Jump to content

problems with upload


Guest

Recommended Posts

hi

I have problem with upload on my notebook I can not complete any upload

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Verze: v2013.01.19.05

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

kasper :: KASPER-PC [administrátor]

19.1.2013 9:40:36

MBAM-log-2013-01-19 (09-54-04).txt

Typ: Rychlá kontrola

Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM

Nastavení kontroly zakázáno: P2P

Kontrolované objekty: 224099

Uplynulý čas: 13 minut, 7 sekund

Nalezené procesy v paměti: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2

HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Nebyla provedena žádná instrukce.

HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0

(Žádné škodlivé položky nebyly zjištěny)

(konec)

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2

Run by kasper at 10:04:19 on 2013-01-19

Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1790.1052 [GMT 1:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Skype\Updater\Updater.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Windows\system32\taskhost.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\PLFSetI.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Users\kasper\AppData\Local\Skillbrains\lightshot\3.2.0.0\LightShot.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.cz/

uURLSearchHooks: {ff65fdbc-5683-4dfd-9113-1fcb5b0a3447} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [LightShot] c:\users\kasper\appdata\local\skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue

mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [PLFSetI] c:\windows\PLFSetI.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [LManager] c:\program files\launch manager\LManager.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue

StartupFolder: c:\users\kasper\appdata\roaming\micros~1\windows\startm~1\programs\startup\vezyob~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: NameServer = 109.231.191.1 109.231.191.3

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146} : DHCPNameServer = 109.231.191.1 109.231.191.3

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\4505D2C494E4B4F5245433635463 : DHCPNameServer = 94.74.192.252 94.74.192.244

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\8616D696E6F5C616E6 : DHCPNameServer = 62.129.50.20 85.135.32.100

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\B4162796E6 : DHCPNameServer = 62.129.50.20 85.135.32.100

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/

FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q=

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\plugins\npLightshot.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: 2012-12-10 18:48; {394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}; c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 99272]

R2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-15 3467768]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-7-27 51712]

R3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-28 14848]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2009-9-19 98432]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2009-9-19 14848]

S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2009-9-19 123648]

S3 StorSvc;Služba úložiště;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-28 49664]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-28 27136]

S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-24 1343400]

.

=============== Created Last 30 ================

.

2013-01-18 07:43:51 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9c348cd6-7df4-4f4f-b4c6-3bebcdb853a7}\mpengine.dll

2013-01-17 07:28:51 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-01-16 06:57:15 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-13 11:33:26 -------- d-----w- c:\program files\CCleaner

2013-01-09 19:45:45 45568 ----a-w- c:\windows\system32\oflc-nz.rs

2012-12-28 21:45:48 -------- d-----w- c:\program files\BootBox

2012-12-28 20:43:11 -------- d-----w- c:\users\kasper\appdata\local\HiSuite

2012-12-28 20:42:15 581192 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll

2012-12-28 20:42:15 245376 ----a-w- c:\windows\system32\drivers\hw_quusbnet.sys

2012-12-28 20:42:15 195200 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys

2012-12-28 20:42:15 1302600 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll

2012-12-28 20:42:15 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll

2012-12-28 20:42:15 102272 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys

2012-12-28 14:37:10 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll

2012-12-28 14:04:20 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll

2012-12-27 11:17:44 -------- d-----w- c:\program files\DC-Unlocker

2012-12-24 10:32:57 -------- d-----w- c:\users\kasper\appdata\local\ElevatedDiagnostics

2012-12-21 06:56:58 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-21 06:56:58 295424 ----a-w- c:\windows\system32\atmfd.dll

.

==================== Find3M ====================

.

2013-01-08 20:49:37 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-08 20:49:37 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll

2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll

2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll

2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe

2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-11-28 09:35:43 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-11-28 09:35:38 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe

2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll

2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll

2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll

2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll

.

============= FINISH: 10:06:06,30 ===============

attach.txt

Link to post
Share on other sites

Hello kasper! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Step 1

Please uninstall the following application: µTorrent

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • MiniToolBox log
  • a new fresh DDS log

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.4.4 (01.17.2013:1)

OS: Windows 7 Professional x86

Ran by kasper on so 19.01.2013 at 11:53:19,24

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\escort.escortiepane

Successfully deleted: [Registry Key] hkey_classes_root\escort.escortiepane.1

Successfully deleted: [Registry Key] hkey_classes_root\f

Successfully deleted: [Registry Key] hkey_classes_root\funmoods.dskbnd

Successfully deleted: [Registry Key] hkey_classes_root\funmoods.dskbnd.1

Successfully deleted: [Registry Key] hkey_classes_root\funmoods.funmoodshlpr

Successfully deleted: [Registry Key] hkey_classes_root\funmoods.funmoodshlpr.1

Successfully deleted: [Registry Key] hkey_classes_root\funmoodsapp.appcore

Successfully deleted: [Registry Key] hkey_classes_root\funmoodsapp.appcore.1

Successfully deleted: [Registry Key] hkey_current_user\software\conduit

Successfully deleted: [Registry Key] hkey_local_machine\software\conduit

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escort.dll

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escortapp.dll

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escorteng.dll

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escortlbr.dll

Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2670199

Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2928751

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}

~~~ Files

Successfully deleted: [File] "C:\Users\kasper\appdata\local\funmoods-speeddial.crx"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\kasper\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\kasper\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Users\kasper\appdata\locallow\pricegong"

Successfully deleted: [Folder] "C:\Program Files\conduit"

~~~ FireFox

Successfully deleted: [File] C:\Users\kasper\AppData\Roaming\mozilla\firefox\profiles\pgyipxyy.default\user.js

Successfully deleted the following from C:\Users\kasper\AppData\Roaming\mozilla\firefox\profiles\pgyipxyy.default\prefs.js

user_pref("extensions.funmoods.brwsrsrc", "ietlbr");

user_pref("extensions.funmoods.cntry", "CZ");

user_pref("extensions.funmoods.hdrMd5", "29DF8C94ED606E5938D1E2574111B7FA");

user_pref("extensions.funmoods.hrdid", "245ab89500000000000000235a7f6295");

user_pref("extensions.funmoods.keywordurl", "");

user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2214:38:51");

user_pref("extensions.funmoods.logicsmngrdailyreporttime", "17-06-2012");

user_pref("extensions.funmoods.newTab", true);

user_pref("extensions.funmoods.newtab", true);

user_pref("extensions.funmoods.savedVrsnTs", "1");

user_pref("extensions.funmoods.sg", "none");

user_pref("extensions.funmoods.smplGrp", "none");

user_pref("extensions.funmoods.smplgrp", "none");

user_pref("extensions.funmoods.srch", "");

user_pref("extensions.funmoods.vrsnTs", "1.5.23.2214:38:51");

user_pref("extensions.funmoods.vrsnts", "1.5.23.2214:38:51");

user_pref("keyword.URL", "http://search.seznam.cz/?sourceid=quicksearch_6826&q=");

Emptied folder: C:\Users\kasper\AppData\Roaming\mozilla\firefox\profiles\pgyipxyy.default\minidumps [12 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on so 19.01.2013 at 11:56:33,00

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MiniToolBox by Farbar Version:10-01-2013

Ran by kasper (administrator) on 19-01-2013 at 12:03:39

Running from "C:\MiniToolBox"

Windows 7 Professional Service Pack 1 (X86)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Konfigurace protokolu IP syst‚mu Windows

MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11g Network Adapter = Bezdrátové připojení k síti (Connected)

Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) = Připojení k místní síti (Media disconnected)

Microsoft Virtual WiFi Miniport Adapter = Bezdrátové připojení k síti 2 (Media disconnected)

# ----------------------------------

# Konfigurace protokolu IPv4

# ----------------------------------

pushd interface ipv4

reset

set global

popd

# Konec konfigurace protokolu IPv4

Konfigurace protokolu IP syst‚mu Windows

N zev hostitele . . . . . . . . . : kasper-PC

Prim rnˇ pýˇpona DNS. . . . . . . :

Typ uzlu . . . . . . . . . . . . : hybridnˇ

Povoleno smŘrov nˇ IP . . . . . . : Ne

WINS Proxy povoleno . . . . . . . : Ne

Adapt‚r bezdr tov‚ sˇtŘ LAN Bezdr tov‚ pýipojenˇ k sˇti 2:

Stav m‚dia . . . . . . . . . . . : odpojeno

Pýˇpona DNS podle pýipojenˇ . . . :

Popis . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

Fyzick Adresa. . . . . . . . . . : 00-24-2B-90-BC-78

Protokol DHCP povolen . . . . . . : Ano

Automatick konfigurace povolena : Ano

Adapt‚r sˇtŘ Ethernet Pýipojenˇ k mˇstnˇ sˇti:

Stav m‚dia . . . . . . . . . . . : odpojeno

Pýˇpona DNS podle pýipojenˇ . . . :

Popis . . . . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)

Fyzick Adresa. . . . . . . . . . : 00-23-5A-7F-62-95

Protokol DHCP povolen . . . . . . : Ano

Automatick konfigurace povolena : Ano

Adapt‚r bezdr tov‚ sˇtŘ LAN Bezdr tov‚ pýipojenˇ k sˇti:

Pýˇpona DNS podle pýipojenˇ . . . :

Popis . . . . . . . . . . . . . . : Broadcom 802.11g Network Adapter

Fyzick Adresa. . . . . . . . . . : 00-24-2B-90-BC-78

Protokol DHCP povolen . . . . . . : Ano

Automatick konfigurace povolena : Ano

Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80::75b7:4494:b979:8f06%11(Preferovan‚)

Adresa IPv4 . . . . . . . . . . . : 192.168.1.2(Preferovan‚)

Maska podsˇtŘ . . . . . . . . . . : 255.255.255.0

Zap…jźeno . . . . . . . . . . . . : 19. ledna 2013 10:03:03

Z p…jźka vyprçˇ . . . . . . . . . : 19. ledna 2013 14:03:02

Věchozˇ br na . . . . . . . . . . : 192.168.1.1

Server DHCP . . . . . . . . . . . : 192.168.1.1

IAID DHCPv6 . . . . . . . . . . : 184558635

DUID klienta DHCPv6. . . . . . . : 00-01-00-01-16-FF-E3-9B-00-23-5A-7F-62-95

Servery DNS . . . . . . . . . . . : 109.231.191.1

109.231.191.3

Rozhranˇ NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno

Adapt‚r pro tunelov‚ pýipojenˇ isatap.{80671302-D340-45B4-80B4-9964DD663146}:

Stav m‚dia . . . . . . . . . . . : odpojeno

Pýˇpona DNS podle pýipojenˇ . . . :

Popis . . . . . . . . . . . . . . : Microsoft ISATAP Adapter

Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0

Protokol DHCP povolen . . . . . . : Ne

Automatick konfigurace povolena : Ano

Adapt‚r pro tunelov‚ pýipojenˇ Teredo Tunneling Pseudo-Interface:

Pýˇpona DNS podle pýipojenˇ . . . :

Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0

Protokol DHCP povolen . . . . . . : Ne

Automatick konfigurace povolena : Ano

IPv6 adresa. . . . . . . . . . . : 2001:0:5ef5:79fd:2015:85ec:9218:6685(Preferovan‚)

Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80::2015:85ec:9218:6685%13(Preferovan‚)

Věchozˇ br na . . . . . . . . . . : ::

NetBIOS nad TCP/IP. . . . . . . . : zak z no

Server: ns1.techcom.cz

Address: 109.231.191.1

Nazev: google.com

Addresses: 2a00:1450:4007:802::1006

74.125.230.233

74.125.230.238

74.125.230.224

74.125.230.225

74.125.230.226

74.125.230.227

74.125.230.228

74.125.230.229

74.125.230.230

74.125.230.231

74.125.230.232

Pýˇkaz PING na google.com [74.125.230.232] - 32 bajt… dat:

OdpovŘÔ od 74.125.230.232: bajty=32 źas=32ms TTL=51

OdpovŘÔ od 74.125.230.232: bajty=32 źas=38ms TTL=51

Statistika ping pro 74.125.230.232:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 32ms, Maximum = 38ms, Pr…mŘr = 35ms

Server: ns1.techcom.cz

Address: 109.231.191.1

Nazev: yahoo.com

Addresses: 206.190.36.45

98.138.253.109

98.139.183.24

Pýˇkaz PING na yahoo.com [98.139.183.24] - 32 bajt… dat:

OdpovŘÔ od 98.139.183.24: bajty=32 źas=157ms TTL=44

OdpovŘÔ od 98.139.183.24: bajty=32 źas=219ms TTL=43

Statistika ping pro 98.139.183.24:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 157ms, Maximum = 219ms, Pr…mŘr = 188ms

Pýˇkaz PING na 127.0.0.1 - 32 bajt… dat:

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

Statistika ping pro 127.0.0.1:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms

===========================================================================

Seznam rozhranˇ

14...00 24 2b 90 bc 78 ......Microsoft Virtual WiFi Miniport Adapter

12...00 23 5a 7f 62 95 ......Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)

11...00 24 2b 90 bc 78 ......Broadcom 802.11g Network Adapter

1...........................Software Loopback Interface 1

16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

IPv4 SmŘrovacˇ tabulka

===========================================================================

Aktivnˇ smŘrov nˇ:

Cˇl v sˇti Sˇśov maska Br na Rozhranˇ Metrika

0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25

127.0.0.0 255.0.0.0 Propojen‚ 127.0.0.1 306

127.0.0.1 255.255.255.255 Propojen‚ 127.0.0.1 306

127.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306

192.168.1.0 255.255.255.0 Propojen‚ 192.168.1.2 281

192.168.1.2 255.255.255.255 Propojen‚ 192.168.1.2 281

192.168.1.255 255.255.255.255 Propojen‚ 192.168.1.2 281

224.0.0.0 240.0.0.0 Propojen‚ 127.0.0.1 306

224.0.0.0 240.0.0.0 Propojen‚ 192.168.1.2 281

255.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306

255.255.255.255 255.255.255.255 Propojen‚ 192.168.1.2 281

===========================================================================

Trval‚ trasy:

¦ dn‚

IPv6 SmŘrovacˇ tabulka

===========================================================================

Aktivnˇ smŘrov nˇ:

Rozhranˇ Metrika Cˇl v sˇti Br na

13 58 ::/0 Propojen‚

1 306 ::1/128 Propojen‚

13 58 2001::/32 Propojen‚

13 306 2001:0:5ef5:79fd:2015:85ec:9218:6685/128

Propojen‚

11 281 fe80::/64 Propojen‚

13 306 fe80::/64 Propojen‚

13 306 fe80::2015:85ec:9218:6685/128

Propojen‚

11 281 fe80::75b7:4494:b979:8f06/128

Propojen‚

1 306 ff00::/8 Propojen‚

13 306 ff00::/8 Propojen‚

11 281 ff00::/8 Propojen‚

===========================================================================

Trval‚ trasy:

¦ dn‚

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)

Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

System errors:

=============

Microsoft Office Sessions:

=========================

Error: (05/17/2012 03:30:58 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 49 seconds with 0 seconds of active time. This session ended with a crash.

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)

Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)

Adobe Flash Player 11 Plugin (Version: 11.5.502.146)

Adobe Reader X (10.1.5) - Czech (Version: 10.1.5)

Adobe Shockwave Player 11.6 (Version: 11.6.5.635)

Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)

Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)

Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)

Ashampoo Burning Studio 12 v.12.0.1 (Version: 12.0.1)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)

AviSynth 2.5

Catalyst Control Center - Branding (Version: 1.00.0000)

Catalyst Control Center Core Implementation (Version: 2008.1209.2131.38627)

Catalyst Control Center Graphics Full Existing (Version: 2008.1209.2131.38627)

Catalyst Control Center Graphics Full New (Version: 2008.1209.2131.38627)

Catalyst Control Center Graphics Light (Version: 2008.1209.2131.38627)

Catalyst Control Center Graphics Previews Vista (Version: 2008.1209.2131.38627)

Catalyst Control Center InstallProxy (Version: 2008.1209.2131.38627)

Catalyst Control Center Localization All (Version: 2008.1209.2131.38627)

ccc-core-static (Version: 2008.1209.2131.38627)

ccc-utility (Version: 2008.1209.2131.38627)

CCC Help Czech (Version: 2008.1209.2130.38627)

CCC Help English (Version: 2008.1209.2130.38627)

CCleaner (Version: 3.26)

Counter-Strike 1.6 (Version: 1.00.0000)

Counter-Strike 1.6 Non-Steam patch v36

ffdshow v1.2.4453 [2012-05-21] (Version: 1.2.4453.0)

GIMP 2.8.0 (Version: 2.8.0)

Icy Tower v1.5

ImgBurn (Version: 2.5.7.0)

iNFekt NFO Viewer (Version: 0.8.1)

IrfanView (remove only) (Version: 4.32)

Java 7 Update 11 (Version: 7.0.110)

Java Auto Updater (Version: 2.1.9.0)

Java 6 Update 33 (Version: 6.0.330)

JDownloader 0.9 (Version: 0.9)

Launch Manager (Version: 3.0.00)

lightshot-3.2.0.0 (Version: 3.2.0.0)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319)

Microsoft Antimalware Service CS-CZ Language Pack (Version: 3.0.8402.2)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)

Microsoft Office Excel MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Groove MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office InfoPath MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Slovak) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proofing (Czech) 2007 (Version: 12.0.4518.1025)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Office Word MUI (Czech) 2007 (Version: 12.0.6612.1000)

Microsoft Security Client (Version: 4.1.0522.0)

Microsoft Security Client CS-CZ Language Pack (Version: 2.1.1116.0)

Microsoft Security Essentials (Version: 4.1.522.0)

Microsoft Silverlight (Version: 4.1.10329.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Mozilla Firefox 17.0.1 (x86 cs) (Version: 17.0.1)

Mozilla Maintenance Service (Version: 17.0.1)

NirSoft BlueScreenView

NirSoft MessenPass

Opera 12.12 (Version: 12.12.1707)

Pazera Free MP4 to AVI Converter 1.6 (Version: 1.6)

Picasa 3 (Version: 3.8)

Realtek High Definition Audio Driver (Version: 6.0.1.6526)

Realtek USB 2.0 Card Reader (Version: 6.1.7100.30095)

Skins (Version: 2008.1209.2131.38627)

Skype™ 6.0 (Version: 6.0.126)

StepMania 3.9 (remove only)

swMSM (Version: 12.0.0.1)

TeamViewer 8 (Version: 8.0.16642)

Total Commander (Remove or Repair) (Version: 8.01)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition

Video Web Camera (Version: 5.0.1.1)

VLC media player 2.0.4 (Version: 2.0.4)

WBFS Manager 3.0 (Version: 3.0)

Windows Media Player Firefox Plugin (Version: 1.0.0.8)

WinRAR 4.20 (32-bit) (Version: 4.20.0)

Xvid 1.2.2 final uninstall (Version: 1.2)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 38%

Total physical RAM: 1790.11 MB

Available physical RAM: 1101.95 MB

Total Pagefile: 3580.22 MB

Available Pagefile: 2652.19 MB

Total Virtual: 2047.88 MB

Available Virtual: 1938.3 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.79 GB) (Free:140.43 GB) NTFS

========================= Users: ========================================

U§ivatelsk‚ Łźty pro \\KASPER-PC

Administrator Guest kasper

Pýˇkaz byl ŁspŘçnŘ dokonźen.

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2

Run by kasper at 12:05:24 on 2013-01-19

Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1790.1090 [GMT 1:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\PLFSetI.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Users\kasper\AppData\Local\Skillbrains\lightshot\3.2.0.0\LightShot.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\explorer.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.cz/

uURLSearchHooks: {ff65fdbc-5683-4dfd-9113-1fcb5b0a3447} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [LightShot] c:\users\kasper\appdata\local\skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue

mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [PLFSetI] c:\windows\PLFSetI.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [LManager] c:\program files\launch manager\LManager.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue

StartupFolder: c:\users\kasper\appdata\roaming\micros~1\windows\startm~1\programs\startup\vezyob~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: NameServer = 109.231.191.1 109.231.191.3

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146} : DHCPNameServer = 109.231.191.1 109.231.191.3

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\4505D2C494E4B4F5245433635463 : DHCPNameServer = 94.74.192.252 94.74.192.244

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\8616D696E6F5C616E6 : DHCPNameServer = 62.129.50.20 85.135.32.100

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\B4162796E6 : DHCPNameServer = 62.129.50.20 85.135.32.100

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\plugins\npLightshot.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: 2012-12-10 18:48; {394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}; c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-15 3467768]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-7-27 51712]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 99272]

S3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-28 14848]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2009-9-19 98432]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2009-9-19 14848]

S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2009-9-19 123648]

S3 StorSvc;Služba úložiště;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-28 49664]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-28 27136]

S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-24 1343400]

.

=============== Created Last 30 ================

.

2013-01-19 10:59:10 -------- d-----w- C:\MiniToolBox

2013-01-19 10:53:13 -------- d-----w- c:\windows\ERUNT

2013-01-19 10:53:04 -------- d-----w- C:\JRT

2013-01-19 09:14:08 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{251d5a02-1293-470b-9424-8c03515b7882}\mpengine.dll

2013-01-18 07:43:51 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-01-16 06:57:15 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-13 11:33:26 -------- d-----w- c:\program files\CCleaner

2013-01-09 19:45:45 45568 ----a-w- c:\windows\system32\oflc-nz.rs

2012-12-28 21:45:48 -------- d-----w- c:\program files\BootBox

2012-12-28 20:43:11 -------- d-----w- c:\users\kasper\appdata\local\HiSuite

2012-12-28 20:42:15 581192 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll

2012-12-28 20:42:15 245376 ----a-w- c:\windows\system32\drivers\hw_quusbnet.sys

2012-12-28 20:42:15 195200 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys

2012-12-28 20:42:15 1302600 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll

2012-12-28 20:42:15 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll

2012-12-28 20:42:15 102272 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys

2012-12-28 14:37:10 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll

2012-12-28 14:04:20 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll

2012-12-27 11:17:44 -------- d-----w- c:\program files\DC-Unlocker

2012-12-24 10:32:57 -------- d-----w- c:\users\kasper\appdata\local\ElevatedDiagnostics

2012-12-21 06:56:58 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-21 06:56:58 295424 ----a-w- c:\windows\system32\atmfd.dll

.

==================== Find3M ====================

.

2013-01-08 20:49:37 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-08 20:49:37 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll

2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll

2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll

2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe

2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-11-28 09:35:43 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-11-28 09:35:38 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe

2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll

2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll

2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll

2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll

.

============= FINISH: 12:05:41,31 ===============

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2

Run by kasper at 12:05:24 on 2013-01-19

Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1790.1090 [GMT 1:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\PLFSetI.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Users\kasper\AppData\Local\Skillbrains\lightshot\3.2.0.0\LightShot.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\explorer.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.cz/

uURLSearchHooks: {ff65fdbc-5683-4dfd-9113-1fcb5b0a3447} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [LightShot] c:\users\kasper\appdata\local\skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue

mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [PLFSetI] c:\windows\PLFSetI.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [LManager] c:\program files\launch manager\LManager.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue

StartupFolder: c:\users\kasper\appdata\roaming\micros~1\windows\startm~1\programs\startup\vezyob~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: NameServer = 109.231.191.1 109.231.191.3

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146} : DHCPNameServer = 109.231.191.1 109.231.191.3

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\4505D2C494E4B4F5245433635463 : DHCPNameServer = 94.74.192.252 94.74.192.244

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\8616D696E6F5C616E6 : DHCPNameServer = 62.129.50.20 85.135.32.100

TCP: Interfaces\{80671302-D340-45B4-80B4-9964DD663146}\B4162796E6 : DHCPNameServer = 62.129.50.20 85.135.32.100

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\plugins\npLightshot.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: 2012-12-10 18:48; {394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}; c:\users\kasper\appdata\roaming\mozilla\firefox\profiles\pgyipxyy.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-15 3467768]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-7-27 51712]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 99272]

S3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-28 14848]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2009-9-19 98432]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2009-9-19 14848]

S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2009-9-19 123648]

S3 StorSvc;Služba úložiště;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-28 49664]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-28 27136]

S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-24 1343400]

.

=============== Created Last 30 ================

.

2013-01-19 10:59:10 -------- d-----w- C:\MiniToolBox

2013-01-19 10:53:13 -------- d-----w- c:\windows\ERUNT

2013-01-19 10:53:04 -------- d-----w- C:\JRT

2013-01-19 09:14:08 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{251d5a02-1293-470b-9424-8c03515b7882}\mpengine.dll

2013-01-18 07:43:51 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-01-16 06:57:15 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-13 11:33:26 -------- d-----w- c:\program files\CCleaner

2013-01-09 19:45:45 45568 ----a-w- c:\windows\system32\oflc-nz.rs

2012-12-28 21:45:48 -------- d-----w- c:\program files\BootBox

2012-12-28 20:43:11 -------- d-----w- c:\users\kasper\appdata\local\HiSuite

2012-12-28 20:42:15 581192 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll

2012-12-28 20:42:15 245376 ----a-w- c:\windows\system32\drivers\hw_quusbnet.sys

2012-12-28 20:42:15 195200 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys

2012-12-28 20:42:15 1302600 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll

2012-12-28 20:42:15 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll

2012-12-28 20:42:15 102272 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys

2012-12-28 14:37:10 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll

2012-12-28 14:04:20 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll

2012-12-27 11:17:44 -------- d-----w- c:\program files\DC-Unlocker

2012-12-24 10:32:57 -------- d-----w- c:\users\kasper\appdata\local\ElevatedDiagnostics

2012-12-21 06:56:58 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-21 06:56:58 295424 ----a-w- c:\windows\system32\atmfd.dll

.

==================== Find3M ====================

.

2013-01-08 20:49:37 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-08 20:49:37 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll

2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll

2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll

2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe

2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-11-28 09:35:43 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-11-28 09:35:38 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe

2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll

2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll

2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll

2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll

.

============= FINISH: 12:05:41,31 ===============

attach.txt

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.