Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Zpráva

deathmiss · #1 Příspěvek od **deathmiss** » 15 úno 2014 15:11

Dobrý den, Eset online scanner mi objevil 3x tuto infiltraci Win32/Bundled.Toolbar.Ask.D potencionálně zneužitelná aplikace.
Avira neobjevila nic.
Spyware terminator našel: alexa.com - Chrome(sm)
doubleclick.net - Chrome(sm)
liveperson.net - Chrome(sm)
statcounter.com - Chrome(sm)
server.iad.liveperson.net - Chrome(sm)

Také se mi zdá, že mi poslední dobou blbne Chrome, některé stránky se mi nenačtou, až když udělám třeba dvakrát refresh tak se načtou. Prosím o kontrolu logu.

log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by cc at 2014-02-15 15:08:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 26 GB (10%) free of 259 GB
Total RAM: 3037 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:09:01, on 15.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\conhost.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskeng.exe
C:\Users\cc\Desktop\RSIT.exe
C:\Program Files\trend micro\cc.exe
C:\windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Energy Management] c:\program files\lenovo\energy management\energy management.exe
O4 - HKLM\..\Run: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\windows\system32\IoctlSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 10199 bytes

======Scheduled tasks folder======

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\cc\AppData\Roaming\Mozilla\Firefox\Profiles\2bwpnmuq.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.80 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_80.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox 4.0 Beta 8\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox 4.0 Beta 8\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox 4.0 Beta 8\searchplugins\
crawlersrch.xml

C:\Users\cc\AppData\Roaming\Mozilla\Firefox\Profiles\2bwpnmuq.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-06-22 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-06-22 520192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"Energy Management"=c:\program files\lenovo\energy management\energy management.exe [2009-06-25 5064520]
"EnergyUtility"=c:\program files\lenovo\energy management\utility.exe [2009-07-31 4114336]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"Avira Systray"=C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [2014-01-29 172600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
c:\users\cc\appdata\local\facebook\update\facebookupdate.exe [2013-01-22 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\cc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-14 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\windows\system32\NvCpl.dll [2009-07-27 13797920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
c:\program files\skype\phone\skype.exe [2014-01-14 20728480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^cc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2013-12-03 208384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"msacm.ac3filter"=ac3filter.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-02-14 11:16:39 ----D---- C:\windows\Migration
2014-02-14 11:13:44 ----A---- C:\windows\system32\ieui.dll
2014-02-14 11:13:44 ----A---- C:\windows\system32\ie4uinit.exe
2014-02-14 11:13:43 ----A---- C:\windows\system32\msrating.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\jsproxy.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\iesetup.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\iernonce.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-02-14 11:13:42 ----A---- C:\windows\system32\jscript9diag.dll
2014-02-14 11:13:42 ----A---- C:\windows\system32\ieUnatt.exe
2014-02-14 11:13:42 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-02-14 11:13:42 ----A---- C:\windows\system32\ieetwcollector.exe
2014-02-14 11:13:41 ----A---- C:\windows\system32\msfeeds.dll
2014-02-14 11:13:41 ----A---- C:\windows\system32\ieapfltr.dll
2014-02-14 11:13:40 ----A---- C:\windows\system32\wininet.dll
2014-02-14 11:13:40 ----A---- C:\windows\system32\iertutil.dll
2014-02-14 11:13:39 ----A---- C:\windows\system32\urlmon.dll
2014-02-14 11:13:38 ----A---- C:\windows\system32\ieframe.dll
2014-02-14 11:13:37 ----A---- C:\windows\system32\mshtml.dll
2014-02-14 11:13:36 ----A---- C:\windows\system32\jscript9.dll
2014-02-14 11:10:28 ----SHD---- C:\Config.Msi
2014-02-14 10:59:17 ----A---- C:\windows\system32\vbscript.dll
2014-02-12 23:15:50 ----A---- C:\windows\system32\msxml3r.dll
2014-02-12 23:15:50 ----A---- C:\windows\system32\msxml3.dll
2014-02-12 23:15:28 ----A---- C:\windows\system32\d3d10warp.dll
2014-02-12 23:15:27 ----A---- C:\windows\system32\d2d1.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc_ssp.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc_isv.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate_ssp.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate_isv.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\msdrm.dll
2014-02-08 14:50:36 ----D---- C:\Program Files\GUMDA8D.tmp
2014-02-05 01:36:09 ----D---- C:\Program Files\FileZilla FTP Client
2014-01-27 11:03:29 ----A---- C:\windows\system32\drivers\avnetflt.sys
2014-01-27 03:05:25 ----D---- C:\Users\cc\AppData\Roaming\Avira
2014-01-27 02:59:08 ----A---- C:\windows\system32\drivers\ssmdrv.sys
2014-01-27 02:59:03 ----A---- C:\windows\system32\drivers\avkmgr.sys
2014-01-27 02:59:03 ----A---- C:\windows\system32\drivers\avipbb.sys
2014-01-27 02:59:03 ----A---- C:\windows\system32\drivers\avgntflt.sys
2014-01-27 02:55:28 ----D---- C:\ProgramData\Avira
2014-01-27 02:55:28 ----D---- C:\Program Files\Avira
2014-01-27 02:55:20 ----D---- C:\ProgramData\Package Cache
2014-01-27 02:39:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-27 02:39:54 ----A---- C:\windows\system32\drivers\mbam.sys
2014-01-25 16:28:10 ----A---- C:\windows\system32\javaws.exe
2014-01-25 16:27:58 ----A---- C:\windows\system32\WindowsAccessBridge.dll
2014-01-25 16:27:58 ----A---- C:\windows\system32\javaw.exe
2014-01-25 16:27:58 ----A---- C:\windows\system32\java.exe
2014-01-25 16:18:27 ----D---- C:\Program Files\Common Files\Skype
2014-01-25 16:18:25 ----RD---- C:\Program Files\Skype
2014-01-24 19:45:30 ----D---- C:\AdwCleaner

======List of files/folders modified in the last 1 month======

2014-02-15 15:09:01 ----D---- C:\windows\Prefetch
2014-02-15 15:09:00 ----D---- C:\windows\Temp
2014-02-15 15:08:57 ----D---- C:\Program Files\trend micro
2014-02-15 12:14:57 ----D---- C:\windows\system32\config
2014-02-15 11:58:44 ----D---- C:\windows\System32
2014-02-15 11:58:44 ----D---- C:\windows\inf
2014-02-15 11:58:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-02-15 11:55:45 ----D---- C:\windows\winsxs
2014-02-15 11:51:40 ----D---- C:\Program Files\Internet Explorer
2014-02-15 11:51:33 ----D---- C:\Windows
2014-02-14 15:10:03 ----D---- C:\windows\rescache
2014-02-14 11:54:18 ----D---- C:\windows\Microsoft.NET
2014-02-14 11:53:28 ----SHD---- C:\System Volume Information
2014-02-14 11:49:42 ----RSD---- C:\windows\assembly
2014-02-14 11:31:24 ----D---- C:\ProgramData\Spyware Terminator
2014-02-14 11:22:38 ----D---- C:\windows\system32\catroot
2014-02-14 11:22:14 ----SHD---- C:\windows\Installer
2014-02-14 11:17:10 ----D---- C:\windows\system32\en-US
2014-02-14 11:16:39 ----SD---- C:\ProgramData\Microsoft
2014-02-14 11:13:59 ----D---- C:\windows\system32\catroot2
2014-02-14 11:08:57 ----D---- C:\windows\system32\MRT
2014-02-14 11:05:06 ----D---- C:\windows\debug
2014-02-14 11:04:58 ----A---- C:\windows\system32\MRT.exe
2014-02-14 10:57:25 ----D---- C:\windows\system32\cs-CZ
2014-02-14 10:35:28 ----D---- C:\windows\system32\drivers
2014-02-13 22:58:40 ----D---- C:\windows\SoftwareDistribution
2014-02-10 19:03:17 ----D---- C:\Users\cc\AppData\Roaming\Skype
2014-02-10 01:33:11 ----D---- C:\Users\cc\AppData\Roaming\DAEMON Tools Lite
2014-02-10 00:22:50 ----D---- C:\Program Files\Zaklínač
2014-02-09 23:58:18 ----HD---- C:\Program Files\InstallShield Installation Information
2014-02-09 23:56:27 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-02-09 22:00:40 ----D---- C:\Users\cc\AppData\Roaming\Mozilla
2014-02-08 14:51:06 ----RD---- C:\Program Files
2014-02-05 01:47:14 ----D---- C:\Users\cc\AppData\Roaming\Winamp
2014-02-05 01:46:44 ----D---- C:\Program Files\Winamp
2014-02-05 01:36:57 ----D---- C:\windows\Tasks
2014-02-05 01:36:57 ----D---- C:\windows\system32\Tasks
2014-02-05 01:36:53 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-02-05 00:23:43 ----D---- C:\Users\cc\AppData\Roaming\vlc
2014-01-27 11:05:35 ----D---- C:\windows\system32\NDF
2014-01-27 10:59:21 ----D---- C:\windows\system32\wdi
2014-01-27 02:55:28 ----D---- C:\ProgramData
2014-01-27 02:54:54 ----D---- C:\Program Files\Microsoft Security Client
2014-01-26 11:28:55 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-01-25 16:28:49 ----D---- C:\ProgramData\Oracle
2014-01-25 16:18:41 ----D---- C:\ProgramData\Skype
2014-01-25 16:18:27 ----D---- C:\Program Files\Common Files
2014-01-25 16:12:28 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 8
2014-01-25 16:05:37 ----D---- C:\Program Files\CCleaner
2014-01-21 14:44:09 ----D---- C:\windows\system32\DriverStore
2014-01-19 08:32:23 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 nhcDriverDevice;Notebook Hardware Control Driver; C:\windows\system32\drivers\nhcDriver.sys [2011-07-13 71680]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\windows\system32\speedfan.sys [2012-12-29 24184]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-12-11 324096]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-08-21 18544]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2013-12-09 135648]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-12-09 37352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-11 243128]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-10-08 54800]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2013-12-09 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2013-12-09 90400]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2010-02-06 25888]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2009-06-15 475648]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2009-06-26 66080]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S1 sensorsview;sensorsview; C:\windows\system32\drivers\sensorsview.sys []
S2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2014-02-10 278984]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; C:\windows\system32\drivers\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-10-28 87064]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-05-14 4231680]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-04 14848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 182680]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-11-04 49664]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-01-29 109112]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2009-07-27 211488]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2013-04-03 587912]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-14 136176]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-17 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-14 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-13 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-21 118896]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 15 úno 2014 17:21

Zdravim

Terminatora odinstalujte, nebo aspon vypnete rezidentni ocranu, muze dochazet ke konfliktu s Avirou.

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

deathmiss · #3 Příspěvek od **deathmiss** » 15 úno 2014 20:23

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.15.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16518
cc :: ADRIANA-NTB [administrátor]

15.2.2014 17:48:37
mbam-log-2014-02-15 (17-48-37).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 343400
Uplynulý čas: 1 hodin, 23 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#4 Příspěvek od **Márty84** » 15 úno 2014 20:26

MBAM odinstalujte.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

deathmiss · #5 Příspěvek od **deathmiss** » 16 úno 2014 20:08

log z adwcleaneru

# AdwCleaner v3.018 - Report created 16/02/2014 at 19:31:40
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : cc - ADRIANA-NTB
# Running from : C:\Users\cc\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

-\\ Mozilla Firefox v27.0 (en-US)

[ File : C:\Users\cc\AppData\Roaming\Mozilla\Firefox\Profiles\2bwpnmuq.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\cc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2295 octets] - [24/01/2014 19:45:38]
AdwCleaner[R1].txt - [994 octets] - [13/02/2014 22:43:35]
AdwCleaner[R2].txt - [1114 octets] - [13/02/2014 22:51:51]
AdwCleaner[R3].txt - [1234 octets] - [16/02/2014 19:29:48]
AdwCleaner[R4].txt - [1294 octets] - [16/02/2014 19:30:52]
AdwCleaner[S0].txt - [2386 octets] - [24/01/2014 19:48:21]
AdwCleaner[S1].txt - [1054 octets] - [13/02/2014 22:44:51]
AdwCleaner[S2].txt - [1176 octets] - [13/02/2014 22:53:10]
AdwCleaner[S3].txt - [1216 octets] - [16/02/2014 19:31:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1276 octets] ##########

#6 Příspěvek od **Márty84** » 17 úno 2014 02:31

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

deathmiss · #7 Příspěvek od **deathmiss** » 17 úno 2014 16:31

Co s těmito nalezenými položkami? Nic jsem zatím nemazala.

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : cc [Práva správce]
Mód : Kontrola -- Datum : 02/17/2014 16:28:16
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
# Facebook
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.static.ak.fbcdn.net
127.0.0.1 login.facebook.com
127.0.0.1 www.login.facebook.com
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.com
127.0.0.1 www.fbcdn.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 www.static.ak.connect.facebook.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS543232L9A300 +++++
--- User ---
[MBR] 75ee829144588f79680e8629845b1044
[BSP] f516c56a257293db598d516564562ba3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 258961 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 530766848 | Size: 30973 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 594199552 | Size: 15108 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_02172014_162816.txt >>

#8 Příspěvek od **Márty84** » 17 úno 2014 18:27

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

deathmiss · #9 Příspěvek od **deathmiss** » 17 úno 2014 20:07

první log:

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : cc [Práva správce]
Mód : Odebrat -- Datum : 02/17/2014 19:59:56
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
# Facebook
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.static.ak.fbcdn.net
127.0.0.1 login.facebook.com
127.0.0.1 www.login.facebook.com
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.com
127.0.0.1 www.fbcdn.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 www.static.ak.connect.facebook.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS543232L9A300 +++++
--- User ---
[MBR] 75ee829144588f79680e8629845b1044
[BSP] f516c56a257293db598d516564562ba3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 258961 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 530766848 | Size: 30973 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 594199552 | Size: 15108 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_02172014_195956.txt >>
RKreport[0]_S_02172014_162816.txt

druhý log:
RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : cc [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/17/2014 20:04:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
# Facebook
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.static.ak.fbcdn.net
127.0.0.1 login.facebook.com
127.0.0.1 www.login.facebook.com
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.com
127.0.0.1 www.fbcdn.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 www.static.ak.connect.facebook.com

#10 Příspěvek od **Márty84** » 18 úno 2014 10:01

Ten druhy log sice neni cely, ale nevadi

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

deathmiss · #11 Příspěvek od **deathmiss** » 18 úno 2014 22:28

log z Combofixu:

ComboFix 14-02-18.01 - cc 18.02.2014 21:26:39.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3037.2111 [GMT 1:00]
Spuštěný z: c:\users\cc\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-18 do 2014-02-18 )))))))))))))))))))))))))))))))
.
.
2014-02-18 20:34 . 2014-02-18 20:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-02-18 20:34 . 2014-02-18 20:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-14 10:16 . 2014-02-14 10:16 -------- d-----w- c:\windows\Migration
2014-02-14 09:59 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-02-08 13:50 . 2014-02-08 13:51 -------- d-----w- c:\program files\GUMDA8D.tmp
2014-02-05 00:36 . 2014-02-05 00:36 -------- d-----w- c:\program files\FileZilla FTP Client
2014-01-27 01:55 . 2014-02-15 15:51 -------- d-----w- c:\programdata\Avira
2014-01-26 17:19 . 2013-12-04 02:57 7760024 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DB6BFCA5-0241-4DFF-92AD-ABEA1A4D0E43}\mpengine.dll
2014-01-25 15:27 . 2014-01-25 15:27 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-01-25 15:18 . 2014-01-25 15:18 -------- d-----w- c:\users\cc\AppData\Local\Skype
2014-01-25 15:18 . 2014-01-25 15:18 -------- d-----w- c:\program files\Common Files\Skype
2014-01-25 15:18 . 2014-01-25 15:18 -------- d-----r- c:\program files\Skype
2014-01-25 14:51 . 2014-01-25 14:51 -------- d-----w- c:\users\cc\AppData\Local\Programs
2014-01-24 18:45 . 2014-02-16 18:31 -------- d-----w- C:\AdwCleaner
2014-01-24 18:08 . 2014-01-24 18:08 -------- d-----w- c:\users\cc\AppData\Local\VLC Links
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-09 23:24 . 2010-02-06 20:21 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2014-02-05 00:36 . 2011-10-31 21:32 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-05 00:36 . 2011-03-12 08:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-19 07:32 . 2010-02-01 19:48 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2013-12-11 10:12 . 2013-12-11 10:12 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-11 10:04 . 2010-02-06 19:56 324096 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-03 18:32 . 2013-12-03 18:32 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-03 18:32 . 2013-12-03 18:32 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-12-03 18:32 . 2013-12-03 18:32 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-03 18:32 . 2013-12-03 18:32 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-03 18:32 . 2013-12-03 18:32 182272 ----a-w- c:\windows\system32\msls31.dll
2013-12-03 18:32 . 2013-12-03 18:32 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-12-03 18:32 . 2013-12-03 18:32 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 18:32 . 2013-12-03 18:32 337408 ----a-w- c:\windows\system32\html.iec
2013-12-03 18:32 . 2013-12-03 18:32 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-03 18:32 . 2013-12-03 18:32 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-12-03 18:32 . 2013-12-03 18:32 139264 ----a-w- c:\windows\system32\wextract.exe
2013-12-03 18:32 . 2013-12-03 18:32 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-03 18:32 . 2013-12-03 18:32 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-03 18:32 . 2013-12-03 18:32 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-03 18:32 . 2013-12-03 18:32 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-12-03 18:32 . 2013-12-03 18:32 13312 ----a-w- c:\windows\system32\mshta.exe
2013-12-03 18:32 . 2013-12-03 18:32 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-03 18:32 . 2013-12-03 18:32 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-03 18:32 . 2013-12-03 18:32 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 01:14 . 2014-01-15 11:17 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:13 . 2014-01-15 11:17 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:13 . 2014-01-15 11:17 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:13 . 2014-01-15 11:17 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:13 . 2014-01-15 11:17 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:13 . 2014-01-15 11:17 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:13 . 2014-01-15 11:17 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 11:11 . 2014-01-15 11:17 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2013-11-26 10:10 . 2014-01-15 11:17 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-11-23 18:26 . 2013-12-11 10:18 417792 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"Energy Management"="c:\program files\lenovo\energy management\energy management.exe" [2009-06-25 5064520]
"EnergyUtility"="c:\program files\lenovo\energy management\utility.exe" [2009-07-31 4114336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-7-1 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^cc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backupExtension=.Startup
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-12-21 06:04 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-10-28 08:29 3675352 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-01-22 20:03 138096 ----atw- c:\users\cc\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-01-14 13:27 136176 ----atw- c:\users\cc\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-27 18:39 13797920 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-01-14 15:35 20728480 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 08:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"SpywareTerminatorShield"=c:\program files\Spyware Terminator\SpywareTerminatorShield.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R1 sensorsview;sensorsview; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 SwOffScheduler;Airytec Switch Off - Task Scheduler;c:\program files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
R2 SwOffWeb;Airytec Switch Off - Web Interface;c:\program files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-10-28 87064]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-17 137488]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-05-14 4231680]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-04 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 182680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-04 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-11 243128]
S1 funfrm;funfrm; [x]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
S2 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [2013-04-03 587912]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-05 4915040]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
- c:\users\cc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-22 20:03]
.
2014-02-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job
- c:\users\cc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-22 20:03]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 13:27]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 13:27]
.
2014-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
- c:\users\cc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 13:27]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job
- c:\users\cc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 13:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\cc\AppData\Roaming\Mozilla\Firefox\Profiles\2bwpnmuq.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-830809140-1613209154-2020375622-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3D26E405-ADAB-FE91-EA10-CA6207933987}*]
"iahnadnhidlmfmaakj"=hex:6a,61,63,64,6a,6a,6a,64,6f,61,61,67,69,6b,6f,68,64,65,
6a,6c,00,00
"hajnkbdifgdgfacc"=hex:6a,61,63,64,6a,6a,6a,64,6f,61,61,67,69,6b,6f,68,64,65,
6a,6c,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2252)
c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Lenovo\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Lenovo\Bluetooth Software\btwdins.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-02-18 21:45:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-18 20:45
ComboFix2.txt 2011-03-17 23:02
.
Před spuštěním: Volných bajtů: 27 977 981 952
Po spuštění: Volných bajtů: 27 912 679 424
.
- - End Of File - - 9BE5B4CB7D9343B70E9A8478D275A9D7
A36C5E4F47E84449FF07ED3517B43A31

#12 Příspěvek od **Márty84** » 19 úno 2014 09:58

Vy jste zmenila antivir?

Terminator tam stale bezi, vypinala jste ho?

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpywareTerminatorUpdate"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"GrooveMonitor"=-
"SpywareTerminatorShield"=-
"SunJavaUpdateSched"=-

Regnull::
[HKEY_USERS\S-1-5-21-830809140-1613209154-2020375622-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3D26E405-ADAB-FE91-EA10-CA6207933987}*]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

deathmiss · #13 Příspěvek od **deathmiss** » 19 úno 2014 20:30

U terminátora mám vypnutou reálnou ochranu v čase i aktualizace. Aviru jsem odinstalovala a chtěla jsem zkusit Avast, ale ještě jsem ho tam nedala, takže teď nemám zatím žádný antivir.

log z combofixu:

ComboFix 14-02-19.01 - cc 19.02.2014 20:03:00.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3037.1936 [GMT 1:00]
Spuštěný z: c:\users\cc\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\cc\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-19 do 2014-02-19 )))))))))))))))))))))))))))))))
.
.
2014-02-19 19:10 . 2014-02-19 19:14 -------- d-----w- c:\users\cc\AppData\Local\temp
2014-02-19 19:10 . 2014-02-19 19:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-02-19 19:10 . 2014-02-19 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-14 10:16 . 2014-02-14 10:16 -------- d-----w- c:\windows\Migration
2014-02-14 09:59 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-02-08 13:50 . 2014-02-08 13:51 -------- d-----w- c:\program files\GUMDA8D.tmp
2014-02-05 00:36 . 2014-02-05 00:36 -------- d-----w- c:\program files\FileZilla FTP Client
2014-01-27 01:55 . 2014-02-15 15:51 -------- d-----w- c:\programdata\Avira
2014-01-26 17:19 . 2013-12-04 02:57 7760024 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DB6BFCA5-0241-4DFF-92AD-ABEA1A4D0E43}\mpengine.dll
2014-01-25 15:27 . 2014-01-25 15:27 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-01-25 15:18 . 2014-01-25 15:18 -------- d-----w- c:\users\cc\AppData\Local\Skype
2014-01-25 15:18 . 2014-01-25 15:18 -------- d-----w- c:\program files\Common Files\Skype
2014-01-25 15:18 . 2014-01-25 15:18 -------- d-----r- c:\program files\Skype
2014-01-25 14:51 . 2014-01-25 14:51 -------- d-----w- c:\users\cc\AppData\Local\Programs
2014-01-24 18:45 . 2014-02-16 18:31 -------- d-----w- C:\AdwCleaner
2014-01-24 18:08 . 2014-01-24 18:08 -------- d-----w- c:\users\cc\AppData\Local\VLC Links
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-09 23:24 . 2010-02-06 20:21 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2014-02-05 00:36 . 2011-10-31 21:32 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-05 00:36 . 2011-03-12 08:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-19 07:32 . 2010-02-01 19:48 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2013-12-11 10:12 . 2013-12-11 10:12 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-11 10:04 . 2010-02-06 19:56 324096 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-03 18:32 . 2013-12-03 18:32 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-03 18:32 . 2013-12-03 18:32 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-12-03 18:32 . 2013-12-03 18:32 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-03 18:32 . 2013-12-03 18:32 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-03 18:32 . 2013-12-03 18:32 182272 ----a-w- c:\windows\system32\msls31.dll
2013-12-03 18:32 . 2013-12-03 18:32 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-12-03 18:32 . 2013-12-03 18:32 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 18:32 . 2013-12-03 18:32 337408 ----a-w- c:\windows\system32\html.iec
2013-12-03 18:32 . 2013-12-03 18:32 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-03 18:32 . 2013-12-03 18:32 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-12-03 18:32 . 2013-12-03 18:32 139264 ----a-w- c:\windows\system32\wextract.exe
2013-12-03 18:32 . 2013-12-03 18:32 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-03 18:32 . 2013-12-03 18:32 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-03 18:32 . 2013-12-03 18:32 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-03 18:32 . 2013-12-03 18:32 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-12-03 18:32 . 2013-12-03 18:32 13312 ----a-w- c:\windows\system32\mshta.exe
2013-12-03 18:32 . 2013-12-03 18:32 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-03 18:32 . 2013-12-03 18:32 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-03 18:32 . 2013-12-03 18:32 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 01:14 . 2014-01-15 11:17 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:13 . 2014-01-15 11:17 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:13 . 2014-01-15 11:17 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:13 . 2014-01-15 11:17 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:13 . 2014-01-15 11:17 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:13 . 2014-01-15 11:17 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:13 . 2014-01-15 11:17 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 11:11 . 2014-01-15 11:17 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2013-11-26 10:10 . 2014-01-15 11:17 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-11-23 18:26 . 2013-12-11 10:18 417792 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"Energy Management"="c:\program files\lenovo\energy management\energy management.exe" [2009-06-25 5064520]
"EnergyUtility"="c:\program files\lenovo\energy management\utility.exe" [2009-07-31 4114336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-7-1 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^cc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backupExtension=.Startup
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-27 18:39 13797920 ----a-w- c:\windows\System32\nvcpl.dll
.
R1 sensorsview;sensorsview; [x]
R2 SwOffScheduler;Airytec Switch Off - Task Scheduler;c:\program files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
R2 SwOffWeb;Airytec Switch Off - Web Interface;c:\program files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-10-28 87064]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-17 137488]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-05-14 4231680]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-04 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 182680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-04 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-11 243128]
S1 funfrm;funfrm; [x]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
S2 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [2013-04-03 587912]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-05 4915040]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 13:27]
.
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-14 13:27]
.
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
- c:\users\cc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 13:27]
.
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job
- c:\users\cc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 13:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\cc\AppData\Roaming\Mozilla\Firefox\Profiles\2bwpnmuq.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1176)
c:\users\cc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Lenovo\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Lenovo\Bluetooth Software\btwdins.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-02-19 20:21:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-19 19:21
ComboFix2.txt 2014-02-18 20:45
ComboFix3.txt 2011-03-17 23:02
.
Před spuštěním: Volných bajtů: 31 017 832 448
Po spuštění: Volných bajtů: 30 631 124 992
.
- - End Of File - - DAE21DF31BEF255BAEC2E7B7933F4467
A36C5E4F47E84449FF07ED3517B43A31

#14 Příspěvek od **Márty84** » 20 úno 2014 02:44

deathmiss píše:U terminátora mám vypnutou reálnou ochranu v čase i aktualizace

No v tom predchozim logu Terminator stale bezel, proto jsem se ptal

deathmiss píše:takže teď nemám zatím žádný antivir

Tak ho co nejdriv nainstalujte a pak dejte novy log z RSIT.

deathmiss · #15 Příspěvek od **deathmiss** » 20 úno 2014 23:08

Tak už mám avast a tady je nový log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by cc at 2014-02-20 23:07:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 34 GB (13%) free of 259 GB
Total RAM: 3037 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:08:01, on 20.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\conhost.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\windows\system32\taskeng.exe
C:\Users\cc\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cc\Desktop\RSIT.exe
C:\Program Files\trend micro\cc.exe
C:\windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Energy Management] c:\program files\lenovo\energy management\energy management.exe
O4 - HKLM\..\Run: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\windows\system32\IoctlSvc.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 8095 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-830809140-1613209154-2020375622-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\cc\AppData\Roaming\Mozilla\Firefox\Profiles\2bwpnmuq.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.80 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_80.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox 4.0 Beta 8\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox 4.0 Beta 8\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox 4.0 Beta 8\searchplugins\
crawlersrch.xml

C:\Users\cc\AppData\Roaming\Mozilla\Firefox\Profiles\2bwpnmuq.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"Energy Management"=c:\program files\lenovo\energy management\energy management.exe [2009-06-25 5064520]
"EnergyUtility"=c:\program files\lenovo\energy management\utility.exe [2009-07-31 4114336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-19 3767096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\windows\system32\NvCpl.dll [2009-07-27 13797920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^cc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2013-12-03 208384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"msacm.ac3filter"=ac3filter.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-02-19 21:53:17 ----D---- C:\Users\cc\AppData\Roaming\AVAST Software
2014-02-19 21:52:30 ----A---- C:\windows\system32\drivers\aswStm.sys
2014-02-19 21:52:29 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-02-19 21:52:29 ----A---- C:\windows\system32\drivers\aswSP.sys
2014-02-19 21:52:29 ----A---- C:\windows\system32\drivers\aswSnx.sys
2014-02-19 21:52:28 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-02-19 21:52:28 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2014-02-19 21:52:27 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-02-19 21:52:25 ----A---- C:\windows\system32\aswBoot.exe
2014-02-19 21:52:23 ----A---- C:\windows\avastSS.scr
2014-02-19 21:51:59 ----D---- C:\Program Files\AVAST Software
2014-02-19 21:50:20 ----D---- C:\ProgramData\AVAST Software
2014-02-19 20:22:03 ----D---- C:\windows\temp
2014-02-19 20:21:53 ----A---- C:\ComboFix.txt
2014-02-19 20:13:41 ----SHD---- C:\$RECYCLE.BIN
2014-02-14 11:16:39 ----D---- C:\windows\Migration
2014-02-14 11:13:44 ----A---- C:\windows\system32\ieui.dll
2014-02-14 11:13:44 ----A---- C:\windows\system32\ie4uinit.exe
2014-02-14 11:13:43 ----A---- C:\windows\system32\msrating.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\jsproxy.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\iesetup.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\iernonce.dll
2014-02-14 11:13:43 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-02-14 11:13:42 ----A---- C:\windows\system32\jscript9diag.dll
2014-02-14 11:13:42 ----A---- C:\windows\system32\ieUnatt.exe
2014-02-14 11:13:42 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-02-14 11:13:42 ----A---- C:\windows\system32\ieetwcollector.exe
2014-02-14 11:13:41 ----A---- C:\windows\system32\msfeeds.dll
2014-02-14 11:13:41 ----A---- C:\windows\system32\ieapfltr.dll
2014-02-14 11:13:40 ----A---- C:\windows\system32\wininet.dll
2014-02-14 11:13:40 ----A---- C:\windows\system32\iertutil.dll
2014-02-14 11:13:39 ----A---- C:\windows\system32\urlmon.dll
2014-02-14 11:13:38 ----A---- C:\windows\system32\ieframe.dll
2014-02-14 11:13:37 ----A---- C:\windows\system32\mshtml.dll
2014-02-14 11:13:36 ----A---- C:\windows\system32\jscript9.dll
2014-02-14 10:59:17 ----A---- C:\windows\system32\vbscript.dll
2014-02-12 23:15:50 ----A---- C:\windows\system32\msxml3r.dll
2014-02-12 23:15:50 ----A---- C:\windows\system32\msxml3.dll
2014-02-12 23:15:28 ----A---- C:\windows\system32\d3d10warp.dll
2014-02-12 23:15:27 ----A---- C:\windows\system32\d2d1.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc_ssp.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc_isv.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\secproc.dll
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate_ssp.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate_isv.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\RMActivate.exe
2014-02-12 23:15:24 ----A---- C:\windows\system32\msdrm.dll
2014-02-08 14:50:36 ----D---- C:\Program Files\GUMDA8D.tmp
2014-02-05 01:36:09 ----D---- C:\Program Files\FileZilla FTP Client
2014-01-27 02:55:28 ----D---- C:\ProgramData\Avira
2014-01-25 16:28:10 ----A---- C:\windows\system32\javaws.exe
2014-01-25 16:27:58 ----A---- C:\windows\system32\WindowsAccessBridge.dll
2014-01-25 16:27:58 ----A---- C:\windows\system32\javaw.exe
2014-01-25 16:27:58 ----A---- C:\windows\system32\java.exe
2014-01-25 16:18:27 ----D---- C:\Program Files\Common Files\Skype
2014-01-25 16:18:25 ----RD---- C:\Program Files\Skype
2014-01-24 19:45:30 ----D---- C:\AdwCleaner

======List of files/folders modified in the last 1 month======

2014-02-20 23:08:01 ----D---- C:\windows\Prefetch
2014-02-20 23:07:55 ----D---- C:\Program Files\trend micro
2014-02-20 15:39:50 ----D---- C:\windows\system32\config
2014-02-20 15:24:16 ----A---- C:\AtmApInit.txt
2014-02-20 15:24:06 ----D---- C:\windows\inf
2014-02-19 23:28:28 ----D---- C:\Windows
2014-02-19 22:16:54 ----D---- C:\Users\cc\AppData\Roaming\FileZilla
2014-02-19 21:52:37 ----D---- C:\windows\system32\Tasks
2014-02-19 21:52:30 ----D---- C:\windows\system32\drivers
2014-02-19 21:52:26 ----D---- C:\windows\winsxs
2014-02-19 21:52:25 ----D---- C:\windows\System32
2014-02-19 21:51:59 ----RD---- C:\Program Files
2014-02-19 21:51:56 ----SHD---- C:\System Volume Information
2014-02-19 21:50:20 ----D---- C:\ProgramData
2014-02-19 20:22:08 ----D---- C:\Qoobox
2014-02-19 20:13:44 ----A---- C:\windows\system.ini
2014-02-19 20:13:32 ----D---- C:\windows\system32\drivers\etc
2014-02-19 20:10:53 ----D---- C:\windows\ERDNT
2014-02-19 20:08:48 ----D---- C:\windows\Tasks
2014-02-19 20:06:21 ----D---- C:\windows\AppPatch
2014-02-19 20:06:19 ----D---- C:\Program Files\Common Files
2014-02-18 22:40:31 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-02-17 21:23:16 ----D---- C:\windows\system32\NDF
2014-02-17 21:05:05 ----RSD---- C:\windows\Fonts
2014-02-17 21:04:54 ----D---- C:\Program Files\TeamViewer
2014-02-17 16:58:06 ----D---- C:\windows\Microsoft.NET
2014-02-17 01:03:57 ----SHD---- C:\windows\Installer
2014-02-15 16:54:02 ----D---- C:\windows\debug
2014-02-15 11:51:40 ----D---- C:\Program Files\Internet Explorer
2014-02-14 15:10:03 ----D---- C:\windows\rescache
2014-02-14 11:49:42 ----RSD---- C:\windows\assembly
2014-02-14 11:31:24 ----D---- C:\ProgramData\Spyware Terminator
2014-02-14 11:22:38 ----D---- C:\windows\system32\catroot
2014-02-14 11:17:10 ----D---- C:\windows\system32\en-US
2014-02-14 11:16:39 ----SD---- C:\ProgramData\Microsoft
2014-02-14 11:13:59 ----D---- C:\windows\system32\catroot2
2014-02-14 11:08:57 ----D---- C:\windows\system32\MRT
2014-02-14 11:04:58 ----A---- C:\windows\system32\MRT.exe
2014-02-14 10:57:25 ----D---- C:\windows\system32\cs-CZ
2014-02-13 22:58:40 ----D---- C:\windows\SoftwareDistribution
2014-02-10 19:03:17 ----D---- C:\Users\cc\AppData\Roaming\Skype
2014-02-10 01:33:11 ----D---- C:\Users\cc\AppData\Roaming\DAEMON Tools Lite
2014-02-10 00:22:50 ----D---- C:\Program Files\Zaklínač
2014-02-09 23:58:18 ----HD---- C:\Program Files\InstallShield Installation Information
2014-02-09 23:56:27 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-02-09 22:00:40 ----D---- C:\Users\cc\AppData\Roaming\Mozilla
2014-02-05 01:47:14 ----D---- C:\Users\cc\AppData\Roaming\Winamp
2014-02-05 01:46:44 ----D---- C:\Program Files\Winamp
2014-02-05 01:36:53 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-02-05 00:23:43 ----D---- C:\Users\cc\AppData\Roaming\vlc
2014-01-27 10:59:21 ----D---- C:\windows\system32\wdi
2014-01-27 02:54:54 ----D---- C:\Program Files\Microsoft Security Client
2014-01-26 11:28:55 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-01-25 16:28:49 ----D---- C:\ProgramData\Oracle
2014-01-25 16:18:41 ----D---- C:\ProgramData\Skype
2014-01-25 16:12:28 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 8
2014-01-25 16:05:37 ----D---- C:\Program Files\CCleaner
2014-01-21 14:44:09 ----D---- C:\windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-02-19 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-02-19 180248]
R0 giveio;giveio; C:\windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 nhcDriverDevice;Notebook Hardware Control Driver; C:\windows\system32\drivers\nhcDriver.sys [2011-07-13 71680]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\windows\system32\speedfan.sys [2012-12-29 24184]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-12-11 324096]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-08-21 18544]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2014-02-19 79720]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2014-02-19 775952]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2014-02-19 410784]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-11 243128]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-10-08 54800]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2014-02-19 67824]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2010-02-06 25888]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 aswStm;aswStm; \??\C:\windows\system32\drivers\aswStm.sys [2014-02-19 64168]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2009-06-15 475648]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2009-06-26 66080]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S1 sensorsview;sensorsview; C:\windows\system32\drivers\sensorsview.sys []
S2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2014-02-10 278984]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\cc\AppData\Local\Temp\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-10-28 87064]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-05-14 4231680]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-04 14848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 182680]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-11-04 49664]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-19 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2009-07-27 211488]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2013-04-03 587912]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-05 4915040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-14 136176]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2010-01-11 114176]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-17 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-14 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-13 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-21 118896]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

VIRY.CZ

Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru

Re: Win32/Bundled.Toolbar.Ask. - prosím o zbavení viru