Zdravím,Po spuštění a přihlášení se mi ntb cca po 5 minutách freezne a pomáhá jen tvrdý restart.V nouzovém režimu vše pracuje.Posílám sem svůj log.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Speciální školy at 2013-05-20 13:51:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 252 GB (86%) free of 292 GB
Total RAM: 3959 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:51:31, on 20.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files\trend micro\Speciální školy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 0F6E7C76ED
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Registrace NHL™ 09.lnk = C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11593 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2000.55f3500.401961588 "C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 2000 "\\.\pipe\gecko-crash-server-pipe.2000" plugin
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2000.c8b2300.644050537 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 2000 "\\.\pipe\gecko-crash-server-pipe.2000" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --proxy-stub-channel=Flash1728.73191D90.29279 --host-broker-channel=Flash1728.73191D90.5371 --host-pid=1728 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --channel=1072.0051F150.734098609 --proxy-stub-channel=Flash1728.73191D90.29279 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" --host-npapi-version=27 --type=renderer
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Speciální školy\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5e03ff43-c80a-42f3-ac3b-308b7ee39f0d.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 935d397a-30d9-4369-b1dc-6b320c0f013b.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\
{7473b6bd-4691-4744-a82b-7854eb3d70b6}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\
babylon.xml
BrowserProtect.xml
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Seznam.chromeUpdatePref"=C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-15 5622512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-28 265984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
C:\Users\Speciální školy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Registrace NHL™ 09.lnk - C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-20 13:51:25 ----D---- C:\rsit
2013-05-20 13:51:25 ----D---- C:\Program Files\trend micro
2013-05-20 13:35:50 ----D---- C:\e0d0010b33ed6a872a
2013-05-19 15:35:07 ----D---- C:\3cb4926896905ecf320a5571f3
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\GUMCBC.tmp
2013-05-18 15:52:44 ----A---- C:\Program Files (x86)\GUTCBD.tmp
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-05-18 15:52:41 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-05-18 15:52:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-05-18 15:52:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\aswBoot.exe
2013-05-18 15:52:00 ----A---- C:\Windows\avastSS.scr
2013-05-18 15:51:36 ----D---- C:\Program Files\AVAST Software
2013-05-18 15:27:57 ----D---- C:\ProgramData\AVAST Software
2013-05-18 14:03:25 ----D---- C:\Users\Speciální školy\AppData\Roaming\SUPERAntiSpyware.com
2013-05-18 14:03:00 ----D---- C:\Program Files\SUPERAntiSpyware
2013-05-18 14:02:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-05-18 11:55:33 ----D---- C:\Windows\Minidump
2013-05-18 10:15:30 ----D---- C:\Users\Speciální školy\AppData\Roaming\Hard Disk Sentinel
2013-05-18 10:15:22 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-05-17 15:40:21 ----A---- C:\Windows\ntbtlog.txt
2013-05-16 15:35:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-16 15:35:37 ----A---- C:\Windows\system32\mshtml.dll
2013-05-16 15:34:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-16 15:34:18 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-16 15:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-16 15:34:15 ----A---- C:\Windows\system32\iertutil.dll
2013-05-16 15:34:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-16 15:34:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieui.dll
2013-05-16 15:34:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\url.dll
2013-05-16 15:34:09 ----A---- C:\Windows\system32\jscript9.dll
2013-05-16 15:34:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\system32\wininet.dll
2013-05-16 15:34:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-16 15:34:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-16 15:34:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\vbscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\jscript.dll
2013-05-16 15:34:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-16 15:33:57 ----A---- C:\Windows\system32\ieframe.dll
2013-05-16 15:33:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-16 15:31:03 ----D---- C:\ProgramData\Arcade Lab
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\Extensions
2013-04-24 14:10:17 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 1 month======
2013-05-20 13:51:25 ----RD---- C:\Program Files
2013-05-20 13:35:41 ----SHD---- C:\System Volume Information
2013-05-20 13:35:00 ----D---- C:\Windows\system32\config
2013-05-20 13:34:57 ----D---- C:\Windows\Prefetch
2013-05-20 13:33:41 ----D---- C:\Windows\Temp
2013-05-20 13:31:02 ----D---- C:\Windows\system32\Tasks
2013-05-20 13:30:55 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-19 13:09:07 ----D---- C:\Windows\Microsoft.NET
2013-05-19 12:17:06 ----D---- C:\Windows\system32\LogFiles
2013-05-19 09:38:54 ----D---- C:\Windows\System32
2013-05-19 09:38:54 ----D---- C:\Windows\inf
2013-05-19 09:38:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-18 19:08:58 ----RD---- C:\Program Files (x86)
2013-05-18 19:08:07 ----SHD---- C:\Windows\Installer
2013-05-18 15:59:55 ----D---- C:\Windows\system32\catroot2
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\Google
2013-05-18 15:52:42 ----D---- C:\Windows\system32\drivers
2013-05-18 15:52:36 ----D---- C:\Windows\SysWOW64
2013-05-18 15:52:00 ----D---- C:\Windows
2013-05-18 15:27:57 ----HD---- C:\ProgramData
2013-05-18 15:22:42 ----D---- C:\Windows\system32\wdi
2013-05-18 15:03:07 ----D---- C:\Windows\system32\catroot
2013-05-18 14:03:33 ----D---- C:\Windows\Tasks
2013-05-18 10:22:50 ----D---- C:\Windows\Downloaded Installations
2013-05-18 10:16:14 ----SD---- C:\Users\Speciální školy\AppData\Roaming\Microsoft
2013-05-18 10:16:14 ----SD---- C:\ProgramData\Microsoft
2013-05-17 22:50:33 ----RSD---- C:\Windows\assembly
2013-05-17 20:14:52 ----D---- C:\Users\Speciální školy\AppData\Roaming\Seznam.cz
2013-05-17 20:14:15 ----D---- C:\Program Files (x86)\WinRAR
2013-05-17 20:12:48 ----D---- C:\Program Files\Google
2013-05-17 20:09:17 ----D---- C:\Program Files (x86)\VideoLAN
2013-05-17 20:09:00 ----D---- C:\Users\Speciální školy\AppData\Roaming\uTorrent
2013-05-17 20:06:48 ----D---- C:\ProgramData\Google
2013-05-17 19:50:37 ----D---- C:\Windows\system32\DriverStore
2013-05-16 18:38:34 ----D---- C:\Windows\winsxs
2013-05-16 18:37:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-16 18:37:47 ----D---- C:\Windows\SYSWOW64\migration
2013-05-16 18:37:47 ----D---- C:\Windows\system32\migration
2013-05-16 18:37:46 ----D---- C:\Program Files\Internet Explorer
2013-05-16 15:41:36 ----AD---- C:\ProgramData\Temp
2013-05-16 15:36:27 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 14:25:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-14 09:21:34 ----D---- C:\ProgramData\BrowserProtect
2013-05-05 22:17:08 ----D---- C:\Users\Speciální školy\AppData\Roaming\Mumble
2013-05-02 17:29:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 17:33:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-30 17:49:57 ----D---- C:\Windows\system32\NDF
2013-04-30 10:23:47 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 1025808]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 378432]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-08 143088]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-03-22 2787280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-06 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Freeznutí ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Freeznutí ntb
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search (hledat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Freeznutí ntb
A mám to spustit v nouzovém režimu?
Re: Freeznutí ntb
Log z nouzového režimu:
# AdwCleaner v2.301 - Log vytvooen 20/05/2013 v 18:07:40
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Speciální školy - 2K13
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\Users\Speciální školy\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : BrowserProtect
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\Partner
Složka Nalezeno : C:\Users\Speciální školy\AppData\Local\Conduit
Složka Nalezeno : C:\Users\Speciální školy\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\CT3220468
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\Smartbar
Složka Nalezeno : C:\Users\SPECIL~1\AppData\Local\Temp\CT3220468
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_extensions.sqlite
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_prefs.js
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\Babylon.xml
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\BrowserProtect.xml
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Crossrider
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\BabylonToolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Cr_Installer
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\DataMngr_Toolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Nalezeno : HKCU\Software\52ede88b139ec12
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\52ede88b139ec12
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Klíe Nalezeno : HKU\S-1-5-21-685018000-2836272546-4105339031-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-685018000-2836272546-4105339031-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16483
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119816&babs ... 0F6E7C76ED
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\prefs.js
Nalezeno : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM1OTEyODQyOCwidXVpZCI6Njc5MzE1Mzg1MzIzNDI3LCJ[...]
Nalezeno : user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
Nalezeno : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Nalezeno : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Nalezeno : user_pref("CT3220468.FirstTime", "true");
Nalezeno : user_pref("CT3220468.FirstTimeFF3", "true");
Nalezeno : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Nalezeno : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Nalezeno : user_pref("CT3220468.UserID", "UN07933648579509895");
Nalezeno : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Nalezeno : user_pref("CT3220468.autoDisableScopes", -1);
Nalezeno : user_pref("CT3220468.browser.search.defaultthis.engineName", true);
Nalezeno : user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
Nalezeno : user_pref("CT3220468.cbfirsttime.enc", "RnJpIEphbiAyNSAyMDEzIDE2OjQwOjI4IEdNVCswMTAw");
Nalezeno : user_pref("CT3220468.defaultSearch", "true");
Nalezeno : user_pref("CT3220468.enableAlerts", "always");
Nalezeno : user_pref("CT3220468.enableFix404ByUser", "FALSE");
Nalezeno : user_pref("CT3220468.enableSearchFromAddressBar", "true");
Nalezeno : user_pref("CT3220468.firstTimeDialogOpened", "true");
Nalezeno : user_pref("CT3220468.fixPageNotFoundError", "true");
Nalezeno : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
Nalezeno : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Nalezeno : user_pref("CT3220468.fixUrls", true);
Nalezeno : user_pref("CT3220468.installType", "xpe");
Nalezeno : user_pref("CT3220468.isCheckedStartAsHidden", true);
Nalezeno : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Nalezeno : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Nalezeno : user_pref("CT3220468.isNewTabEnabled", false);
Nalezeno : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Nalezeno : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Nalezeno : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Nalezeno : user_pref("CT3220468.keyword", true);
Nalezeno : user_pref("CT3220468.lastVersion", "10.15.0.562");
Nalezeno : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2NTYwMzc4ODU1NQ==");
Nalezeno : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
Nalezeno : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
Nalezeno : user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Nalezeno : user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Nalezeno : user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5Iiw[...]
Nalezeno : user_pref("CT3220468.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Nalezeno : user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
Nalezeno : user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM2NTYwMzczNDAwMQ==");
Nalezeno : user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Nalezeno : user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Nalezeno : user_pref("CT3220468.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Nalezeno : user_pref("CT3220468.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Nalezeno : user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Nalezeno : user_pref("CT3220468.mam_gk_userId.enc", "MGI3OWVmZjQtZjEwYi00NjA1LTgyMGUtOGU0MzIxZTI4ODRj");
Nalezeno : user_pref("CT3220468.migrateAppsAndComponents", true);
Nalezeno : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Nalezeno : user_pref("CT3220468.openThankYouPage", "true");
Nalezeno : user_pref("CT3220468.openUninstallPage", "false");
Nalezeno : user_pref("CT3220468.revertSettingsEnabled", "false");
Nalezeno : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Nalezeno : user_pref("CT3220468.search.searchCount", "0");
Nalezeno : user_pref("CT3220468.searchInNewTabEnabled", "false");
Nalezeno : user_pref("CT3220468.searchInNewTabEnabledByUser", "false");
Nalezeno : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Nalezeno : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Nalezeno : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Nalezeno : user_pref("CT3220468.sendUsageEnabled", "false");
Nalezeno : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Nalezeno : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359128426765");
Nalezeno : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1359128426543");
Nalezeno : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359128426993");
Nalezeno : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1369050634726");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1362423373544");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364317663975");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363188727166");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369065036256");
Nalezeno : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359128427047");
Nalezeno : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1359128425794");
Nalezeno : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1369050634447");
Nalezeno : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359128427299");
Nalezeno : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1369065035211");
Nalezeno : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1369050634793");
Nalezeno : user_pref("CT3220468.settingsINI", true);
Nalezeno : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Nalezeno : user_pref("CT3220468.showToolbarPermission", "false");
Nalezeno : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Nalezeno : user_pref("CT3220468.smartbar.Uninstall", "0");
Nalezeno : user_pref("CT3220468.smartbar.homepage", true);
Nalezeno : user_pref("CT3220468.smartbar.isHidden", true);
Nalezeno : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Nalezeno : user_pref("CT3220468.toolbarBornServerTime", "25-1-2013");
Nalezeno : user_pref("CT3220468.toolbarCurrentServerTime", "20-5-2013");
Nalezeno : user_pref("CT3220468.toolbarLoginClientTime", "Wed Mar 13 2013 18:25:47 GMT+0100");
Nalezeno : user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY3ovdXJsP3NhPXQmcmN0PWomcT10cmFj[...]
Nalezeno : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nalezeno : user_pref("Smartbar.ConduitHomepagesList", "");
Nalezeno : user_pref("Smartbar.ConduitSearchEngineList", "");
Nalezeno : user_pref("Smartbar.ConduitSearchUrlList", "");
Nalezeno : user_pref("Smartbar.keywordURLSelectedCTID", "");
Nalezeno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntr[...]
Nalezeno : user_pref("avg.install.userSPSettings", "Delta Search");
Nalezeno : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119816&babs ... trId=980A4[...]
Nalezeno : user_pref("browser.search.order.1", "Delta Search");
Nalezeno : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13[...]
Nalezeno : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Nalezeno : user_pref("smartbar.machineId", "6K9EE3+XMPYESUWQ2GXDW3VNK5DOBUNZQ/FPH1ONA5H1IUDUJIRDOFP7NOXM/ABKATE[...]
Nalezeno : user_pref("smartbar.originalHomepage", "www.seznam.cz");
Nalezeno : user_pref("smartbar.originalSearchAddressUrl", "");
Nalezeno : user_pref("smartbar.originalSearchEngine", false);
-\\ Chromium v window_placement: {
bottom: 718
Soubor : C:\Users\Speciální školy\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13379 octets] - [20/05/2013 18:07:40]
########## EOF - C:\AdwCleaner[R1].txt - [13440 octets] ##########
# AdwCleaner v2.301 - Log vytvooen 20/05/2013 v 18:07:40
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Speciální školy - 2K13
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\Users\Speciální školy\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : BrowserProtect
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\Partner
Složka Nalezeno : C:\Users\Speciální školy\AppData\Local\Conduit
Složka Nalezeno : C:\Users\Speciální školy\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\CT3220468
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Složka Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\Smartbar
Složka Nalezeno : C:\Users\SPECIL~1\AppData\Local\Temp\CT3220468
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_extensions.sqlite
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_prefs.js
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\Babylon.xml
Soubor Nalezeno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\BrowserProtect.xml
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Crossrider
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\BabylonToolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Cr_Installer
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\DataMngr_Toolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Nalezeno : HKCU\Software\52ede88b139ec12
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\52ede88b139ec12
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Klíe Nalezeno : HKU\S-1-5-21-685018000-2836272546-4105339031-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-685018000-2836272546-4105339031-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16483
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119816&babs ... 0F6E7C76ED
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\prefs.js
Nalezeno : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM1OTEyODQyOCwidXVpZCI6Njc5MzE1Mzg1MzIzNDI3LCJ[...]
Nalezeno : user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
Nalezeno : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Nalezeno : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Nalezeno : user_pref("CT3220468.FirstTime", "true");
Nalezeno : user_pref("CT3220468.FirstTimeFF3", "true");
Nalezeno : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Nalezeno : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Nalezeno : user_pref("CT3220468.UserID", "UN07933648579509895");
Nalezeno : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Nalezeno : user_pref("CT3220468.autoDisableScopes", -1);
Nalezeno : user_pref("CT3220468.browser.search.defaultthis.engineName", true);
Nalezeno : user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
Nalezeno : user_pref("CT3220468.cbfirsttime.enc", "RnJpIEphbiAyNSAyMDEzIDE2OjQwOjI4IEdNVCswMTAw");
Nalezeno : user_pref("CT3220468.defaultSearch", "true");
Nalezeno : user_pref("CT3220468.enableAlerts", "always");
Nalezeno : user_pref("CT3220468.enableFix404ByUser", "FALSE");
Nalezeno : user_pref("CT3220468.enableSearchFromAddressBar", "true");
Nalezeno : user_pref("CT3220468.firstTimeDialogOpened", "true");
Nalezeno : user_pref("CT3220468.fixPageNotFoundError", "true");
Nalezeno : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
Nalezeno : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Nalezeno : user_pref("CT3220468.fixUrls", true);
Nalezeno : user_pref("CT3220468.installType", "xpe");
Nalezeno : user_pref("CT3220468.isCheckedStartAsHidden", true);
Nalezeno : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Nalezeno : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Nalezeno : user_pref("CT3220468.isNewTabEnabled", false);
Nalezeno : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Nalezeno : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Nalezeno : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Nalezeno : user_pref("CT3220468.keyword", true);
Nalezeno : user_pref("CT3220468.lastVersion", "10.15.0.562");
Nalezeno : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2NTYwMzc4ODU1NQ==");
Nalezeno : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
Nalezeno : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
Nalezeno : user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Nalezeno : user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Nalezeno : user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5Iiw[...]
Nalezeno : user_pref("CT3220468.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Nalezeno : user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
Nalezeno : user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM2NTYwMzczNDAwMQ==");
Nalezeno : user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Nalezeno : user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Nalezeno : user_pref("CT3220468.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Nalezeno : user_pref("CT3220468.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Nalezeno : user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Nalezeno : user_pref("CT3220468.mam_gk_userId.enc", "MGI3OWVmZjQtZjEwYi00NjA1LTgyMGUtOGU0MzIxZTI4ODRj");
Nalezeno : user_pref("CT3220468.migrateAppsAndComponents", true);
Nalezeno : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Nalezeno : user_pref("CT3220468.openThankYouPage", "true");
Nalezeno : user_pref("CT3220468.openUninstallPage", "false");
Nalezeno : user_pref("CT3220468.revertSettingsEnabled", "false");
Nalezeno : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Nalezeno : user_pref("CT3220468.search.searchCount", "0");
Nalezeno : user_pref("CT3220468.searchInNewTabEnabled", "false");
Nalezeno : user_pref("CT3220468.searchInNewTabEnabledByUser", "false");
Nalezeno : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Nalezeno : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Nalezeno : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Nalezeno : user_pref("CT3220468.sendUsageEnabled", "false");
Nalezeno : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Nalezeno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Nalezeno : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359128426765");
Nalezeno : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1359128426543");
Nalezeno : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359128426993");
Nalezeno : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1369050634726");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1362423373544");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364317663975");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363188727166");
Nalezeno : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369065036256");
Nalezeno : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359128427047");
Nalezeno : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1359128425794");
Nalezeno : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1369050634447");
Nalezeno : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359128427299");
Nalezeno : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1369065035211");
Nalezeno : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1369050634793");
Nalezeno : user_pref("CT3220468.settingsINI", true);
Nalezeno : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Nalezeno : user_pref("CT3220468.showToolbarPermission", "false");
Nalezeno : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Nalezeno : user_pref("CT3220468.smartbar.Uninstall", "0");
Nalezeno : user_pref("CT3220468.smartbar.homepage", true);
Nalezeno : user_pref("CT3220468.smartbar.isHidden", true);
Nalezeno : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Nalezeno : user_pref("CT3220468.toolbarBornServerTime", "25-1-2013");
Nalezeno : user_pref("CT3220468.toolbarCurrentServerTime", "20-5-2013");
Nalezeno : user_pref("CT3220468.toolbarLoginClientTime", "Wed Mar 13 2013 18:25:47 GMT+0100");
Nalezeno : user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY3ovdXJsP3NhPXQmcmN0PWomcT10cmFj[...]
Nalezeno : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Nalezeno : user_pref("Smartbar.ConduitHomepagesList", "");
Nalezeno : user_pref("Smartbar.ConduitSearchEngineList", "");
Nalezeno : user_pref("Smartbar.ConduitSearchUrlList", "");
Nalezeno : user_pref("Smartbar.keywordURLSelectedCTID", "");
Nalezeno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntr[...]
Nalezeno : user_pref("avg.install.userSPSettings", "Delta Search");
Nalezeno : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119816&babs ... trId=980A4[...]
Nalezeno : user_pref("browser.search.order.1", "Delta Search");
Nalezeno : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13[...]
Nalezeno : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Nalezeno : user_pref("smartbar.machineId", "6K9EE3+XMPYESUWQ2GXDW3VNK5DOBUNZQ/FPH1ONA5H1IUDUJIRDOFP7NOXM/ABKATE[...]
Nalezeno : user_pref("smartbar.originalHomepage", "www.seznam.cz");
Nalezeno : user_pref("smartbar.originalSearchAddressUrl", "");
Nalezeno : user_pref("smartbar.originalSearchEngine", false);
-\\ Chromium v window_placement: {
bottom: 718
Soubor : C:\Users\Speciální školy\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13379 octets] - [20/05/2013 18:07:40]
########## EOF - C:\AdwCleaner[R1].txt - [13440 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Freeznutí ntb
Spusťte znovu ADWCleaner a klikněte na >Delete< (smazat). Vložte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Freeznutí ntb
# AdwCleaner v2.301 - Log vytvooen 20/05/2013 v 18:23:16
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Speciální školy - 2K13
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\Users\Speciální školy\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16483
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\prefs.js
[OK] Soubor je eistý.
-\\ Chromium v window_placement: {
bottom: 718
Soubor : C:\Users\Speciální školy\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13504 octets] - [20/05/2013 18:07:40]
AdwCleaner[R2].txt - [13565 octets] - [20/05/2013 18:18:00]
AdwCleaner[R3].txt - [1032 octets] - [20/05/2013 18:23:16]
AdwCleaner[S1].txt - [13361 octets] - [20/05/2013 18:18:10]
########## EOF - C:\AdwCleaner[R3].txt - [1153 octets] ##########
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Speciální školy - 2K13
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\Users\Speciální školy\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16483
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\prefs.js
[OK] Soubor je eistý.
-\\ Chromium v window_placement: {
bottom: 718
Soubor : C:\Users\Speciální školy\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13504 octets] - [20/05/2013 18:07:40]
AdwCleaner[R2].txt - [13565 octets] - [20/05/2013 18:18:00]
AdwCleaner[R3].txt - [1032 octets] - [20/05/2013 18:23:16]
AdwCleaner[S1].txt - [13361 octets] - [20/05/2013 18:18:10]
########## EOF - C:\AdwCleaner[R3].txt - [1153 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Freeznutí ntb
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Freeznutí ntb
Logfile of random's system information tool 1.09 (written by random/random)
Run by Speciální školy at 2013-05-20 19:16:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 252 GB (86%) free of 292 GB
Total RAM: 3959 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:25, on 20.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\Speciální školy\Desktop\adwcleaner.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files\trend micro\Speciální školy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner[S1].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Registrace NHL™ 09.lnk = C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11317 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Speciální školy\Desktop\adwcleaner.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[R3].txt
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1928.6d13f00.1603996685 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 1928 "\\.\pipe\gecko-crash-server-pipe.1928" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --proxy-stub-channel=Flash1196.71921D90.28365 --host-broker-channel=Flash1196.71921D90.11914 --host-pid=1196 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --channel=240.003BF4B0.799999852 --proxy-stub-channel=Flash1196.71921D90.28365 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Speciální školy\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5e03ff43-c80a-42f3-ac3b-308b7ee39f0d.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 935d397a-30d9-4369-b1dc-6b320c0f013b.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Seznam.chromeUpdatePref"=C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-15 5622512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner[S1].txt [2013-05-20 13361]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-28 265984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
C:\Users\Speciální školy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Registrace NHL™ 09.lnk - C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-20 18:23:16 ----A---- C:\AdwCleaner[R3].txt
2013-05-20 18:18:10 ----A---- C:\AdwCleaner[S1].txt
2013-05-20 18:18:00 ----A---- C:\AdwCleaner[R2].txt
2013-05-20 18:07:40 ----A---- C:\AdwCleaner[R1].txt
2013-05-20 13:51:25 ----D---- C:\rsit
2013-05-20 13:51:25 ----D---- C:\Program Files\trend micro
2013-05-20 13:35:50 ----D---- C:\e0d0010b33ed6a872a
2013-05-19 15:35:07 ----D---- C:\3cb4926896905ecf320a5571f3
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\GUMCBC.tmp
2013-05-18 15:52:44 ----A---- C:\Program Files (x86)\GUTCBD.tmp
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-05-18 15:52:41 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-05-18 15:52:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-05-18 15:52:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\aswBoot.exe
2013-05-18 15:52:00 ----A---- C:\Windows\avastSS.scr
2013-05-18 15:51:36 ----D---- C:\Program Files\AVAST Software
2013-05-18 15:27:57 ----D---- C:\ProgramData\AVAST Software
2013-05-18 14:03:25 ----D---- C:\Users\Speciální školy\AppData\Roaming\SUPERAntiSpyware.com
2013-05-18 14:03:00 ----D---- C:\Program Files\SUPERAntiSpyware
2013-05-18 14:02:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-05-18 11:55:33 ----D---- C:\Windows\Minidump
2013-05-18 10:15:30 ----D---- C:\Users\Speciální školy\AppData\Roaming\Hard Disk Sentinel
2013-05-18 10:15:22 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-05-17 15:40:21 ----A---- C:\Windows\ntbtlog.txt
2013-05-16 15:35:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-16 15:35:37 ----A---- C:\Windows\system32\mshtml.dll
2013-05-16 15:34:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-16 15:34:18 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-16 15:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-16 15:34:15 ----A---- C:\Windows\system32\iertutil.dll
2013-05-16 15:34:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-16 15:34:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieui.dll
2013-05-16 15:34:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\url.dll
2013-05-16 15:34:09 ----A---- C:\Windows\system32\jscript9.dll
2013-05-16 15:34:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\system32\wininet.dll
2013-05-16 15:34:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-16 15:34:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-16 15:34:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\vbscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\jscript.dll
2013-05-16 15:34:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-16 15:33:57 ----A---- C:\Windows\system32\ieframe.dll
2013-05-16 15:33:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-16 15:31:03 ----D---- C:\ProgramData\Arcade Lab
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\Extensions
2013-04-24 14:10:17 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 1 month======
2013-05-20 19:16:25 ----D---- C:\Windows\Temp
2013-05-20 18:25:13 ----D---- C:\Windows\System32
2013-05-20 18:25:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-20 18:25:12 ----D---- C:\Windows\inf
2013-05-20 18:19:59 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-20 18:18:17 ----RD---- C:\Program Files (x86)
2013-05-20 18:18:17 ----HD---- C:\ProgramData
2013-05-20 13:51:25 ----RD---- C:\Program Files
2013-05-20 13:35:41 ----SHD---- C:\System Volume Information
2013-05-20 13:35:00 ----D---- C:\Windows\system32\config
2013-05-20 13:34:57 ----D---- C:\Windows\Prefetch
2013-05-20 13:31:02 ----D---- C:\Windows\system32\Tasks
2013-05-19 13:09:07 ----D---- C:\Windows\Microsoft.NET
2013-05-19 12:17:06 ----D---- C:\Windows\system32\LogFiles
2013-05-18 19:08:07 ----SHD---- C:\Windows\Installer
2013-05-18 15:59:55 ----D---- C:\Windows\system32\catroot2
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\Google
2013-05-18 15:52:42 ----D---- C:\Windows\system32\drivers
2013-05-18 15:52:36 ----D---- C:\Windows\SysWOW64
2013-05-18 15:52:00 ----D---- C:\Windows
2013-05-18 15:22:42 ----D---- C:\Windows\system32\wdi
2013-05-18 15:03:07 ----D---- C:\Windows\system32\catroot
2013-05-18 14:03:33 ----D---- C:\Windows\Tasks
2013-05-18 10:22:50 ----D---- C:\Windows\Downloaded Installations
2013-05-18 10:16:14 ----SD---- C:\Users\Speciální školy\AppData\Roaming\Microsoft
2013-05-18 10:16:14 ----SD---- C:\ProgramData\Microsoft
2013-05-17 22:50:33 ----RSD---- C:\Windows\assembly
2013-05-17 20:14:52 ----D---- C:\Users\Speciální školy\AppData\Roaming\Seznam.cz
2013-05-17 20:14:15 ----D---- C:\Program Files (x86)\WinRAR
2013-05-17 20:12:48 ----D---- C:\Program Files\Google
2013-05-17 20:09:17 ----D---- C:\Program Files (x86)\VideoLAN
2013-05-17 20:09:00 ----D---- C:\Users\Speciální školy\AppData\Roaming\uTorrent
2013-05-17 20:06:48 ----D---- C:\ProgramData\Google
2013-05-17 19:50:37 ----D---- C:\Windows\system32\DriverStore
2013-05-16 18:38:34 ----D---- C:\Windows\winsxs
2013-05-16 18:37:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-16 18:37:47 ----D---- C:\Windows\SYSWOW64\migration
2013-05-16 18:37:47 ----D---- C:\Windows\system32\migration
2013-05-16 18:37:46 ----D---- C:\Program Files\Internet Explorer
2013-05-16 15:41:36 ----AD---- C:\ProgramData\Temp
2013-05-16 15:36:27 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 14:25:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-05 22:17:08 ----D---- C:\Users\Speciální školy\AppData\Roaming\Mumble
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 17:33:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-30 17:49:57 ----D---- C:\Windows\system32\NDF
2013-04-30 10:23:47 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 1025808]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 378432]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-08 143088]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-06 1255736]
-----------------EOF-----------------
Run by Speciální školy at 2013-05-20 19:16:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 252 GB (86%) free of 292 GB
Total RAM: 3959 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:25, on 20.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\Speciální školy\Desktop\adwcleaner.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files\trend micro\Speciální školy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner[S1].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Registrace NHL™ 09.lnk = C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11317 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Speciální školy\Desktop\adwcleaner.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[R3].txt
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1928.6d13f00.1603996685 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 1928 "\\.\pipe\gecko-crash-server-pipe.1928" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --proxy-stub-channel=Flash1196.71921D90.28365 --host-broker-channel=Flash1196.71921D90.11914 --host-pid=1196 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --channel=240.003BF4B0.799999852 --proxy-stub-channel=Flash1196.71921D90.28365 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Speciální školy\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5e03ff43-c80a-42f3-ac3b-308b7ee39f0d.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 935d397a-30d9-4369-b1dc-6b320c0f013b.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Seznam.chromeUpdatePref"=C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-15 5622512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner[S1].txt [2013-05-20 13361]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-28 265984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
C:\Users\Speciální školy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Registrace NHL™ 09.lnk - C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-20 18:23:16 ----A---- C:\AdwCleaner[R3].txt
2013-05-20 18:18:10 ----A---- C:\AdwCleaner[S1].txt
2013-05-20 18:18:00 ----A---- C:\AdwCleaner[R2].txt
2013-05-20 18:07:40 ----A---- C:\AdwCleaner[R1].txt
2013-05-20 13:51:25 ----D---- C:\rsit
2013-05-20 13:51:25 ----D---- C:\Program Files\trend micro
2013-05-20 13:35:50 ----D---- C:\e0d0010b33ed6a872a
2013-05-19 15:35:07 ----D---- C:\3cb4926896905ecf320a5571f3
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\GUMCBC.tmp
2013-05-18 15:52:44 ----A---- C:\Program Files (x86)\GUTCBD.tmp
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-05-18 15:52:41 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-05-18 15:52:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-05-18 15:52:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\aswBoot.exe
2013-05-18 15:52:00 ----A---- C:\Windows\avastSS.scr
2013-05-18 15:51:36 ----D---- C:\Program Files\AVAST Software
2013-05-18 15:27:57 ----D---- C:\ProgramData\AVAST Software
2013-05-18 14:03:25 ----D---- C:\Users\Speciální školy\AppData\Roaming\SUPERAntiSpyware.com
2013-05-18 14:03:00 ----D---- C:\Program Files\SUPERAntiSpyware
2013-05-18 14:02:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-05-18 11:55:33 ----D---- C:\Windows\Minidump
2013-05-18 10:15:30 ----D---- C:\Users\Speciální školy\AppData\Roaming\Hard Disk Sentinel
2013-05-18 10:15:22 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-05-17 15:40:21 ----A---- C:\Windows\ntbtlog.txt
2013-05-16 15:35:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-16 15:35:37 ----A---- C:\Windows\system32\mshtml.dll
2013-05-16 15:34:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-16 15:34:18 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-16 15:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-16 15:34:15 ----A---- C:\Windows\system32\iertutil.dll
2013-05-16 15:34:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-16 15:34:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieui.dll
2013-05-16 15:34:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\url.dll
2013-05-16 15:34:09 ----A---- C:\Windows\system32\jscript9.dll
2013-05-16 15:34:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\system32\wininet.dll
2013-05-16 15:34:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-16 15:34:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-16 15:34:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\vbscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\jscript.dll
2013-05-16 15:34:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-16 15:33:57 ----A---- C:\Windows\system32\ieframe.dll
2013-05-16 15:33:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-16 15:31:03 ----D---- C:\ProgramData\Arcade Lab
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\Extensions
2013-04-24 14:10:17 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 1 month======
2013-05-20 19:16:25 ----D---- C:\Windows\Temp
2013-05-20 18:25:13 ----D---- C:\Windows\System32
2013-05-20 18:25:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-20 18:25:12 ----D---- C:\Windows\inf
2013-05-20 18:19:59 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-20 18:18:17 ----RD---- C:\Program Files (x86)
2013-05-20 18:18:17 ----HD---- C:\ProgramData
2013-05-20 13:51:25 ----RD---- C:\Program Files
2013-05-20 13:35:41 ----SHD---- C:\System Volume Information
2013-05-20 13:35:00 ----D---- C:\Windows\system32\config
2013-05-20 13:34:57 ----D---- C:\Windows\Prefetch
2013-05-20 13:31:02 ----D---- C:\Windows\system32\Tasks
2013-05-19 13:09:07 ----D---- C:\Windows\Microsoft.NET
2013-05-19 12:17:06 ----D---- C:\Windows\system32\LogFiles
2013-05-18 19:08:07 ----SHD---- C:\Windows\Installer
2013-05-18 15:59:55 ----D---- C:\Windows\system32\catroot2
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\Google
2013-05-18 15:52:42 ----D---- C:\Windows\system32\drivers
2013-05-18 15:52:36 ----D---- C:\Windows\SysWOW64
2013-05-18 15:52:00 ----D---- C:\Windows
2013-05-18 15:22:42 ----D---- C:\Windows\system32\wdi
2013-05-18 15:03:07 ----D---- C:\Windows\system32\catroot
2013-05-18 14:03:33 ----D---- C:\Windows\Tasks
2013-05-18 10:22:50 ----D---- C:\Windows\Downloaded Installations
2013-05-18 10:16:14 ----SD---- C:\Users\Speciální školy\AppData\Roaming\Microsoft
2013-05-18 10:16:14 ----SD---- C:\ProgramData\Microsoft
2013-05-17 22:50:33 ----RSD---- C:\Windows\assembly
2013-05-17 20:14:52 ----D---- C:\Users\Speciální školy\AppData\Roaming\Seznam.cz
2013-05-17 20:14:15 ----D---- C:\Program Files (x86)\WinRAR
2013-05-17 20:12:48 ----D---- C:\Program Files\Google
2013-05-17 20:09:17 ----D---- C:\Program Files (x86)\VideoLAN
2013-05-17 20:09:00 ----D---- C:\Users\Speciální školy\AppData\Roaming\uTorrent
2013-05-17 20:06:48 ----D---- C:\ProgramData\Google
2013-05-17 19:50:37 ----D---- C:\Windows\system32\DriverStore
2013-05-16 18:38:34 ----D---- C:\Windows\winsxs
2013-05-16 18:37:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-16 18:37:47 ----D---- C:\Windows\SYSWOW64\migration
2013-05-16 18:37:47 ----D---- C:\Windows\system32\migration
2013-05-16 18:37:46 ----D---- C:\Program Files\Internet Explorer
2013-05-16 15:41:36 ----AD---- C:\ProgramData\Temp
2013-05-16 15:36:27 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 14:25:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-05 22:17:08 ----D---- C:\Users\Speciální školy\AppData\Roaming\Mumble
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 17:33:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-30 17:49:57 ----D---- C:\Windows\system32\NDF
2013-04-30 10:23:47 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 1025808]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 378432]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-08 143088]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-06 1255736]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Freeznutí ntb
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\GUMCBC.tmp
C:\Program Files (x86)\GUTCBD.tmp
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Freeznutí ntb
Logfile of random's system information tool 1.09 (written by random/random)
Run by Speciální školy at 2013-05-20 19:30:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 253 GB (87%) free of 292 GB
Total RAM: 3959 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:05, on 20.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files\trend micro\Speciální školy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Speciální školy\Desktop\OTM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner[S1].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Registrace NHL™ 09.lnk = C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11053 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Users\Speciální školy\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5e03ff43-c80a-42f3-ac3b-308b7ee39f0d.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 935d397a-30d9-4369-b1dc-6b320c0f013b.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Seznam.chromeUpdatePref"=C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-15 5622512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner[S1].txt [2013-05-20 13361]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-28 265984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\Speciální školy\Desktop\OTM.exe [2013-05-20 522240]
C:\Users\Speciální školy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Registrace NHL™ 09.lnk - C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-20 19:26:53 ----D---- C:\_OTM
2013-05-20 18:23:16 ----A---- C:\AdwCleaner[R3].txt
2013-05-20 18:18:10 ----A---- C:\AdwCleaner[S1].txt
2013-05-20 18:18:00 ----A---- C:\AdwCleaner[R2].txt
2013-05-20 18:07:40 ----A---- C:\AdwCleaner[R1].txt
2013-05-20 13:51:25 ----D---- C:\rsit
2013-05-20 13:51:25 ----D---- C:\Program Files\trend micro
2013-05-20 13:35:50 ----D---- C:\e0d0010b33ed6a872a
2013-05-19 15:35:07 ----D---- C:\3cb4926896905ecf320a5571f3
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-05-18 15:52:41 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-05-18 15:52:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-05-18 15:52:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\aswBoot.exe
2013-05-18 15:52:00 ----A---- C:\Windows\avastSS.scr
2013-05-18 15:51:36 ----D---- C:\Program Files\AVAST Software
2013-05-18 15:27:57 ----D---- C:\ProgramData\AVAST Software
2013-05-18 14:03:25 ----D---- C:\Users\Speciální školy\AppData\Roaming\SUPERAntiSpyware.com
2013-05-18 14:03:00 ----D---- C:\Program Files\SUPERAntiSpyware
2013-05-18 14:02:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-05-18 11:55:33 ----D---- C:\Windows\Minidump
2013-05-18 10:15:30 ----D---- C:\Users\Speciální školy\AppData\Roaming\Hard Disk Sentinel
2013-05-18 10:15:22 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-05-17 15:40:21 ----A---- C:\Windows\ntbtlog.txt
2013-05-16 15:35:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-16 15:35:37 ----A---- C:\Windows\system32\mshtml.dll
2013-05-16 15:34:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-16 15:34:18 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-16 15:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-16 15:34:15 ----A---- C:\Windows\system32\iertutil.dll
2013-05-16 15:34:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-16 15:34:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieui.dll
2013-05-16 15:34:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\url.dll
2013-05-16 15:34:09 ----A---- C:\Windows\system32\jscript9.dll
2013-05-16 15:34:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\system32\wininet.dll
2013-05-16 15:34:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-16 15:34:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-16 15:34:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\vbscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\jscript.dll
2013-05-16 15:34:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-16 15:33:57 ----A---- C:\Windows\system32\ieframe.dll
2013-05-16 15:33:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-16 15:31:03 ----D---- C:\ProgramData\Arcade Lab
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\Extensions
2013-04-24 14:10:17 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 1 month======
2013-05-20 19:29:16 ----D---- C:\Windows\Temp
2013-05-20 19:29:16 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-20 19:26:53 ----RD---- C:\Program Files (x86)
2013-05-20 19:26:53 ----D---- C:\Windows\Tasks
2013-05-20 18:25:13 ----D---- C:\Windows\System32
2013-05-20 18:25:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-20 18:25:12 ----D---- C:\Windows\inf
2013-05-20 18:18:17 ----HD---- C:\ProgramData
2013-05-20 13:51:25 ----RD---- C:\Program Files
2013-05-20 13:35:41 ----SHD---- C:\System Volume Information
2013-05-20 13:35:00 ----D---- C:\Windows\system32\config
2013-05-20 13:34:57 ----D---- C:\Windows\Prefetch
2013-05-20 13:31:02 ----D---- C:\Windows\system32\Tasks
2013-05-19 13:09:07 ----D---- C:\Windows\Microsoft.NET
2013-05-19 12:17:06 ----D---- C:\Windows\system32\LogFiles
2013-05-18 19:08:07 ----SHD---- C:\Windows\Installer
2013-05-18 15:59:55 ----D---- C:\Windows\system32\catroot2
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\Google
2013-05-18 15:52:42 ----D---- C:\Windows\system32\drivers
2013-05-18 15:52:36 ----D---- C:\Windows\SysWOW64
2013-05-18 15:52:00 ----D---- C:\Windows
2013-05-18 15:22:42 ----D---- C:\Windows\system32\wdi
2013-05-18 15:03:07 ----D---- C:\Windows\system32\catroot
2013-05-18 10:22:50 ----D---- C:\Windows\Downloaded Installations
2013-05-18 10:16:14 ----SD---- C:\Users\Speciální školy\AppData\Roaming\Microsoft
2013-05-18 10:16:14 ----SD---- C:\ProgramData\Microsoft
2013-05-17 22:50:33 ----RSD---- C:\Windows\assembly
2013-05-17 20:14:52 ----D---- C:\Users\Speciální školy\AppData\Roaming\Seznam.cz
2013-05-17 20:14:15 ----D---- C:\Program Files (x86)\WinRAR
2013-05-17 20:12:48 ----D---- C:\Program Files\Google
2013-05-17 20:09:17 ----D---- C:\Program Files (x86)\VideoLAN
2013-05-17 20:09:00 ----D---- C:\Users\Speciální školy\AppData\Roaming\uTorrent
2013-05-17 20:06:48 ----D---- C:\ProgramData\Google
2013-05-17 19:50:37 ----D---- C:\Windows\system32\DriverStore
2013-05-16 18:38:34 ----D---- C:\Windows\winsxs
2013-05-16 18:37:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-16 18:37:47 ----D---- C:\Windows\SYSWOW64\migration
2013-05-16 18:37:47 ----D---- C:\Windows\system32\migration
2013-05-16 18:37:46 ----D---- C:\Program Files\Internet Explorer
2013-05-16 15:41:36 ----AD---- C:\ProgramData\Temp
2013-05-16 15:36:27 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 14:25:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-05 22:17:08 ----D---- C:\Users\Speciální školy\AppData\Roaming\Mumble
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 17:33:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-30 17:49:57 ----D---- C:\Windows\system32\NDF
2013-04-30 10:23:47 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 1025808]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 378432]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-08 143088]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-06 1255736]
-----------------EOF-----------------
Run by Speciální školy at 2013-05-20 19:30:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 253 GB (87%) free of 292 GB
Total RAM: 3959 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:05, on 20.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files\trend micro\Speciální školy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772269o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Speciální školy\Desktop\OTM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner[S1].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Registrace NHL™ 09.lnk = C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11053 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Users\Speciální školy\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5e03ff43-c80a-42f3-ac3b-308b7ee39f0d.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 935d397a-30d9-4369-b1dc-6b320c0f013b.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\
utorrentcontrolv2-customized-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-06-11 861216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Seznam.chromeUpdatePref"=C:\Users\Speciální školy\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-15 5622512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner[S1].txt [2013-05-20 13361]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-28 265984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-06-22 968272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\Speciální školy\Desktop\OTM.exe [2013-05-20 522240]
C:\Users\Speciální školy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Registrace NHL™ 09.lnk - C:\Program Files (x86)\EA Sports\NHL 09\Support\EAregister.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-20 19:26:53 ----D---- C:\_OTM
2013-05-20 18:23:16 ----A---- C:\AdwCleaner[R3].txt
2013-05-20 18:18:10 ----A---- C:\AdwCleaner[S1].txt
2013-05-20 18:18:00 ----A---- C:\AdwCleaner[R2].txt
2013-05-20 18:07:40 ----A---- C:\AdwCleaner[R1].txt
2013-05-20 13:51:25 ----D---- C:\rsit
2013-05-20 13:51:25 ----D---- C:\Program Files\trend micro
2013-05-20 13:35:50 ----D---- C:\e0d0010b33ed6a872a
2013-05-19 15:35:07 ----D---- C:\3cb4926896905ecf320a5571f3
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-05-18 15:52:42 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-05-18 15:52:41 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-05-18 15:52:40 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-05-18 15:52:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-05-18 15:52:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-05-18 15:52:36 ----A---- C:\Windows\system32\aswBoot.exe
2013-05-18 15:52:00 ----A---- C:\Windows\avastSS.scr
2013-05-18 15:51:36 ----D---- C:\Program Files\AVAST Software
2013-05-18 15:27:57 ----D---- C:\ProgramData\AVAST Software
2013-05-18 14:03:25 ----D---- C:\Users\Speciální školy\AppData\Roaming\SUPERAntiSpyware.com
2013-05-18 14:03:00 ----D---- C:\Program Files\SUPERAntiSpyware
2013-05-18 14:02:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-05-18 11:55:33 ----D---- C:\Windows\Minidump
2013-05-18 10:15:30 ----D---- C:\Users\Speciální školy\AppData\Roaming\Hard Disk Sentinel
2013-05-18 10:15:22 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2013-05-17 15:40:21 ----A---- C:\Windows\ntbtlog.txt
2013-05-16 15:35:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-16 15:35:37 ----A---- C:\Windows\system32\mshtml.dll
2013-05-16 15:34:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-16 15:34:18 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-16 15:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-16 15:34:15 ----A---- C:\Windows\system32\iertutil.dll
2013-05-16 15:34:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-16 15:34:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-16 15:34:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-16 15:34:11 ----A---- C:\Windows\system32\ieui.dll
2013-05-16 15:34:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\urlmon.dll
2013-05-16 15:34:10 ----A---- C:\Windows\system32\url.dll
2013-05-16 15:34:09 ----A---- C:\Windows\system32\jscript9.dll
2013-05-16 15:34:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-16 15:34:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-16 15:34:07 ----A---- C:\Windows\system32\wininet.dll
2013-05-16 15:34:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-16 15:34:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-16 15:34:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\vbscript.dll
2013-05-16 15:34:04 ----A---- C:\Windows\system32\jscript.dll
2013-05-16 15:34:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-16 15:33:57 ----A---- C:\Windows\system32\ieframe.dll
2013-05-16 15:33:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-16 15:31:03 ----D---- C:\ProgramData\Arcade Lab
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-04-24 20:35:26 ----D---- C:\Windows\SYSWOW64\Extensions
2013-04-24 14:10:17 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 1 month======
2013-05-20 19:29:16 ----D---- C:\Windows\Temp
2013-05-20 19:29:16 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-20 19:26:53 ----RD---- C:\Program Files (x86)
2013-05-20 19:26:53 ----D---- C:\Windows\Tasks
2013-05-20 18:25:13 ----D---- C:\Windows\System32
2013-05-20 18:25:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-20 18:25:12 ----D---- C:\Windows\inf
2013-05-20 18:18:17 ----HD---- C:\ProgramData
2013-05-20 13:51:25 ----RD---- C:\Program Files
2013-05-20 13:35:41 ----SHD---- C:\System Volume Information
2013-05-20 13:35:00 ----D---- C:\Windows\system32\config
2013-05-20 13:34:57 ----D---- C:\Windows\Prefetch
2013-05-20 13:31:02 ----D---- C:\Windows\system32\Tasks
2013-05-19 13:09:07 ----D---- C:\Windows\Microsoft.NET
2013-05-19 12:17:06 ----D---- C:\Windows\system32\LogFiles
2013-05-18 19:08:07 ----SHD---- C:\Windows\Installer
2013-05-18 15:59:55 ----D---- C:\Windows\system32\catroot2
2013-05-18 15:52:44 ----D---- C:\Program Files (x86)\Google
2013-05-18 15:52:42 ----D---- C:\Windows\system32\drivers
2013-05-18 15:52:36 ----D---- C:\Windows\SysWOW64
2013-05-18 15:52:00 ----D---- C:\Windows
2013-05-18 15:22:42 ----D---- C:\Windows\system32\wdi
2013-05-18 15:03:07 ----D---- C:\Windows\system32\catroot
2013-05-18 10:22:50 ----D---- C:\Windows\Downloaded Installations
2013-05-18 10:16:14 ----SD---- C:\Users\Speciální školy\AppData\Roaming\Microsoft
2013-05-18 10:16:14 ----SD---- C:\ProgramData\Microsoft
2013-05-17 22:50:33 ----RSD---- C:\Windows\assembly
2013-05-17 20:14:52 ----D---- C:\Users\Speciální školy\AppData\Roaming\Seznam.cz
2013-05-17 20:14:15 ----D---- C:\Program Files (x86)\WinRAR
2013-05-17 20:12:48 ----D---- C:\Program Files\Google
2013-05-17 20:09:17 ----D---- C:\Program Files (x86)\VideoLAN
2013-05-17 20:09:00 ----D---- C:\Users\Speciální školy\AppData\Roaming\uTorrent
2013-05-17 20:06:48 ----D---- C:\ProgramData\Google
2013-05-17 19:50:37 ----D---- C:\Windows\system32\DriverStore
2013-05-16 18:38:34 ----D---- C:\Windows\winsxs
2013-05-16 18:37:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-16 18:37:47 ----D---- C:\Windows\SYSWOW64\migration
2013-05-16 18:37:47 ----D---- C:\Windows\system32\migration
2013-05-16 18:37:46 ----D---- C:\Program Files\Internet Explorer
2013-05-16 15:41:36 ----AD---- C:\ProgramData\Temp
2013-05-16 15:36:27 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 14:25:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-05 22:17:08 ----D---- C:\Users\Speciální školy\AppData\Roaming\Mumble
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 17:33:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-30 17:49:57 ----D---- C:\Windows\system32\NDF
2013-04-30 10:23:47 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 1025808]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 378432]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-08 143088]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-13 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-18 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-06 1255736]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Freeznutí ntb
Dvouklikem na soubor C:\Program Files\trend micro\Speciální školy.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O20 - AppInit_DLLs:
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Freeznutí ntb
# AdwCleaner v2.301 - Log vytvooen 20/05/2013 v 18:18:10
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Speciální školy - 2K13
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\Users\Speciální školy\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : BrowserProtect
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\BrowserProtect
Složka Vymazáno : C:\ProgramData\Partner
Složka Vymazáno : C:\Users\Speciální školy\AppData\Local\Conduit
Složka Vymazáno : C:\Users\Speciální školy\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\CT3220468
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\Smartbar
Složka Vymazáno : C:\Users\SPECIL~1\AppData\Local\Temp\CT3220468
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_extensions.sqlite
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_prefs.js
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\Babylon.xml
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\BrowserProtect.xml
***** [Registry] *****
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Cr_Installer
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\DataMngr_Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\52ede88b139ec12
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\52ede88b139ec12
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16483
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119816&babs ... 0F6E7C76ED --> hxxp://www.google.com
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\prefs.js
Vymazáno : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM1OTEyODQyOCwidXVpZCI6Njc5MzE1Mzg1MzIzNDI3LCJ[...]
Vymazáno : user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
Vymazáno : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Vymazáno : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Vymazáno : user_pref("CT3220468.FirstTime", "true");
Vymazáno : user_pref("CT3220468.FirstTimeFF3", "true");
Vymazáno : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Vymazáno : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Vymazáno : user_pref("CT3220468.UserID", "UN07933648579509895");
Vymazáno : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Vymazáno : user_pref("CT3220468.autoDisableScopes", -1);
Vymazáno : user_pref("CT3220468.browser.search.defaultthis.engineName", true);
Vymazáno : user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
Vymazáno : user_pref("CT3220468.cbfirsttime.enc", "RnJpIEphbiAyNSAyMDEzIDE2OjQwOjI4IEdNVCswMTAw");
Vymazáno : user_pref("CT3220468.defaultSearch", "true");
Vymazáno : user_pref("CT3220468.enableAlerts", "always");
Vymazáno : user_pref("CT3220468.enableFix404ByUser", "FALSE");
Vymazáno : user_pref("CT3220468.enableSearchFromAddressBar", "true");
Vymazáno : user_pref("CT3220468.firstTimeDialogOpened", "true");
Vymazáno : user_pref("CT3220468.fixPageNotFoundError", "true");
Vymazáno : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
Vymazáno : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Vymazáno : user_pref("CT3220468.fixUrls", true);
Vymazáno : user_pref("CT3220468.installType", "xpe");
Vymazáno : user_pref("CT3220468.isCheckedStartAsHidden", true);
Vymazáno : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Vymazáno : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Vymazáno : user_pref("CT3220468.isNewTabEnabled", false);
Vymazáno : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Vymazáno : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Vymazáno : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Vymazáno : user_pref("CT3220468.keyword", true);
Vymazáno : user_pref("CT3220468.lastVersion", "10.15.0.562");
Vymazáno : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2NTYwMzc4ODU1NQ==");
Vymazáno : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
Vymazáno : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
Vymazáno : user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Vymazáno : user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Vymazáno : user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5Iiw[...]
Vymazáno : user_pref("CT3220468.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Vymazáno : user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
Vymazáno : user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM2NTYwMzczNDAwMQ==");
Vymazáno : user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Vymazáno : user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Vymazáno : user_pref("CT3220468.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Vymazáno : user_pref("CT3220468.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Vymazáno : user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Vymazáno : user_pref("CT3220468.mam_gk_userId.enc", "MGI3OWVmZjQtZjEwYi00NjA1LTgyMGUtOGU0MzIxZTI4ODRj");
Vymazáno : user_pref("CT3220468.migrateAppsAndComponents", true);
Vymazáno : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Vymazáno : user_pref("CT3220468.openThankYouPage", "true");
Vymazáno : user_pref("CT3220468.openUninstallPage", "false");
Vymazáno : user_pref("CT3220468.revertSettingsEnabled", "false");
Vymazáno : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Vymazáno : user_pref("CT3220468.search.searchCount", "0");
Vymazáno : user_pref("CT3220468.searchInNewTabEnabled", "false");
Vymazáno : user_pref("CT3220468.searchInNewTabEnabledByUser", "false");
Vymazáno : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Vymazáno : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Vymazáno : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Vymazáno : user_pref("CT3220468.sendUsageEnabled", "false");
Vymazáno : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Vymazáno : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359128426765");
Vymazáno : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1359128426543");
Vymazáno : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359128426993");
Vymazáno : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1369050634726");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1362423373544");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364317663975");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363188727166");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369065036256");
Vymazáno : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359128427047");
Vymazáno : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1359128425794");
Vymazáno : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1369050634447");
Vymazáno : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359128427299");
Vymazáno : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1369065035211");
Vymazáno : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1369050634793");
Vymazáno : user_pref("CT3220468.settingsINI", true);
Vymazáno : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Vymazáno : user_pref("CT3220468.showToolbarPermission", "false");
Vymazáno : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Vymazáno : user_pref("CT3220468.smartbar.Uninstall", "0");
Vymazáno : user_pref("CT3220468.smartbar.homepage", true);
Vymazáno : user_pref("CT3220468.smartbar.isHidden", true);
Vymazáno : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Vymazáno : user_pref("CT3220468.toolbarBornServerTime", "25-1-2013");
Vymazáno : user_pref("CT3220468.toolbarCurrentServerTime", "20-5-2013");
Vymazáno : user_pref("CT3220468.toolbarLoginClientTime", "Wed Mar 13 2013 18:25:47 GMT+0100");
Vymazáno : user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY3ovdXJsP3NhPXQmcmN0PWomcT10cmFj[...]
Vymazáno : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazáno : user_pref("Smartbar.ConduitHomepagesList", "");
Vymazáno : user_pref("Smartbar.ConduitSearchEngineList", "");
Vymazáno : user_pref("Smartbar.ConduitSearchUrlList", "");
Vymazáno : user_pref("Smartbar.keywordURLSelectedCTID", "");
Vymazáno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntr[...]
Vymazáno : user_pref("avg.install.userSPSettings", "Delta Search");
Vymazáno : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119816&babs ... trId=980A4[...]
Vymazáno : user_pref("browser.search.order.1", "Delta Search");
Vymazáno : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13[...]
Vymazáno : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Vymazáno : user_pref("smartbar.machineId", "6K9EE3+XMPYESUWQ2GXDW3VNK5DOBUNZQ/FPH1ONA5H1IUDUJIRDOFP7NOXM/ABKATE[...]
Vymazáno : user_pref("smartbar.originalHomepage", "www.seznam.cz");
Vymazáno : user_pref("smartbar.originalSearchAddressUrl", "");
Vymazáno : user_pref("smartbar.originalSearchEngine", false);
-\\ Chromium v window_placement: {
bottom: 718
Soubor : C:\Users\Speciální školy\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13504 octets] - [20/05/2013 18:07:40]
AdwCleaner[R2].txt - [13565 octets] - [20/05/2013 18:18:00]
AdwCleaner[S1].txt - [13236 octets] - [20/05/2013 18:18:10]
########## EOF - C:\AdwCleaner[S1].txt - [13297 octets] ##########
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Speciální školy - 2K13
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\Users\Speciální školy\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : BrowserProtect
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\BrowserProtect
Složka Vymazáno : C:\ProgramData\Partner
Složka Vymazáno : C:\Users\Speciální školy\AppData\Local\Conduit
Složka Vymazáno : C:\Users\Speciální školy\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\CT3220468
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Složka Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\Smartbar
Složka Vymazáno : C:\Users\SPECIL~1\AppData\Local\Temp\CT3220468
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_extensions.sqlite
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\bprotector_prefs.js
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\Babylon.xml
Soubor Vymazáno : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\searchplugins\BrowserProtect.xml
***** [Registry] *****
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Cr_Installer
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\DataMngr_Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\52ede88b139ec12
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\52ede88b139ec12
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16483
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119816&babs ... 0F6E7C76ED --> hxxp://www.google.com
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Speciální školy\AppData\Roaming\Mozilla\Firefox\Profiles\cvzwlnwz.default\prefs.js
Vymazáno : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM1OTEyODQyOCwidXVpZCI6Njc5MzE1Mzg1MzIzNDI3LCJ[...]
Vymazáno : user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
Vymazáno : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Vymazáno : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Vymazáno : user_pref("CT3220468.FirstTime", "true");
Vymazáno : user_pref("CT3220468.FirstTimeFF3", "true");
Vymazáno : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Vymazáno : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Vymazáno : user_pref("CT3220468.UserID", "UN07933648579509895");
Vymazáno : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Vymazáno : user_pref("CT3220468.autoDisableScopes", -1);
Vymazáno : user_pref("CT3220468.browser.search.defaultthis.engineName", true);
Vymazáno : user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
Vymazáno : user_pref("CT3220468.cbfirsttime.enc", "RnJpIEphbiAyNSAyMDEzIDE2OjQwOjI4IEdNVCswMTAw");
Vymazáno : user_pref("CT3220468.defaultSearch", "true");
Vymazáno : user_pref("CT3220468.enableAlerts", "always");
Vymazáno : user_pref("CT3220468.enableFix404ByUser", "FALSE");
Vymazáno : user_pref("CT3220468.enableSearchFromAddressBar", "true");
Vymazáno : user_pref("CT3220468.firstTimeDialogOpened", "true");
Vymazáno : user_pref("CT3220468.fixPageNotFoundError", "true");
Vymazáno : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
Vymazáno : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Vymazáno : user_pref("CT3220468.fixUrls", true);
Vymazáno : user_pref("CT3220468.installType", "xpe");
Vymazáno : user_pref("CT3220468.isCheckedStartAsHidden", true);
Vymazáno : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Vymazáno : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Vymazáno : user_pref("CT3220468.isNewTabEnabled", false);
Vymazáno : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Vymazáno : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Vymazáno : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Vymazáno : user_pref("CT3220468.keyword", true);
Vymazáno : user_pref("CT3220468.lastVersion", "10.15.0.562");
Vymazáno : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2NTYwMzc4ODU1NQ==");
Vymazáno : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
Vymazáno : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
Vymazáno : user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Vymazáno : user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Vymazáno : user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5Iiw[...]
Vymazáno : user_pref("CT3220468.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Vymazáno : user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
Vymazáno : user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM2NTYwMzczNDAwMQ==");
Vymazáno : user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Vymazáno : user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Vymazáno : user_pref("CT3220468.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Vymazáno : user_pref("CT3220468.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Vymazáno : user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Vymazáno : user_pref("CT3220468.mam_gk_userId.enc", "MGI3OWVmZjQtZjEwYi00NjA1LTgyMGUtOGU0MzIxZTI4ODRj");
Vymazáno : user_pref("CT3220468.migrateAppsAndComponents", true);
Vymazáno : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Vymazáno : user_pref("CT3220468.openThankYouPage", "true");
Vymazáno : user_pref("CT3220468.openUninstallPage", "false");
Vymazáno : user_pref("CT3220468.revertSettingsEnabled", "false");
Vymazáno : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Vymazáno : user_pref("CT3220468.search.searchCount", "0");
Vymazáno : user_pref("CT3220468.searchInNewTabEnabled", "false");
Vymazáno : user_pref("CT3220468.searchInNewTabEnabledByUser", "false");
Vymazáno : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Vymazáno : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Vymazáno : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Vymazáno : user_pref("CT3220468.sendUsageEnabled", "false");
Vymazáno : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Vymazáno : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Vymazáno : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359128426765");
Vymazáno : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1359128426543");
Vymazáno : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359128426993");
Vymazáno : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1369050634726");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1362423373544");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364317663975");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363188727166");
Vymazáno : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369065036256");
Vymazáno : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359128427047");
Vymazáno : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1359128425794");
Vymazáno : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1369050634447");
Vymazáno : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359128427299");
Vymazáno : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1369065035211");
Vymazáno : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1369050634793");
Vymazáno : user_pref("CT3220468.settingsINI", true);
Vymazáno : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Vymazáno : user_pref("CT3220468.showToolbarPermission", "false");
Vymazáno : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Vymazáno : user_pref("CT3220468.smartbar.Uninstall", "0");
Vymazáno : user_pref("CT3220468.smartbar.homepage", true);
Vymazáno : user_pref("CT3220468.smartbar.isHidden", true);
Vymazáno : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Vymazáno : user_pref("CT3220468.toolbarBornServerTime", "25-1-2013");
Vymazáno : user_pref("CT3220468.toolbarCurrentServerTime", "20-5-2013");
Vymazáno : user_pref("CT3220468.toolbarLoginClientTime", "Wed Mar 13 2013 18:25:47 GMT+0100");
Vymazáno : user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5nb29nbGUuY3ovdXJsP3NhPXQmcmN0PWomcT10cmFj[...]
Vymazáno : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazáno : user_pref("Smartbar.ConduitHomepagesList", "");
Vymazáno : user_pref("Smartbar.ConduitSearchEngineList", "");
Vymazáno : user_pref("Smartbar.ConduitSearchUrlList", "");
Vymazáno : user_pref("Smartbar.keywordURLSelectedCTID", "");
Vymazáno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntr[...]
Vymazáno : user_pref("avg.install.userSPSettings", "Delta Search");
Vymazáno : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119816&babs ... trId=980A4[...]
Vymazáno : user_pref("browser.search.order.1", "Delta Search");
Vymazáno : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13[...]
Vymazáno : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Vymazáno : user_pref("smartbar.machineId", "6K9EE3+XMPYESUWQ2GXDW3VNK5DOBUNZQ/FPH1ONA5H1IUDUJIRDOFP7NOXM/ABKATE[...]
Vymazáno : user_pref("smartbar.originalHomepage", "www.seznam.cz");
Vymazáno : user_pref("smartbar.originalSearchAddressUrl", "");
Vymazáno : user_pref("smartbar.originalSearchEngine", false);
-\\ Chromium v window_placement: {
bottom: 718
Soubor : C:\Users\Speciální školy\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [13504 octets] - [20/05/2013 18:07:40]
AdwCleaner[R2].txt - [13565 octets] - [20/05/2013 18:18:00]
AdwCleaner[S1].txt - [13236 octets] - [20/05/2013 18:18:10]
########## EOF - C:\AdwCleaner[S1].txt - [13297 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Freeznutí ntb
I mazací log ADW je v pořádku. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Freeznutí ntb
K žádné změně nedošlo.
-
Rudy
- Site Admin
- Příspěvky: 119526
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Freeznutí ntb
Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?