Systemku.exe

Zpráva

mikimr · #1 Příspěvek od **mikimr** » 03 lis 2014 18:52

Dobrý deň v správcovi úloh som si všimol proces systemku.exe, pri googlovaní som sa nič užitočné nedozvedel - moja angličtina je slabá ( ak som správne pochopil je to malware ), popri tom mi ponuklo nástroj na čistenie, SpyHunter 4, ktorý našiel 150 hrozieb, ako som sa dozvedel podobné nástroje nie sú moc spoľahlive, scan som zrušil nič nemazal, prikladám log z Rsit.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2014-11-03 18:51:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 65 GB (65%) free of 100 GB
Total RAM: 2984 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:23, on 3. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
C:\Windows\system32\calc.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /SF3
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\btvstack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\athbttray.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Installer Service - Unknown owner - C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{0C808377-8C23-44ED-9016-05F42E6D4900}\Installer\InstallerService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: Systemk Service (SystemkService) - Aztec Media Inc - C:\Program Files\Settings Manager\systemk\SystemkService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 7915 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\extensions\
sk@dictionaries.addons.mozilla.org

C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\searchplugins\
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2012-11-29 52352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2262312]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2011-03-18 258048]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 83240]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-09-05 10992232]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2011-08-16 1571432]
"ATKOSD2"=C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22 318080]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]
"HControlUser"=C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-09-16 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-09-16 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-09-16 176408]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\btvstack.exe [2012-11-29 877184]
"AthBtTray"=C:\Program Files\Bluetooth Suite\athbttray.exe [2012-11-29 696448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"uTorrent"=C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-03 1322832]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-10-01 22065760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00]
C:\Program Files\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-09-26 4811032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4]
C:\Program Files\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
C:\Program Files\Nuance\PaperPort\IndexSearch.exe [2010-03-08 46368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
C:\Program Files\Nuance\PaperPort\pptd40nt.exe [2010-03-08 29984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller]
C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook]
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort12reminder]
C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-09-16 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-11-03 18:42:58 ----D---- C:\Users\Martin\AppData\Roaming\Enigma Software Group
2014-11-03 18:42:36 ----D---- C:\sh4ldr
2014-11-03 18:41:47 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2014-11-03 18:41:38 ----D---- C:\Program Files\Enigma Software Group
2014-10-16 14:04:22 ----A---- C:\Windows\system32\generaltel.dll
2014-10-16 14:04:21 ----A---- C:\Windows\system32\aepdu.dll
2014-10-16 14:04:20 ----A---- C:\Windows\system32\aeinv.dll
2014-10-16 14:04:19 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 14:04:08 ----A---- C:\Windows\system32\rastls.dll
2014-10-16 14:04:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-16 14:04:05 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 14:04:05 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-16 14:04:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 14:04:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-16 14:04:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-16 14:04:04 ----A---- C:\Windows\system32\wininet.dll
2014-10-16 14:04:04 ----A---- C:\Windows\system32\vbscript.dll
2014-10-16 14:04:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 14:04:04 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-16 14:04:03 ----A---- C:\Windows\system32\ieui.dll
2014-10-16 14:04:03 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-16 14:04:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-16 14:04:02 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-16 14:04:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-16 14:04:01 ----A---- C:\Windows\system32\iertutil.dll
2014-10-16 14:04:00 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-16 14:03:59 ----A---- C:\Windows\system32\jscript9.dll
2014-10-16 14:03:58 ----A---- C:\Windows\system32\mshtml.dll
2014-10-16 14:03:57 ----A---- C:\Windows\system32\iernonce.dll
2014-10-16 14:03:57 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-16 14:03:56 ----A---- C:\Windows\system32\urlmon.dll
2014-10-16 14:03:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-16 14:03:56 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-16 14:03:55 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-16 14:03:54 ----A---- C:\Windows\system32\msrating.dll
2014-10-16 14:03:54 ----A---- C:\Windows\system32\iesetup.dll
2014-10-16 14:03:54 ----A---- C:\Windows\system32\ieframe.dll
2014-10-16 14:03:02 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 14:03:02 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 14:03:00 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 14:02:52 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-16 14:02:46 ----A---- C:\Windows\system32\mstscax.dll
2014-10-16 14:02:39 ----A---- C:\Windows\system32\termsrv.dll
2014-10-16 14:02:38 ----A---- C:\Windows\system32\winsta.dll
2014-10-16 14:02:38 ----A---- C:\Windows\system32\winlogon.exe
2014-10-16 14:02:38 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 14:02:38 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 14:02:37 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-16 14:02:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-16 14:02:37 ----A---- C:\Windows\system32\credssp.dll
2014-10-16 14:02:19 ----A---- C:\Windows\system32\msi.dll
2014-10-16 14:02:14 ----A---- C:\Windows\system32\packager.dll
2014-10-15 10:57:22 ----D---- C:\Program Files\Mozilla Firefox
2014-10-05 13:45:41 ----D---- C:\ProgramData\Oracle
2014-10-05 13:45:37 ----D---- C:\Program Files\Common Files\Java
2014-10-05 13:45:29 ----A---- C:\Windows\system32\javaws.exe
2014-10-05 13:45:24 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-10-05 13:45:24 ----A---- C:\Windows\system32\javaw.exe
2014-10-05 13:45:24 ----A---- C:\Windows\system32\java.exe
2014-10-05 13:17:40 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of files/folders modified in the last 1 month======

2014-11-03 18:51:20 ----D---- C:\Program Files\trend micro
2014-11-03 18:51:07 ----D---- C:\ProgramData\systemk
2014-11-03 18:50:20 ----D---- C:\Windows\temp
2014-11-03 18:47:44 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent
2014-11-03 18:42:49 ----D---- C:\Windows\system32\Tasks
2014-11-03 18:41:47 ----D---- C:\Windows\system32\drivers
2014-11-03 18:41:38 ----RD---- C:\Program Files
2014-11-03 18:36:33 ----D---- C:\ProgramData\firebird
2014-11-03 18:24:51 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2014-11-03 17:25:41 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2014-11-03 09:11:25 ----D---- C:\Windows\system32\config
2014-11-03 08:59:35 ----D---- C:\Windows\System32
2014-11-03 08:59:35 ----D---- C:\Windows\inf
2014-11-03 08:59:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-03 08:55:31 ----A---- C:\Windows\system32\log.txt
2014-11-01 10:46:05 ----SHD---- C:\System Volume Information
2014-11-01 10:46:05 ----D---- C:\Windows\Prefetch
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-22 09:28:59 ----D---- C:\Windows\rescache
2014-10-18 09:09:41 ----D---- C:\Windows\Microsoft.NET
2014-10-18 09:08:53 ----RSD---- C:\Windows\assembly
2014-10-18 08:33:11 ----SHD---- C:\Windows\Installer
2014-10-18 08:33:10 ----D---- C:\ProgramData\Skype
2014-10-18 08:33:09 ----D---- C:\Config.Msi
2014-10-18 08:33:05 ----RD---- C:\Program Files\Skype
2014-10-18 08:25:50 ----D---- C:\Windows\winsxs
2014-10-18 00:02:17 ----SD---- C:\Windows\system32\CompatTel
2014-10-18 00:02:16 ----D---- C:\Windows\system32\en-US
2014-10-18 00:02:15 ----D---- C:\Program Files\Internet Explorer
2014-10-17 23:14:52 ----D---- C:\Windows\Tasks
2014-10-17 17:15:35 ----D---- C:\ProgramData\Microsoft Help
2014-10-17 17:11:10 ----D---- C:\Windows\system32\MRT
2014-10-17 16:58:39 ----D---- C:\Windows\debug
2014-10-17 16:58:32 ----A---- C:\Windows\system32\MRT.exe
2014-10-17 08:02:36 ----D---- C:\Windows\system32\catroot2
2014-10-16 22:27:38 ----D---- C:\Windows
2014-10-16 14:02:08 ----D---- C:\Windows\system32\catroot
2014-10-16 08:04:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-15 13:44:58 ----D---- C:\Program Files\Mozilla Firefox.bak
2014-10-15 13:44:43 ----D---- C:\Program Files\Defraggler
2014-10-15 13:44:17 ----D---- C:\Program Files\CCleaner
2014-10-11 11:46:20 ----D---- C:\Users\Martin\AppData\Roaming\XnView
2014-10-05 13:45:41 ----D---- C:\ProgramData
2014-10-05 13:45:37 ----D---- C:\Program Files\Common Files
2014-10-05 13:45:24 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2011-09-07 14464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-20 242240]
R1 MpKsla7964cbf;MpKsla7964cbf; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{92E2E2A6-A1F1-4CD4-9167-946E4EA491D1}\MpKsla7964cbf.sys [2014-11-03 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-22 313832]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-11-29 35968]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-10-03 2205696]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-11-29 299648]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-11-29 98432]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-11-29 25728]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-11-29 148096]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-11-29 60544]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-11-29 264704]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-11-29 470656]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-09-16 10843136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-09-06 3663848]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-09-16 269824]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1344560]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc2.cfg []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 46680]
S3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-22 102888]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2014-11-03 19984]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2012-11-29 195200]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2014-11-03 770944]
R2 SystemkService;Systemk Service; C:\Program Files\Settings Manager\systemk\SystemkService.exe [2014-07-17 3572240]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-16 267440]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2012-06-05 266240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-19 116648]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]
S3 Installer Service;Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{0C808377-8C23-44ED-9016-05F42E6D4900}\Installer\InstallerService.exe [2013-05-24 125288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-15 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-19 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 03 lis 2014 18:54

Zdravím

Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

mikimr · #3 Příspěvek od **mikimr** » 03 lis 2014 19:06

Dakujem:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Home Premium x86
Ran by Martin on po 03. 11. 2014 at 19:04:06,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] f06deff2-5b9c-490d-910f-35d3a9119622
Successfully deleted: [Service] f06deff2-5b9c-490d-910f-35d3a9119622

~~~ Registry Values

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Martin\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Martin\appdata\locallow\datamngr"

~~~ FireFox

Successfully deleted: [File] C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\2pufn8zd.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\2pufn8zd.default\searchplugins\bingp.xml
Emptied folder: C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\2pufn8zd.default\minidumps [67 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 03. 11. 2014 at 19:06:11,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mikimr · #4 Příspěvek od **mikimr** » 03 lis 2014 19:12

# AdwCleaner v3.311 - Report created 03/11/2014 at 19:10:03
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : SystemkService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\systemk
[!] Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Users\Martin\AppData\Roaming\FirefoxToolbar

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v33.0 (x86 sk)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\prefs.js ]

-\\ Google Chrome v38.0.2125.111

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=gc_&babsrc=SP_ss&mntrId=123810BF4821FFD3
Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=503&aid=100& ... 22&src=hmp
Deleted [Homepage] : hxxp://www.default-search.net?sid=503&aid=100& ... 22&src=hmp

*************************

AdwCleaner[R0].txt - [2282 octets] - [10/04/2014 19:18:45]
AdwCleaner[R1].txt - [3159 octets] - [03/11/2014 19:08:01]
AdwCleaner[S0].txt - [2379 octets] - [10/04/2014 19:19:40]
AdwCleaner[S1].txt - [2960 octets] - [03/11/2014 19:10:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3020 octets] ##########

#5 Příspěvek od **motji** » 03 lis 2014 20:57

Spyhunter odinstalujte.
Už to vypadá lépe

, ale pokračujeme

Použijte

CCleaner http://forum.viry.cz/viewtopic.php?f=46&t=7478

Použijte Mbam, log vložte zde
http://forum.viry.cz/viewtopic.php?f=29&t=137928

mikimr · #6 Příspěvek od **mikimr** » 03 lis 2014 21:43

Spyhunter bol odinstalovany ešte pred prvými scanmi,
a paráda už mi ide aj program na diagnostiku LPG v automobile ktorý nechcel ísť ( spúšťal sa len na pozadí)

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 3. 11. 2014
Scan Time: 21:30:13
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.03.09
Rootkit Database: v2014.11.01.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Martin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303727
Time Elapsed: 11 min, 35 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\bitstreams, , [c3a246f11765fb3b1714e01c13ef3bc5],

Files: 14
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\diablo130302.cl, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\diakgcn121016.cl, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\libcurl-4.dll, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\libeay32.dll, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\libidn-11.dll, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\librtmp.dll, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\libssh2.dll, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\phatk121016.cl, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\poclbm130302.cl, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\scrypt130511.cl, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\ssleay32.dll, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\zlib1.dll, , [c3a246f11765fb3b1714e01c13ef3bc5],
Trojan.Agent.BCM, C:\Windows\inf\mncgnhkis\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [c3a246f11765fb3b1714e01c13ef3bc5],
PUP.Optional.DefaultSearch.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences, Good: (), Bad: ( "homepage": "http://www.default-search.net?sid=503&a ... 22&src=hmp",), ,[e77e1e19d4a890a6d9b0006ecb3a4bb5]

Physical Sectors: 0
(No malicious items detected)

(end)

#7 Příspěvek od **motji** » 04 lis 2014 19:10

V mbamu vše smažte a poprosím o nový log z Frstu.

mikimr · #8 Příspěvek od **mikimr** » 04 lis 2014 19:19

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by Martin at 2014-11-04 19:17:06
Running from C:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
AC3Filter 2.5b (HKLM\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
Astroburn Lite (HKLM\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
Atheros Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.4.0.170 - Atheros)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Brother MFL-Pro Suite DCP-7060D (HKLM\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Fakturatik (HKLM\...\Fakturatik_is1) (Version: - Rastislav Korytár - RK Software)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Kniha jázd - Speedy (HKLM\...\Kniha jázd - Speedy_is1) (Version: - Kamar software)
Malwarebytes Anti-Malware verzia 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 33.0 (x86 sk) (HKLM\...\Mozilla Firefox 33.0 (x86 sk)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden
Nuance PaperPort 12 (HKLM\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PhotoFiltre (HKCU\...\PhotoFiltre) (Version: - )
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6454 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scansoft PDF Professional (Version: - ) Hidden
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (32-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-616477033-3631907855-1866218665-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Martin\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe No (the data entry has 5 more characters).

==================== Restore Points =========================

04-11-2014 09:46:58 Plánovaný kontrolný bod
04-11-2014 12:46:15 Revo Uninstaller's restore point - AIMP3
04-11-2014 12:48:03 Revo Uninstaller's restore point - Ashampoo Burning Studio 6 FREE v.6.83
04-11-2014 12:48:20 Revo Uninstaller's restore point - Autocom Cars CDP
04-11-2014 12:49:45 Revo Uninstaller's restore point - Batch PDF Watermark
04-11-2014 12:50:48 Revo Uninstaller's restore point - Google Chrome
04-11-2014 12:55:39 Revo Uninstaller's restore point - Nokia Connectivity Cable Driver
04-11-2014 12:57:38 Revo Uninstaller's restore point - Nokia Suite
04-11-2014 13:03:28 Revo Uninstaller's restore point - paint.net
04-11-2014 13:03:38 Removed paint.net

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2013-07-16 09:35 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01518FF4-C349-4E85-9568-85ED35573AED} - System32\Tasks\{BDDB8326-C74A-462C-A527-7974F2C67A1D} => E:\Solaris Diagnostic & OBD\Solaris Diagnostic & OBD.exe
Task: {384D309D-C4DD-44F8-8A01-F9B7491BE666} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {4DED6DC3-8107-4D80-88E6-BBD566525E58} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {5C0F0F0B-5E0D-49A5-AC2E-516CFB03DD67} - System32\Tasks\{9CB2AF23-8C62-482A-9DFE-A868373D13CA} => E:\Solaris Diagnostic & OBD\Solaris Diagnostic & OBD.exe
Task: {73F87918-F6D1-4251-8E23-D1A8A2226303} - System32\Tasks\{AC551C3F-175A-4B27-A377-95C3FC4B01F3} => E:\Solaris Diagnostic & OBD\Solaris Diagnostic & OBD.exe
Task: {7D9576EB-24CA-40A7-B44A-352679225C36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-16] (Adobe Systems Incorporated)
Task: {94A64D76-5DBE-44F2-B868-A454A8838433} - System32\Tasks\{2A788FF9-4D75-4CEA-9163-DD0A8BC133C6} => E:\Solaris Diagnostic & OBD\Solaris Diagnostic & OBD.exe
Task: {9831D92B-CD1F-4301-A2A1-E408558F22D7} - System32\Tasks\{85757314-5D2A-4105-AE25-6CE93C17DE97} => E:\Solaris Diagnostic & OBD\Solaris Diagnostic & OBD.exe
Task: {984F2D47-59BB-4C9E-9589-A3CBBE3C9818} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {B5FCDF07-00BE-495F-9CDE-5CB2D93750C4} - System32\Tasks\AdobeAAMUpdater-1.0-Martin-PC-Martin => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22] (Adobe Systems Incorporated)
Task: {E774E177-BA7D-437C-B233-BEBC09AA365F} - System32\Tasks\ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-19 17:53 - 2010-05-10 12:26 - 00116736 _____ () C:\Windows\System32\qvredmonnt.dll
2010-07-14 15:12 - 2010-07-14 15:12 - 00021120 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-05-19 13:44 - 2011-05-05 13:32 - 00066856 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2013-05-08 15:26 - 2011-09-16 10:38 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2014-10-15 10:57 - 2014-10-15 10:57 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-10-16 08:26 - 2014-10-16 08:26 - 16832176 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:D928C9E8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-616477033-3631907855-1866218665-500 - Administrator - Disabled)
Guest (S-1-5-21-616477033-3631907855-1866218665-501 - Limited - Disabled)
Martin (S-1-5-21-616477033-3631907855-1866218665-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/04/2014 02:29:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.0.0.5397 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12b0

Start Time: 01cff806df3e49f9

Termination Time: 166

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id:

Error: (11/04/2014 02:29:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: plugin-container.exe, verzia: 33.0.0.5397, časová značka: 0x543924b1
Názov chybového modulu: mozalloc.dll, verzia: 33.0.0.5397, časová značka: 0x5438ffbb
Kód výnimky: 0x80000003
Odstup chyby: 0x00001425
Identifikácia chybného procesu: 0xb34
Čas spustenia chybnej aplikácie: 0xplugin-container.exe0
Cesta chybnej aplikácie: plugin-container.exe1
Cesta chybného modulu: plugin-container.exe2
Identifikácia hlásenia: plugin-container.exe3

Error: (11/04/2014 01:46:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Prístup je odmietnutý.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bca7d110-f4f6-4fa3-af18-d5430f0ebb62}

Error: (11/04/2014 10:42:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/04/2014 10:40:34 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (11/04/2014 09:10:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/04/2014 09:10:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/04/2014 09:06:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/03/2014 11:32:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GOM.exe version 2.2.64.5211 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1180

Start Time: 01cff7a9d30efe3c

Termination Time: 14

Application Path: C:\Program Files\GRETECH\GomPlayer\GOM.exe

Report Id: 53f2fcbb-63a9-11e4-92b8-94dbc9b27048

Error: (11/03/2014 09:53:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Solaris Diagnostic & OBD.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 70c

Start Time: 01cff7a83497ea40

Termination Time: 14

Application Path: E:\Solaris Diagnostic & OBD\Solaris Diagnostic & OBD.exe

Report Id:

System errors:
=============
Error: (11/04/2014 09:04:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Remote Access Connection Manager, od ktorej závisí služba Internet Connection Sharing (ICS), zlyhalo kvôli nasledujúcej chybe:
%%1068

Error: (11/04/2014 09:04:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Telefonovanie, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (11/03/2014 10:40:00 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/03/2014 09:45:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Remote Access Connection Manager, od ktorej závisí služba Internet Connection Sharing (ICS), zlyhalo kvôli nasledujúcej chybe:
%%1068

Error: (11/03/2014 09:45:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Telefonovanie, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (11/03/2014 07:11:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Remote Access Connection Manager, od ktorej závisí služba Internet Connection Sharing (ICS), zlyhalo kvôli nasledujúcej chybe:
%%1068

Error: (11/03/2014 07:11:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Telefonovanie, od ktorej závisí služba Remote Access Connection Manager, zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (11/03/2014 07:08:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 72%
Total physical RAM: 2984.13 MB
Available physical RAM: 832.13 MB
Total Pagefile: 5966.54 MB
Available Pagefile: 3487.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:70.59 GB) NTFS
Drive d: () (Fixed) (Total:97.66 GB) (Free:54.13 GB) NTFS
Drive e: () (Fixed) (Total:270.45 GB) (Free:8.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#9 Příspěvek od **motji** » 04 lis 2014 20:50

Poprosím ten druhý log, ne adition, ten tu už je. A prosím text zkopírujte zde

mikimr · #10 Příspěvek od **mikimr** » 04 lis 2014 20:54

Ja skopíroval ten čo mi otvorilo ospravedlnujem, tak asi tento:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Martin (administrator) on MARTIN-PC on 04-11-2014 19:16:01
Running from C:\Users\Martin\Desktop
Loaded Profile: Martin (Available profiles: Martin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Atheros) C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Antonio Da Cruz) C:\Program Files\PhotoFiltre\PhotoFiltre.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2262312 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [258048 2011-03-18] (Alcor Micro Corp.)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10992232 2011-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1571432 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\btvstack.exe [877184 2012-11-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\athbttray.exe [696448 2012-11-29] (Atheros Commnucations)
HKU\S-1-5-21-616477033-3631907855-1866218665-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-616477033-3631907855-1866218665-1000\...\Run: [uTorrent] => C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.)
HKU\S-1-5-21-616477033-3631907855-1866218665-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-us/?pc=UP97&ocid=UP97DHP
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-616477033-3631907855-1866218665-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Slovníky slovenského pravopisu - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\sk@dictionaries.addons.mozilla.org [2014-10-28]
FF Extension: Add Bookmark Here ² - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\abhere2@moztw.org.xpi [2014-09-03]
FF Extension: Save Text To File - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\HighlightedTextToFile@bobbyrne01.org.xpi [2014-09-03]
FF Extension: Slovak (SK) Language Pack - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2014-09-03]
FF Extension: Image Zoom - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2014-09-03]
FF Extension: X-notifier - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-09-03]
FF Extension: Text Link - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2014-09-03]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2pufn8zd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-03]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-11-29] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [46680 2011-03-18] (Alcor Micro, Corp.)
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [102888 2011-11-22] (ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [313832 2011-11-22] (ASMedia Technology Inc)
R3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [35968 2012-11-29] (Atheros)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [299648 2012-11-29] (Atheros)
R3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [98432 2012-11-29] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25728 2012-11-29] (Atheros)
R3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [148096 2012-11-29] (Atheros)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [60544 2012-11-29] (Atheros)
R3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [264704 2012-11-29] (Atheros)
R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [470656 2012-11-29] (Atheros)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-05-20] (DT Soft Ltd)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [61704 2011-03-18] (FTDI Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsl5dfe8e83; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{91CF8551-7268-49D1-90CA-532AB3992A36}\MpKsl5dfe8e83.sys [39464 2014-11-04] (Microsoft Corporation)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [67968 2012-05-23] (ZTE) [File not signed]
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [9984 2012-05-23] (ZTE) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-04 19:16 - 2014-11-04 19:16 - 00015166 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-11-04 19:15 - 2014-11-04 19:16 - 00000000 ____D () C:\FRST
2014-11-04 19:15 - 2014-11-04 19:15 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2014-11-04 19:14 - 2014-11-04 19:14 - 01106432 _____ (Farbar) C:\Users\Martin\Desktop\FRST.exe
2014-11-04 09:06 - 2014-11-04 09:06 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-03 21:45 - 2014-11-04 09:04 - 00004004 _____ () C:\Windows\PFRO.log
2014-11-03 21:45 - 2014-11-04 09:04 - 00000168 _____ () C:\Windows\setupact.log
2014-11-03 21:45 - 2014-11-03 21:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-03 21:29 - 2014-11-04 09:06 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-03 21:29 - 2014-11-03 21:29 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-03 21:29 - 2014-11-03 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-03 21:28 - 2014-11-03 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-03 21:28 - 2014-11-03 21:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-03 21:28 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-03 21:28 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-03 21:28 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-03 19:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-11-03 19:07 - 2014-11-03 19:07 - 01375089 _____ () C:\Users\Martin\Desktop\AdwCleaner.exe
2014-11-03 19:06 - 2014-11-03 19:06 - 00003832 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-11-03 19:04 - 2014-11-03 19:04 - 00000000 ____D () C:\Windows\ERUNT
2014-11-03 18:56 - 2014-11-03 18:56 - 01706359 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2014-10-16 14:04 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 14:04 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 14:04 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 14:04 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 14:04 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 14:04 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 14:04 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 14:04 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 14:04 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 14:04 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 14:04 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 14:04 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 14:04 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 14:04 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 14:04 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 14:04 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 14:04 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 14:04 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 14:04 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 14:04 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 14:04 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 14:04 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 14:03 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 14:03 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 14:03 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 14:03 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 14:03 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 14:03 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 14:03 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 14:03 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 14:03 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 14:03 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 14:03 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 14:03 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 14:03 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 14:03 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 14:03 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 14:03 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 14:02 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 14:02 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 14:02 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 14:02 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 14:02 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 14:02 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 14:02 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 14:02 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 14:02 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 09:18 - 2014-10-16 09:18 - 00125143 _____ () C:\Users\Martin\Downloads\Xnotifier_for_Chrome_3_3_10.crx
2014-10-15 10:57 - 2014-10-15 10:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-05 13:45 - 2014-10-05 13:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-05 13:45 - 2014-10-05 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-05 13:45 - 2014-10-05 13:45 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-05 13:45 - 2014-07-25 11:55 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-05 13:45 - 2014-07-25 11:49 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-05 13:45 - 2014-07-25 11:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-05 13:45 - 2014-07-25 11:49 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-05 13:44 - 2014-10-05 13:45 - 00006095 _____ () C:\Windows\system32\jupdate-1.7.0_67-b01.log
2014-10-05 13:17 - 2014-11-04 19:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 13:17 - 2014-10-16 08:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-05 13:17 - 2014-10-16 08:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-04 19:12 - 2013-05-19 14:17 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\uTorrent
2014-11-04 19:06 - 2013-05-19 14:16 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2014-11-04 15:28 - 2013-05-19 13:34 - 01858939 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 14:29 - 2013-05-27 21:58 - 00000000 ____D () C:\Users\Martin\AppData\Local\CrashDumps
2014-11-04 14:04 - 2014-09-13 11:57 - 00000000 ____D () C:\Users\Martin\AppData\Local\paint.net
2014-11-04 14:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-04 13:59 - 2013-05-24 18:58 - 00000000 ____D () C:\ProgramData\Nokia
2014-11-04 13:59 - 2013-05-24 18:47 - 00000000 ____D () C:\Program Files\Common Files\Nokia
2014-11-04 13:59 - 2013-05-24 18:46 - 00000000 ____D () C:\Program Files\Nokia
2014-11-04 13:51 - 2013-05-19 14:14 - 00000000 ____D () C:\Program Files\Google
2014-11-04 13:50 - 2013-08-01 14:30 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Batch PDF Watermark
2014-11-04 13:49 - 2013-06-04 10:38 - 00000000 ____D () C:\Program Files\Autocom
2014-11-04 13:42 - 2013-06-16 09:32 - 00000000 ____D () C:\ProgramData\firebird
2014-11-04 09:12 - 2009-07-14 05:34 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 09:12 - 2009-07-14 05:34 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 09:10 - 2010-11-20 22:01 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 09:04 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 00:46 - 2013-05-19 14:55 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2014-11-03 22:07 - 2013-05-19 14:26 - 00001863 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-11-03 22:07 - 2013-05-19 14:26 - 00000000 ____D () C:\Program Files\Defraggler
2014-11-03 22:07 - 2013-05-19 14:13 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-03 22:07 - 2013-05-19 14:13 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-03 22:04 - 2013-08-31 22:26 - 00001155 _____ () C:\Users\Public\Desktop\GOM Player.lnk
2014-11-03 22:04 - 2013-05-19 14:14 - 00001179 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-11-03 22:04 - 2013-05-19 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2014-11-03 19:10 - 2014-04-10 19:18 - 00000000 ____D () C:\AdwCleaner
2014-11-03 18:51 - 2013-08-02 12:49 - 01107968 _____ () C:\Users\Martin\Desktop\RSIT.exe
2014-11-03 18:51 - 2013-07-14 14:32 - 00000000 ____D () C:\Program Files\trend micro
2014-11-03 18:42 - 2013-05-19 13:39 - 00000000 ____D () C:\Users\Martin
2014-11-03 18:37 - 2013-10-18 14:35 - 00007603 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-10-30 12:24 - 2013-05-19 14:28 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 17:00 - 2013-06-24 12:12 - 00000997 _____ () C:\Users\Martin\Desktop\vcds.txt
2014-10-22 16:25 - 2014-08-23 10:25 - 00000748 _____ () C:\Users\Martin\Desktop\Solaris Diagnostic & OBD.lnk
2014-10-22 09:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-21 23:49 - 2014-09-03 18:43 - 00000270 _____ () C:\Users\Martin\Desktop\miro bug.txt
2014-10-18 08:33 - 2014-09-18 07:54 - 00000000 ___RD () C:\Program Files\Skype
2014-10-18 08:33 - 2013-05-19 14:16 - 00000000 ____D () C:\ProgramData\Skype
2014-10-18 08:25 - 2009-07-14 05:33 - 03766688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 00:02 - 2014-05-08 00:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 17:15 - 2013-05-19 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 17:11 - 2013-07-30 02:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 16:58 - 2013-05-19 14:59 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 08:52 - 2014-08-15 08:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe
2014-10-16 08:04 - 2014-09-03 08:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-15 13:44 - 2014-09-12 20:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-10-15 07:57 - 2014-03-17 09:31 - 00000721 _____ () C:\Users\Martin\Desktop\odkazy.txt
2014-10-11 11:46 - 2013-05-20 19:08 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\XnView
2014-10-05 13:45 - 2013-07-02 13:07 - 00000000 ____D () C:\Program Files\Java

Files to move or delete:
====================
C:\Users\Martin\esetsmartinstaller_sky.exe

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\ExPromo.exe
C:\Users\Martin\AppData\Local\temp\NOSEventMessages.dll
C:\Users\Martin\AppData\Local\temp\Quarantine.exe
C:\Users\Martin\AppData\Local\temp\Uni98BB.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:D928C9E8

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Martin\Desktop" je 24 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00
C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4
C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch
"C:\Program Files\Nuance\PaperPort\IndexSearch.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD
"C:\Program Files\Nuance\PaperPort\pptd40nt.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller
C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort12reminder
"C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#11 Příspěvek od **motji** » 04 lis 2014 21:00

Co počítač?
Tento program znáte?
c:\program files\settings manager

mikimr · #12 Příspěvek od **mikimr** » 04 lis 2014 21:10

PC už vyzerá byť ok, vidno aj podľa toho že otvorilo program na diagnostiku na plyn (pôvodne som si myslel že ju zobrazovala na pozadi - len v správcovi úloh kvôli aktualizáciam)

Ten program nepoznám, ani ho v Program Files nevidím( skryté súbory mám zobrazené)

#13 Příspěvek od **motji** » 04 lis 2014 21:23

otevřete poznámkový blok a zkopírujte od něj:

Kód: Vybrat vše

S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [X]
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [67968 2012-05-23] (ZTE) [File not signed]
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [9984 2012-05-23] (ZTE) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-616477033-3631907855-1866218665-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll
 c:\program files\settings manager

-uložte jako fixlist.txt vedle Frstu
-spusťte Frst a klikněte na fix.
-log vložte zde.

mikimr · #14 Příspěvek od **mikimr** » 04 lis 2014 21:57

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-11-2014
Ran by Martin at 2014-11-04 21:57:19 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profile: Martin (Available profiles: Martin)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [X]
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [67968 2012-05-23] (ZTE) [File not signed]
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [9984 2012-05-23] (ZTE) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-616477033-3631907855-1866218665-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll
c:\program files\settings manager
*****************

catchme => Service deleted successfully.
zte_cdc_acm => Service deleted successfully.
zte_cpo => Service deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-616477033-3631907855-1866218665-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => value deleted successfully.
"c:\program files\settings manager" => File/Directory not found.

==== End of Fixlog ====

#15 Příspěvek od **motji** » 04 lis 2014 22:08

Poprosím o nový log z Frstu

VIRY.CZ

Systemku.exe

Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe

Re: Systemku.exe