetup.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00079812 _____ C:\WINDOWS\ocgen.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00063699 _____ C:\WINDOWS\tsoc.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00055569 _____ C:\WINDOWS\comsetup.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00033669 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00026528 _____ C:\WINDOWS\iis6.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00010422 _____ C:\WINDOWS\ocmsn.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00008343 _____ C:\WINDOWS\msgsocm.log
2013-12-11 00:58 - 2013-08-15 00:21 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-11 00:57 - 2013-12-11 00:57 - 00005812 _____ C:\WINDOWS\KB2904266.log
2013-12-11 00:57 - 2013-12-11 00:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 00:57 - 2013-12-11 00:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 00:57 - 2013-12-10 23:34 - 00011940 _____ C:\WINDOWS\KB2898715.log
2013-12-11 00:57 - 2013-08-15 00:21 - 00019215 _____ C:\WINDOWS\updspapi.log
2013-12-11 00:57 - 2013-08-15 00:21 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-11 00:57 - 2008-08-10 22:03 - 00645028 _____ C:\WINDOWS\system32\TZLog.log
2013-12-11 00:55 - 2013-08-15 00:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-11 00:49 - 2013-12-11 00:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 00:49 - 2013-12-11 00:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 00:49 - 2013-12-11 00:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-11 00:49 - 2013-12-10 23:34 - 00011521 _____ C:\WINDOWS\KB2893984.log
2013-12-11 00:49 - 2013-12-10 23:34 - 00010744 _____ C:\WINDOWS\KB2893294.log
2013-12-11 00:49 - 2013-12-10 23:33 - 00010161 _____ C:\WINDOWS\KB2892075.log
2013-12-11 00:49 - 2008-08-10 22:04 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-10 21:57 - 2013-12-10 21:56 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\VSO
2013-12-10 21:57 - 2008-08-10 12:23 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Data aplikací\Vso
2013-12-10 21:56 - 2013-12-10 21:56 - 00087608 _____ C:\Documents and Settings\Marek Dvorský\Data aplikací\inst.exe
2013-12-10 21:56 - 2013-12-10 21:56 - 00000859 _____ C:\Documents and Settings\Marek Dvorský\Plocha\ConvertXtoDVD 5.lnk
2013-12-10 21:56 - 2008-08-10 12:24 - 00000033 _____ C:\Documents and Settings\Marek Dvorský\Data aplikací\pcouffin.log
2013-12-10 21:56 - 2008-08-10 12:23 - 00047360 _____ (VSO Software) C:\Documents and Settings\Marek Dvorský\Data aplikací\pcouffin.sys
2013-12-10 21:56 - 2008-08-10 12:23 - 00007887 _____ C:\Documents and Settings\Marek Dvorský\Data aplikací\pcouffin.cat
2013-12-10 21:56 - 2008-08-10 12:23 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\VSO
2013-12-10 21:56 - 2008-08-10 10:36 - 00000000 ___RD C:\Documents and Settings\Marek Dvorský\Dokumenty
2013-12-10 21:12 - 2013-09-10 21:12 - 09272200 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-12-10 21:12 - 2012-04-02 16:23 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-10 21:12 - 2011-05-20 16:38 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-08 14:15 - 2013-12-08 10:22 - 557328090 _____ C:\Documents and Settings\Marek Dvorský\Plocha\Nancey - A Tight Takes A Thick - February 18, 2013.mp4
2013-12-08 14:06 - 2013-12-08 14:06 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Plocha\ConvertXtoDvd-5.0.0.33_Full_CZ_and_Crack
2013-12-08 02:06 - 2008-08-11 23:46 - 00000000 ____D C:\Documents and Settings\Marek Dvorský\Dokumenty\ConvertXtoDVD
2013-12-08 01:03 - 2008-08-10 12:24 - 00001041 _____ C:\Documents and Settings\Marek Dvorský\Data aplikací\vso_ts_preview.xml

Re: Win32.LoadMoney - skorojoerg

Napsal: 08 led 2014 18:08
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2008-04-02] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2007-08-03] (LogMeIn, Inc.)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [CorelDRAW Graphics Suite 11b] - C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe [729088 2004-06-22] (Corel Corporation)
HKLM\...\Run: [PowerForPhone] - C:\Program Files\P4P\P4P.exe [778240 2007-07-19] ()
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Samsung Link] - C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [567368 2013-11-05] (Copyright 2013 SAMSUNG)
HKLM\...\Runonce: [!BingBar] - "C:\Documents and Settings\All Users\Data aplikací\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
Winlogon\Notify\LMIinit: C:\Windows\system32\LMIinit.dll (LogMeIn, Inc.)
HKCU\...\Run: [Power2GoExpress] - C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2508072 2008-03-18] (Cyberlink)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [802136 2013-05-02] (BitTorrent Inc.)
HKCU\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe [752736 2012-10-18] (ZONER software)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
Startup: C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
Startup: C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-flv
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: No Name - {95289393-33EA-4F8D-B952-483415B9C955} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\crawlersrch.bak

CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No File

2014-01-07 22:06 - 2014-01-07 22:06 - 01036305 _____ (Thisisu) C:\Documents and Settings\Marek Dvorský\Plocha\JRT.exe
2014-01-07 22:02 - 2014-01-07 22:02 - 01233962 _____ C:\Documents and Settings\Marek Dvorský\Plocha\adwcleaner.exe
2014-01-05 16:00 - 2009-03-16 01:28 - 00000304 _____ C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
2014-01-05 15:46 - 2008-08-10 22:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-05 15:03 - 2008-08-10 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

Hosts:
CMD: shutdown /r /f /t 2

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Win32.LoadMoney - skorojoerg

Napsal: 08 led 2014 19:07
od skorojoerg
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-01-2014
Ran by Marek Dvorský at 2014-01-08 18:44:37 Run:1
Running from C:\Documents and Settings\Marek Dvorský\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2008-04-02] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2007-08-03] (LogMeIn, Inc.)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [CorelDRAW Graphics Suite 11b] - C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe [729088 2004-06-22] (Corel Corporation)
HKLM\...\Run: [PowerForPhone] - C:\Program Files\P4P\P4P.exe [778240 2007-07-19] ()
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Samsung Link] - C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [567368 2013-11-05] (Copyright 2013 SAMSUNG)
HKLM\...\Runonce: [!BingBar] - "C:\Documents and Settings\All Users\Data aplikací\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
Winlogon\Notify\LMIinit: C:\Windows\system32\LMIinit.dll (LogMeIn, Inc.)
HKCU\...\Run: [Power2GoExpress] - C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2508072 2008-03-18] (Cyberlink)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [802136 2013-05-02] (BitTorrent Inc.)
HKCU\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe [752736 2012-10-18] (ZONER software)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
Startup: C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
Startup: C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searc ... fr=chr-flv
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: No Name - {95289393-33EA-4F8D-B952-483415B9C955} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\crawlersrch.bak

CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No File

2014-01-07 22:06 - 2014-01-07 22:06 - 01036305 _____ (Thisisu) C:\Documents and Settings\Marek Dvorský\Plocha\JRT.exe
2014-01-07 22:02 - 2014-01-07 22:02 - 01233962 _____ C:\Documents and Settings\Marek Dvorský\Plocha\adwcleaner.exe
2014-01-05 16:00 - 2009-03-16 01:28 - 00000304 _____ C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
2014-01-05 15:46 - 2008-08-10 22:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-05 15:03 - 2008-08-10 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LanguageShortcut => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePPShortCut => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn GUI => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CorelDRAW Graphics Suite 11b => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PowerForPhone => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Samsung Link => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\!BingBar => Value not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit => Key deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\H/PC Connection Agent => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => Value deleted successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk => Moved successfully.
C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk => Moved successfully.
C:\Documents and Settings\Marek Dvorský\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
Default URLSearchHook was restored successfully .
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E88E0043-C9D4-4e33-8555-FEE4F5B63060} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955} => Key deleted successfully.
HKCR\CLSID\{95289393-33EA-4F8D-B952-483415B9C955} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
C:\Program Files\mozilla firefox\searchplugins\crawlersrch.bak => Moved successfully.
C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll not found.
C:\Documents and Settings\Marek Dvorský\Plocha\JRT.exe => Moved successfully.
C:\Documents and Settings\Marek Dvorský\Plocha\adwcleaner.exe => Moved successfully.
"C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job" => File/Directory not found.
C:\Program Files\Spybot - Search & Destroy => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Re: Win32.LoadMoney - skorojoerg

Napsal: 08 led 2014 21:47
od vyosek
Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|

Re: Win32.LoadMoney - skorojoerg

Napsal: 08 led 2014 23:11
od skorojoerg
Hotovo! Díky!
Ani jsem netušil, co tam bylo za marast.
Ccleaner používám celkem často, jinak to ostatní jsem neměl ani potuchy. Tuším, že jsem se tím konečně zbavil i toho šmejda Mail.ru, co mi tak rok otravoval někde v pozadí.
Jinak co to vlastně bylo to Win32.LoadMoney zač?

Re: Win32.LoadMoney - skorojoerg

Napsal: 08 led 2014 23:15
od vyosek
:arrow: Mail.Ru i LoadMoney je z rodiny reklamniho nezadouciho SW, chce to cist co se instaluje jako doprovod - vice zde http://www.viry.cz/pozor-na-to-co-vsech ... -pocitace/

Re: Win32.LoadMoney - skorojoerg

Napsal: 08 led 2014 23:19
od skorojoerg
Většinou to čtu, ale občas se člověk uťukne a nebo si nevšimne. Každopádně moc díky a přeji hezký večer
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz