Prosím o kontolu logu, díky

Zpráva

Jacob.J · #1 Příspěvek od **Jacob.J** » 09 lis 2013 15:21

ComboFix 13-11-07.01 - The_Jacob 09.11.2013 15:03:44.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1395 [GMT 1:00]
Spuštěný z: c:\documents and settings\The_Jacob\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\system32\Cache
c:\windows\system32\drivers\fad.sys
c:\windows\system32\msssc.dll
c:\windows\system32\roboot.exe
c:\windows\system32\SET1C.tmp
c:\windows\system32\SET1F.tmp
c:\windows\system32\SET21.tmp
c:\windows\system32\SET22.tmp
c:\windows\system32\SET25.tmp
H:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-09 do 2013-11-09 )))))))))))))))))))))))))))))))
.
.
2013-11-09 13:44 . 2013-11-09 13:44 -------- d-----w- c:\documents and settings\The_Jacob\Local Settings\Data aplikací\VNT
2013-11-09 13:43 . 2013-11-09 13:43 -------- d-----w- c:\program files\VNT
2013-11-09 13:37 . 2013-11-09 13:37 -------- d-----w- c:\windows\system32\wbem\Repository
2013-11-09 13:34 . 2013-11-09 13:34 -------- d-----w- c:\program files\LemurLeap
2013-11-09 08:46 . 2013-11-09 08:46 -------- d-----w- c:\documents and settings\The_Jacob\Data aplikací\Malwarebytes
2013-11-09 08:46 . 2013-11-09 08:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-11-09 08:46 . 2013-11-09 13:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-02 17:23 . 2013-11-02 17:23 5 ----a-w- c:\windows\system32\mvc3Seed.dll
2013-11-02 17:23 . 2005-05-25 14:57 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-02 17:23 . 2003-03-19 05:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2013-11-02 17:23 . 2003-02-21 12:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-11-01 20:23 . 2013-11-01 20:23 -------- d-----w- c:\documents and settings\The_Jacob\Local Settings\Data aplikací\Help
2013-11-01 20:21 . 2013-11-01 20:21 -------- d-----w- c:\documents and settings\The_Jacob\Data aplikací\Roxio
2013-11-01 20:06 . 2013-11-01 20:06 -------- d-----w- c:\documents and settings\The_Jacob\Data aplikací\Ahead
2013-10-29 19:36 . 2013-10-29 19:36 -------- d-----w- c:\documents and settings\The_Jacob\Local Settings\Data aplikací\AskPartnerNetwork
2013-10-29 19:04 . 2008-04-13 19:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-10-29 19:04 . 2008-04-13 19:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2013-10-28 21:40 . 2013-10-28 21:40 -------- d-----w- c:\program files\AskPartnerNetwork
2013-10-28 21:40 . 2013-10-28 21:40 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AskPartnerNetwork
2013-10-28 21:39 . 2013-10-28 21:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\APN
2013-10-28 20:03 . 2013-10-28 20:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\nView_Profiles
2013-10-28 18:56 . 2013-10-28 18:56 -------- d-sh--w- c:\documents and settings\The_Jacob\Data aplikací\Common
2013-10-28 18:55 . 2013-10-28 18:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Binary Fortress Software
2013-10-20 15:16 . 2008-04-14 02:29 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-10-20 15:16 . 2008-04-14 02:29 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2013-10-20 15:15 . 2013-10-20 15:15 -------- d-----w- c:\program files\Common Files\Logitech
2013-10-20 15:15 . 2013-10-20 15:15 -------- d-----w- c:\program files\Logitech
2013-10-20 15:10 . 2013-10-20 15:10 -------- d-----w- c:\documents and settings\The_Jacob\Data aplikací\HTC
2013-10-20 15:07 . 2013-10-20 15:07 -------- d-----w- c:\program files\Spirent Communications
2013-10-20 15:06 . 2013-10-20 15:09 -------- d-----w- c:\program files\HTC
2013-10-20 15:05 . 2013-10-20 15:05 -------- d-----w- c:\program files\Common Files\Adobe AIR
2013-10-20 14:17 . 2003-05-16 01:41 110592 ------w- c:\windows\system32\PResFre.dll
2013-10-20 14:17 . 2003-05-16 01:38 36864 ------w- c:\windows\system32\PResJpn.dll
2013-10-20 14:17 . 2003-05-16 01:36 110592 ------w- c:\windows\system32\PResGer.dll
2013-10-20 14:17 . 2003-05-16 01:35 110592 ------w- c:\windows\system32\PResChi.dll
2013-10-20 14:17 . 2003-06-19 13:54 233472 ------w- c:\windows\system32\swlpu.dll
2013-10-20 14:17 . 2003-05-16 01:42 40960 ------w- c:\windows\system32\PResKor.dll
2013-10-20 14:17 . 2003-05-16 01:40 36864 ------w- c:\windows\system32\PResEng.dll
2013-10-20 14:16 . 2013-10-20 14:16 -------- d-----w- c:\windows\system32\Samsung
2013-10-20 14:16 . 2003-05-15 06:32 13056 ------w- c:\windows\system32\drivers\PRT1XW2K.SYS
2013-10-20 14:16 . 2013-10-20 14:16 -------- d-----w- c:\program files\HP WLAN
2013-10-20 12:11 . 2013-10-20 12:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Visan
2013-10-20 11:30 . 2001-10-24 10:02 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2013-10-20 11:30 . 2001-10-24 10:02 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
2013-10-20 11:17 . 2013-10-20 11:17 -------- d-----w- c:\documents and settings\The_Jacob\Data aplikací\HpUpdate
2013-10-20 11:16 . 2010-11-16 19:10 527208 ------w- c:\windows\system32\HPDiscoPM8e11.dll
2013-10-20 11:16 . 2010-11-17 01:19 1792872 ----a-w- c:\windows\system32\HPScanMiniDrv_PSB210.dll
2013-10-20 11:16 . 2010-11-17 01:19 267112 ----a-w- c:\windows\system32\hpinksts8e11LM.dll
2013-10-20 11:16 . 2010-11-17 01:19 232296 ----a-w- c:\windows\system32\hpinksts8e11.dll
2013-10-20 11:16 . 2010-11-17 01:19 213864 ----a-w- c:\windows\system32\hpinkcoi8e11.dll
2013-10-20 11:15 . 2013-10-20 12:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2013-10-20 11:15 . 2013-10-20 11:17 -------- d-----w- c:\program files\HP
2013-10-20 11:15 . 2013-10-20 12:09 -------- d-----w- c:\documents and settings\The_Jacob\Local Settings\Data aplikací\HP
2013-10-11 16:10 . 2013-07-03 01:59 14976 ------w- c:\windows\system32\dllcache\usbscan.sys
2013-10-11 16:08 . 2013-08-09 00:55 32384 ------w- c:\windows\system32\dllcache\usbccgp.sys
2013-10-11 16:08 . 2013-08-09 00:55 5376 ------w- c:\windows\system32\dllcache\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-20 15:04 . 2013-09-06 13:16 851176 ----a-w- c:\windows\system32\WinUSBCoInstaller2.dll
2013-10-20 15:04 . 2013-09-06 13:20 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-10-20 15:04 . 2012-12-06 09:57 74752 ----a-w- c:\windows\system32\CLEyeDevices.dll
2013-10-08 19:54 . 2013-04-07 19:12 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-08 19:54 . 2011-12-08 19:37 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-23 18:25 . 2005-04-27 14:41 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2002-09-23 01:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2002-09-23 01:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2002-09-23 01:00 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2004-08-17 22:44 385024 ------w- c:\windows\system32\html.iec
2013-09-14 18:56 . 2013-09-14 18:49 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-30 07:48 . 2013-09-05 05:30 177864 ------w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2011-12-07 16:29 369584 ------w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2011-12-07 16:29 56080 ------w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-09-05 05:30 49376 ------w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2011-12-07 16:29 49760 ------w- c:\windows\system32\drivers\aswRdr.sys
2013-08-30 07:48 . 2011-12-07 16:29 770344 ------w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-09-05 05:30 66336 ------w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:48 . 2011-12-07 16:29 29816 ------w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:47 . 2011-12-07 16:27 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2011-12-07 16:27 229648 ------w- c:\windows\system32\aswBoot.exe
2013-08-29 07:01 . 2002-09-23 01:00 1878656 ------w- c:\windows\system32\win32k.sys
2013-08-29 00:56 . 2009-08-19 20:21 26240 ------w- c:\windows\system32\drivers\usbser.sys
2007-11-10 16:34 . 2007-11-10 16:34 774144 -c--a-w- c:\program files\RngInterstitial.dll
2013-05-07 09:11 . 2013-05-07 09:08 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7}]
2013-11-08 06:00 12240 ----a-w- c:\program files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5054562D-5247-006A-76A7-7A786E7484D7}"= "c:\program files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" [2013-11-08 12240]
.
[HKEY_CLASSES_ROOT\clsid\{5054562d-5247-006a-76a7-7a786e7484d7}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{5054562D-5247-006A-76A7-7A786E7484D7}"= "c:\program files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" [2013-11-08 12240]
.
[HKEY_CLASSES_ROOT\clsid\{5054562d-5247-006a-76a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"Facebook Update"="c:\documents and settings\The_Jacob\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" [2013-10-02 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2002-08-07 485376]
"CPQEASYACC"="c:\program files\COMPAQ\Easy Access Button Support\StartEAK.exe" [2001-12-14 32768]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"MsmqIntCert"="mqrt.dll" [2008-04-14 177152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 528384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-01-07 585728]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"ApnTBMon"="c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-11-08 1707472]
"VNT"="c:\program files\VNT\vntldr.exe" [2013-11-08 202192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
MSI US54SE II Wireless Client Utility.lnk - c:\program files\MSI\US54SE II\Installer\WINXP\MCU.exe -s [2013-4-6 593920]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 09:50 155648 ------w- c:\windows\system32\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\The_Jacob\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"h:\\Winamp\\winamp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [5.9.2013 6:30 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [5.9.2013 6:30 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.12.2011 17:29 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.12.2011 17:29 369584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [14.9.2013 19:49 243128]
R2 APNMCP;Ask Update Service;c:\program files\AskPartnerNetwork\Toolbar\apnmcp.exe [8.11.2013 7:00 166352]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.12.2011 17:29 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [5.9.2013 6:30 66336]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [16.9.2010 13:06 80896]
R2 prt1xw2k;HP 11Mbps Wireless Card NDIS Interface;c:\windows\system32\drivers\PRT1XW2K.SYS [20.10.2013 15:16 13056]
S2 gupdate1ca0973bda54276;Služba Google Update (gupdate1ca0973bda54276);c:\program files\Google\Update\GoogleUpdate.exe [20.7.2009 20:53 133104]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [16.9.2013 11:29 3273088]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2.6.2011 10:08 11336]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 17:01 21248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-18 20:57 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-07 19:54]
.
2013-10-29 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-11-08 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-11-03 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-11-03 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-11-09 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-06-29 07:47]
.
2013-11-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-20 19:51]
.
2013-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-20 19:53]
.
2013-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-20 19:53]
.
2013-09-06 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 13:56]
.
2013-11-09 c:\windows\Tasks\User_Feed_Synchronization-{DEC88521-5DE4-4B9D-9799-10AA0862DC3B}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://go.compaq.com/1Q00CDT/0405/bl7.asp
mSearch Bar = hxxp://go.compaq.com/1Q00CDT/0405/bl8.asp
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\The_Jacob\Data aplikací\Mozilla\Firefox\Profiles\rwq5jkbp.default\
FF - ExtSQL: 2013-10-02 07:34; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-10-17 07:47; toolbar_PTV-RG@apn.ask.com; c:\documents and settings\The_Jacob\Data aplikacĂÂ\Mozilla\Firefox\Profiles\rwq5jkbp.default\extensions\toolbar_PTV-RG@apn.ask.com.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-Driver Genius - (no file)
AddRemove-Software Setup - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-09 15:12
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG16.00.00.01PROFESSIONAL"="30788AAA41E40D3595F20906C4D049EF5CF92A3562C148F6C8FDD44F83644B37916C943E30584B400DA0350925F0B19F2FF21BB3B68A64C6D152772F86E919FCD6EEC956863100EA8DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407BA7FD869164D6794A2D97226D213B555A2D97226D213B55595D695527CC04B80FD8A08D5443597CA07749DF344C4E856DFF663E7A074CB2B75C7390210230D1D9FF253AC50354138D628C43EA2865BFE045DA01F64BA5177583F28C12CCED585B6ED86DF82851D98B196A6951EA032A793C607C039656080F62AB2BA7477255E778136D6C8823CDB657837BE8BB2B1AD93C18D0CFD788A30B10E6F48EEA7FCBD39C4B82B74DB30E6E09BAFAEA5301CE32EF06A75744EE7658C01B97E883D64B278E429ABB7119293BA610B130AE23A0FB10A9D2643928EF32C2F2FA28EE965BAD422E65B2D7CFE2EABBF8ACBB8E3DA6990D7E6F875461F235DD731ABB6338F4B134F946F50C593F7903F32EA97244B21DE37CA8078BEB82C0E4D67C997F375CB19D6195300EE7426E87C4938EF666359D71C14819F24834150F63B5D2B58AC97753322A68348CA61DB29DCAF6F4578A65A0C4FF221F2A702DCD05A7DD2E25001D4751CB9817940C6318BBB01A8A9EA1366A1CC02967DD2080EE9B67151E900C98EC03A14077D066755FBFB8F8E55191E228AA18EFE66B6DCE16587B74E95DDAA98CF75EF83A1CE48D96873F1FC5A67B8580AA92EBDA70A017CFA468254E58F500EEC083D4C8A52E2F3D1C075AEA0BF48F675FE29978D85E5A3F43135532B41D8B0F8709C992F4C247BCC4318C7E58EA70E37837B373AE6F2C2334BEB1F8BA15BE3E8F16608D87DECED039D0ECCB7C3A5564EDC552C20EE83E8A8D8736F8061DC2FC316241826A7916CB23A3F25FB5403A7CC741DE70B65E6C8DDE54D5DD7B8DBBE262493AC0C13DB3BAB434621E839F601D7F66ABF95135F3AEC40AD6AB4E14662C1AE288FCE0D88C4D3A9F2F00AEEAA83AAD48870AF4425360579FEF90B1C828D580709ED8B624914A5A248A9BF763C7614447997A04B61DC6AE6DF52252965D844C38F562FE9C15A2C257FC4BED3BCC175BEF0377F0035717325A020A1D0BD7FF0C14ABEFBF80D6E0AEC03208C0F3474C501D835BA38B2D98B8F4671F15C4BE25E20FC7D8B6B36C674FAF2FC07369BBF0F8B4B5E1155DF22B1CA0C3B5A1BC00522C01DD147A1BE02B314A1805DD9E07B6EA39ADD18B639787A3A5ED377E0C68EE2CB555A6C7F1DDF27BE9735938D669E9753CB4738422DAE0C8B5EF53402F84C5E2B839B8F6BB8453EC88F86006B02C9D067169130629FBDA12A62C2545B682CE38F3C7D17D26E3C7EC07AC6D08FFDBCF3F066970E8366408BC8F3BCEB49"
.
Celkový čas: 2013-11-09 15:15:19
ComboFix-quarantined-files.txt 2013-11-09 14:15
.
Před spuštěním: 3 559 911 424
Po spuštění: 3 847 581 696
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - E85960F62888B0DE2E8A31AC0D845426
E5FA06ACA0D60BA9C870D0EF3D9898C9

#2 Příspěvek od **vyosek** » 09 lis 2013 16:05

Zdravim

:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Jacob.J · #3 Příspěvek od **Jacob.J** » 09 lis 2013 16:09

Vše jsem dělal podle instrukcí na http://www.bleepingcomputer.com/combofi ... t-combofix

#4 Příspěvek od **vyosek** » 09 lis 2013 16:12

Nedelal

Nepoužívejte ComboFix, aniž by vás o to požádal zkušený rádce.

Pokud potřebujete asistenci při odvirovávání počítače, úplně nejdříve si založte vlastní téma na některém z internetových fór uvedených ke konci tohoto návodu a na něm požádejte o pomoc. Na každém z těchto fór platí rozdílná pravidla a skutečnosti, jimiž je třeba se řídit, proto si vždy pročtěte tamější důležité informace a oznámení, abyste věděli, jak přesně máte postupovat.

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Jacob.J · #5 Příspěvek od **Jacob.J** » 09 lis 2013 16:13

Ok. To se omlouvám. Mam odstranit ComboFix?

#6 Příspěvek od **vyosek** » 09 lis 2013 16:14

Ne, nechte jej tam, vyuzijeme jej jeste a docistime log...

Pokracujte ted uz ale porsim dle mych instrukci...

Jacob.J · #7 Příspěvek od **Jacob.J** » 09 lis 2013 16:28

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by The_Jacob on so 09.11.2013 at 16:15:43,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] APNMCP
Successfully deleted: [Service] APNMCP

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\The_Jacob\Data aplikací\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\The_Jacob\Data aplikací\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\The_Jacob\Data aplikací\systweak"
Successfully deleted: [Folder] "C:\Program Files\driver-soft"
Successfully deleted: [Folder] "C:\Program Files\lemurleap"
Successfully deleted: [Folder] "C:\Program Files\askpartnernetwork"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 09.11.2013 at 16:27:22,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8 Příspěvek od **vyosek** » 09 lis 2013 16:39

Jeste pockam na AdwCleaner

Jacob.J · #9 Příspěvek od **Jacob.J** » 09 lis 2013 16:46

# AdwCleaner v3.011 - Report created 09/11/2013 at 16:34:23
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : The_Jacob - HP22929236327
# Running from : C:\Documents and Settings\The_Jacob\Dokumenty\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SpeedyPC Software
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Deleted : C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\AskPartnerNetwork
File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\0olpiefx.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v20.0.1 (en-US)

[ File : C:\Documents and Settings\The_Jacob\Data aplikací\Mozilla\Firefox\Profiles\rwq5jkbp.default\prefs.js ]

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\0olpiefx.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2444 octets] - [09/11/2013 16:31:50]
AdwCleaner[S0].txt - [2401 octets] - [09/11/2013 16:34:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2461 octets] ##########

#10 Příspěvek od **vyosek** » 09 lis 2013 23:17

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Jacob.J · #11 Příspěvek od **Jacob.J** » 09 lis 2013 23:32

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by The_Jacob (administrator) on HP22929236327 on 09-11-2013 23:25:23
Running from C:\Documents and Settings\The_Jacob\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\System32\snmp.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
(Compaq Computer Corporation) C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Compaq) C:\Compaq\EAKDRV\EAUSBKBD.EXE
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(APN LLC.) C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\VNT\vntldr.exe
(MSI Technology GmbH) C:\Program Files\MSI\US54SE II\Installer\WINXP\MCU.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(HP Company) C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
(Compaq Computer Corporation) C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\The_Jacob\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [srmclean] - C:\cpqs\scom\srmclean.exe [36864 2001-07-24] ()
HKLM\...\Run: [SetRefresh] - C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [485376 2002-08-07] (Hewlett-Packard Company)
HKLM\...\Run: [CPQEASYACC] - C:\Program Files\Compaq\Easy Access Button Support\STARTEAK.exe [32768 2001-12-14] (Compaq Computer Corporation)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [AudioDeck] - C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [528384 2007-08-09] (VIA Technologies, Inc.)
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [HTC Sync Loader] - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [585728 2011-01-07] ()
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [VNT] - C:\Program Files\VNT\vntldr.exe [202192 2013-11-08] (APN LLC.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-10-02] (Facebook Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\MSI US54SE II Wireless Client Utility.lnk
ShortcutTarget: MSI US54SE II Wireless Client Utility.lnk -> C:\Program Files\MSI\US54SE II\Installer\WINXP\MCU.exe (MSI Technology GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0405/bl7.asp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0405/bl8.asp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File
Toolbar: HKCU - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\The_Jacob\Data aplikací\Mozilla\Firefox\Profiles\rwq5jkbp.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - H:\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @pack.google.com/Google Updater;version=13 - C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll (Google)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: toolbar_PTV-RG - C:\Documents and Settings\The_Jacob\Data aplikací\Mozilla\Firefox\Profiles\rwq5jkbp.default\Extensions\toolbar_PTV-RG@apn.ask.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Extension: (HP Product Detection Plugin) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0
CHR Extension: (Google Docs) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (Webcam Toy) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0
CHR Extension: (Skype Click to Call) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0
CHR Extension: (Google Wallet) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\DOCUME~1\THE_JA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM\...\Chrome\Extension: [aaaahnibljmklpljnbpgfobmfpfhplch] - C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork\Toolbar\PTV-RG\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 gupdate1ca0973bda54276; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-20] (Google Inc.)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)
S3 LPDSVC; C:\Windows\System32\tcpsvcs.exe [19456 2002-09-23] (Microsoft Corporation)
R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2008-04-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2008-04-14] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2010-09-16] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21275 2013-04-06] (Meetinghouse Data Communications)
R1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [82380 2003-12-05] (Oak Technology Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [237096 2011-10-26] (Broadcom Corporation)
S3 Blfp; C:\Windows\System32\DRIVERS\baspxp32.sys [50816 2003-02-05] (Broadcom Corporation)
R1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [9072 2011-03-04] (Sonic Solutions)
R1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [9200 2011-03-04] (Sonic Solutions)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-09-14] (Disc Soft Ltd)
R3 eaps2kbd; C:\Windows\System32\DRIVERS\eaps2kbd.sys [24035 2001-12-29] (Compaq Computer Corp.)
R1 EAWDMFD; C:\Windows\system32\drivers\EAWDMFD.sys [24348 1999-10-30] (Compaq Computer Corporation)
R3 HSFHWBS2; C:\Windows\System32\DRIVERS\HSFBS2S2.sys [220032 2004-08-04] (Conexant Systems, Inc.)
R3 HSF_DP; C:\Windows\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-04] (Conexant Systems, Inc.)
S3 i81x; C:\Windows\System32\DRIVERS\i81xnt5.sys [161020 2004-08-04] (Intel(R) Corporation)
S3 iAimFP0; C:\Windows\System32\DRIVERS\wADV01nt.sys [12415 2004-08-04] (Intel(R) Corporation)
S3 iAimFP1; C:\Windows\System32\DRIVERS\wADV02NT.sys [12127 2004-08-04] (Intel(R) Corporation)
S3 iAimFP2; C:\Windows\System32\DRIVERS\wADV05NT.sys [11775 2004-08-04] (Intel(R) Corporation)
S3 iAimFP3; C:\Windows\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-04] (Intel(R) Corporation)
S3 iAimFP4; C:\Windows\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-04] (Intel(R) Corporation)
S3 iAimTV0; C:\Windows\System32\DRIVERS\wATV01nt.sys [29311 2004-08-04] (Intel(R) Corporation)
S3 iAimTV1; C:\Windows\System32\DRIVERS\wATV02NT.sys [19551 2004-08-04] (Intel(R) Corporation)
S3 iAimTV3; C:\Windows\System32\DRIVERS\wATV04nt.sys [33599 2004-08-04] (Intel(R) Corporation)
S3 iAimTV4; C:\Windows\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-04] (Intel(R) Corporation)
S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302332 2005-09-20] (Intel Corporation)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [92544 2008-04-13] (Microsoft Corporation)
S1 P3; C:\Windows\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
R2 prt1xw2k; C:\Windows\System32\Drivers\prt1xw2k.sys [13056 2003-05-15] ()
R3 RT73; C:\Windows\System32\DRIVERS\rt73.sys [476544 2009-07-17] (Ralink Technology, Corp.)
S4 Symmpi; C:\Windows\System32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic)
R3 VIAudio; C:\Windows\System32\drivers\vinyl97.sys [207488 2007-06-27] (VIA Technologies, Inc.)
R3 winachsf; C:\Windows\System32\DRIVERS\HSFCXTS2.sys [685056 2004-08-04] (Conexant Systems, Inc.)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\Windows\System32\drivers\ialmsbw.sys [112288 2003-03-13] (Intel Corporation)
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\Windows\System32\drivers\ialmkchw.sys [78496 2003-03-13] (Intel Corporation)
S3 catchme; \??\C:\DOCUME~1\THE_JA~1\LOCALS~1\Temp\catchme.sys [x]
S3 iAimTV2; System32\DRIVERS\wATV03nt.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-09 23:22 - 2013-11-09 23:22 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\The_Jacob\Plocha\FRSTLauncher.exe
2013-11-09 23:21 - 2013-11-09 23:21 - 01089445 _____ (Farbar) C:\Documents and Settings\The_Jacob\Plocha\FRST.exe
2013-11-09 23:21 - 2013-11-09 23:21 - 00000000 ____D C:\FRST
2013-11-09 23:19 - 2013-11-09 23:19 - 00000424 _____ C:\Documents and Settings\The_Jacob\Plocha\Domácí učitel angličtiny 1.lnk
2013-11-09 23:15 - 2013-11-09 23:15 - 00000000 ____D C:\Documents and Settings\The_Jacob\Nabídka Start\Programy\EDDICA
2013-11-09 16:55 - 2013-11-09 16:27 - 00003370 _____ C:\Documents and Settings\The_Jacob\Plocha\JRT.txt
2013-11-09 16:52 - 2013-11-09 16:52 - 00002541 _____ C:\Documents and Settings\The_Jacob\Plocha\AdwCleaner[S0].txt
2013-11-09 16:31 - 2013-11-09 16:35 - 00000000 ____D C:\AdwCleaner
2013-11-09 16:15 - 2013-11-09 16:15 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-09 15:27 - 2013-11-09 14:55 - 05145633 ____R (Swearware) C:\Documents and Settings\The_Jacob\Plocha\ComboFix.exe
2013-11-09 15:15 - 2013-11-09 15:15 - 00021261 _____ C:\Documents and Settings\The_Jacob\Plocha\ComboFix.txt
2013-11-09 15:01 - 2013-11-09 15:01 - 00000000 _RSHD C:\cmdcons
2013-11-09 15:01 - 2005-07-24 22:40 - 00000211 _____ C:\Boot.bak
2013-11-09 15:01 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2013-11-09 14:59 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-11-09 14:59 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-11-09 14:59 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-11-09 14:59 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-11-09 14:59 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-11-09 14:59 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-11-09 14:59 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-11-09 14:59 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-11-09 14:59 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-11-09 14:56 - 2013-11-09 15:15 - 00000000 ____D C:\Qoobox
2013-11-09 14:55 - 2013-11-09 15:13 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-09 14:44 - 2013-11-09 14:44 - 00000000 ____D C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\VNT
2013-11-09 14:44 - 2013-11-09 14:44 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
2013-11-09 14:43 - 2013-11-09 14:43 - 00000000 ____D C:\Program Files\VNT
2013-11-09 09:47 - 2013-11-09 09:51 - 00000048 _____ C:\Documents and Settings\The_Jacob\Data aplikací\mbam.context.scan
2013-11-09 09:46 - 2013-11-09 09:46 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Malwarebytes
2013-11-09 09:46 - 2013-11-09 09:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-11-07 18:10 - 2013-11-09 14:35 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\FILMY
2013-11-07 17:57 - 2013-11-09 14:35 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\ABSOLVENTKA
2013-11-02 18:23 - 2013-11-02 18:23 - 00000005 _____ C:\WINDOWS\system32\mvc3Seed.dll
2013-11-02 18:23 - 2005-05-25 15:57 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll
2013-11-02 18:23 - 2003-03-19 06:20 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFC71.dll
2013-11-02 18:23 - 2003-02-21 13:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Help
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Help
2013-11-01 21:21 - 2013-11-01 21:21 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Roxio
2013-11-01 21:06 - 2013-11-01 21:06 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Ahead
2013-11-01 21:03 - 2013-11-01 21:04 - 00000000 ____D C:\Documents and Settings\The_Jacob\Dokumenty\nc
2013-10-29 20:04 - 2008-04-13 20:47 - 00025856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-29 20:04 - 2008-04-13 20:47 - 00025856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbprint.sys
2013-10-28 23:42 - 2013-10-28 23:50 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\ŠkolaMix
2013-10-28 23:21 - 2013-10-28 23:21 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\ZOO
2013-10-28 23:20 - 2013-11-02 11:05 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Ruská Voda
2013-10-28 23:20 - 2013-10-28 23:20 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Tenis. soustředění
2013-10-28 23:15 - 2013-10-28 23:18 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Výstava
2013-10-28 23:12 - 2013-10-28 23:50 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Praha
2013-10-28 23:11 - 2013-10-28 23:45 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Mix
2013-10-28 23:11 - 2013-10-28 23:18 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Houby
2013-10-28 23:07 - 2013-10-28 23:24 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Techmania-Plzeň
2013-10-28 23:06 - 2013-10-28 23:25 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Chalupa
2013-10-28 23:04 - 2013-10-28 23:41 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Malta-2013
2013-10-28 23:01 - 2013-10-28 23:37 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Maledivy-2013
2013-10-28 23:00 - 2013-10-28 23:31 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Povodně-2013
2013-10-28 22:59 - 2013-10-28 23:17 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Mnichov
2013-10-28 22:58 - 2013-10-28 23:30 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Dánsko
2013-10-28 22:57 - 2013-10-28 23:26 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Peršlák
2013-10-28 22:56 - 2013-10-28 23:12 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Hory-2013
2013-10-28 22:55 - 2013-10-28 22:55 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Vánoce-2012
2013-10-28 22:53 - 2013-10-28 22:54 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Vídeň
2013-10-28 22:52 - 2013-10-28 23:28 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Tramvaje-mikulášská
2013-10-28 22:51 - 2013-10-28 23:24 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Svatba
2013-10-28 22:49 - 2013-10-28 23:45 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Lyžák
2013-10-28 22:45 - 2013-10-28 23:40 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Malta-RGG
2013-10-28 22:39 - 2013-10-28 22:39 - 00000484 _____ C:\Documents and Settings\The_Jacob\Plocha\KMPlayer.lnk
2013-10-28 22:39 - 2013-10-28 22:39 - 00000000 ____D C:\Documents and Settings\The_Jacob\Nabídka Start\Programy\The KMPlayer
2013-10-28 19:56 - 2013-10-28 19:56 - 00000000 __SHD C:\Documents and Settings\The_Jacob\Data aplikací\Common
2013-10-28 19:55 - 2013-10-28 19:55 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Binary Fortress Software
2013-10-25 18:05 - 2013-11-02 18:54 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Music mix
2013-10-25 18:04 - 2013-10-25 18:06 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Rudimental - Home (Deluxe Edition)
2013-10-21 17:15 - 2013-11-05 07:41 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Škola
2013-10-20 16:16 - 2008-04-14 03:29 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2013-10-20 16:16 - 2008-04-14 03:29 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhid.sys
2013-10-20 16:15 - 2013-10-20 16:15 - 00000000 ____D C:\Program Files\Logitech
2013-10-20 16:15 - 2013-10-20 16:15 - 00000000 ____D C:\Program Files\Common Files\Logitech
2013-10-20 16:15 - 2013-10-20 16:15 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Logitech
2013-10-20 16:12 - 2013-10-20 16:12 - 00000910 _____ C:\Documents and Settings\All Users\Plocha\CL-Eye Test.lnk
2013-10-20 16:12 - 2013-10-20 16:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CL-Eye Driver
2013-10-20 16:10 - 2013-10-20 16:10 - 00000818 _____ C:\Documents and Settings\All Users\Plocha\HTC Sync.lnk
2013-10-20 16:10 - 2013-10-20 16:10 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\HTC
2013-10-20 16:09 - 2013-10-20 16:10 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HTC Sync
2013-10-20 16:07 - 2013-10-20 16:07 - 00000000 ____D C:\Program Files\Spirent Communications
2013-10-20 16:07 - 2013-10-20 16:07 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HTC
2013-10-20 16:06 - 2013-10-20 16:09 - 00000000 ____D C:\Program Files\HTC
2013-10-20 16:05 - 2013-10-20 16:05 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-10-20 15:33 - 2013-11-06 22:49 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Milacek ;D
2013-10-20 15:31 - 2013-10-20 15:31 - 00000192 _____ C:\BcBtRmv.log
2013-10-20 15:17 - 2003-06-19 14:54 - 00233472 ____N (Hewlett Packerd) C:\WINDOWS\system32\swlpu.dll
2013-10-20 15:17 - 2003-05-16 02:42 - 00040960 ____N (Hewlett Packerd) C:\WINDOWS\system32\PResKor.dll
2013-10-20 15:17 - 2003-05-16 02:41 - 00110592 ____N (Hewlett Packerd) C:\WINDOWS\system32\PResFre.dll
2013-10-20 15:17 - 2003-05-16 02:40 - 00036864 ____N (Hewlett Packerd) C:\WINDOWS\system32\PResEng.dll
2013-10-20 15:17 - 2003-05-16 02:38 - 00036864 ____N (Hewlett Packerd) C:\WINDOWS\system32\PResJpn.dll
2013-10-20 15:17 - 2003-05-16 02:36 - 00110592 ____N (Hewlett Packerd) C:\WINDOWS\system32\PResGer.dll
2013-10-20 15:17 - 2003-05-16 02:35 - 00110592 ____N (Hewlett Packerd) C:\WINDOWS\system32\PResChi.dll
2013-10-20 15:16 - 2013-10-20 15:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HP WLAN
2013-10-20 15:16 - 2013-10-20 15:16 - 00000000 ____D C:\WINDOWS\system32\Samsung
2013-10-20 15:16 - 2013-10-20 15:16 - 00000000 ____D C:\Program Files\HP WLAN
2013-10-20 15:16 - 2003-05-15 07:32 - 00013056 ____N C:\WINDOWS\system32\Drivers\PRT1XW2K.SYS
2013-10-20 15:07 - 2013-10-20 15:07 - 00000052 _____ C:\WINDOWS\system32\DOErrors.log
2013-10-20 13:11 - 2013-10-20 13:11 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Visan
2013-10-20 12:30 - 2001-10-24 11:02 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serscan.sys
2013-10-20 12:30 - 2001-10-24 11:02 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\serscan.sys
2013-10-20 12:17 - 2013-11-09 20:40 - 00000466 _____ C:\WINDOWS\Tasks\At2.job
2013-10-20 12:17 - 2013-11-03 14:00 - 00000466 _____ C:\WINDOWS\Tasks\At4.job
2013-10-20 12:17 - 2013-11-03 13:17 - 00000466 _____ C:\WINDOWS\Tasks\At3.job
2013-10-20 12:17 - 2013-10-29 10:10 - 00000466 _____ C:\WINDOWS\Tasks\At1.job
2013-10-20 12:17 - 2013-10-20 12:17 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\HpUpdate
2013-10-20 12:16 - 2013-10-23 18:43 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
2013-10-20 12:16 - 2013-10-20 12:16 - 00002028 _____ C:\Documents and Settings\All Users\Plocha\HP Photosmart Plus B210 series.lnk
2013-10-20 12:16 - 2013-10-20 12:16 - 00001731 _____ C:\Documents and Settings\All Users\Plocha\HP ePrintCenter - HP Photosmart Plus B210 series.lnk
2013-10-20 12:16 - 2013-10-20 12:16 - 00000971 _____ C:\Documents and Settings\All Users\Plocha\Nakupujte spotřební materiál - HP Photosmart Plus B210 series.lnk
2013-10-20 12:16 - 2013-10-20 12:16 - 00000966 _____ C:\Documents and Settings\All Users\Plocha\HP Photosmart Plus B210 series Scan.lnk
2013-10-20 12:16 - 2010-11-17 02:19 - 01792872 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\HPScanMiniDrv_PSB210.dll
2013-10-20 12:16 - 2010-11-17 02:19 - 00267112 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinksts8e11LM.dll
2013-10-20 12:16 - 2010-11-17 02:19 - 00232296 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinksts8e11.dll
2013-10-20 12:16 - 2010-11-17 02:19 - 00213864 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoi8e11.dll
2013-10-20 12:16 - 2010-11-16 20:10 - 00527208 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM8e11.dll
2013-10-20 12:15 - 2013-10-20 13:09 - 00000000 ____D C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\HP
2013-10-20 12:15 - 2013-10-20 13:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\HP
2013-10-20 12:15 - 2013-10-20 12:17 - 00000000 ____D C:\Program Files\HP
2013-10-15 19:17 - 2013-10-15 20:45 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Macklemore & Ryan Lewis - The Heist (Deluxe Edition) (2012)
2013-10-15 19:16 - 2013-10-15 20:45 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Night Visions
2013-10-13 19:05 - 2013-10-13 19:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-13 19:04 - 2013-10-13 19:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-13 18:51 - 2013-10-13 18:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-13 18:50 - 2013-10-13 18:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-13 18:44 - 2013-10-13 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-13 18:43 - 2013-10-13 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 17:10 - 2013-07-03 02:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-11 17:08 - 2013-08-09 01:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-11 17:08 - 2013-08-09 01:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-09 23:30 - 2009-08-05 15:03 - 00000482 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{DEC88521-5DE4-4B9D-9799-10AA0862DC3B}.job
2013-11-09 23:24 - 2013-04-07 17:43 - 00000000 ___HD C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací
2013-11-09 23:24 - 2013-04-07 17:43 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha
2013-11-09 23:22 - 2013-11-09 23:22 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\The_Jacob\Plocha\FRSTLauncher.exe
2013-11-09 23:21 - 2013-11-09 23:21 - 01089445 _____ (Farbar) C:\Documents and Settings\The_Jacob\Plocha\FRST.exe
2013-11-09 23:21 - 2013-11-09 23:21 - 00000000 ____D C:\FRST
2013-11-09 23:19 - 2013-11-09 23:19 - 00000424 _____ C:\Documents and Settings\The_Jacob\Plocha\Domácí učitel angličtiny 1.lnk
2013-11-09 23:15 - 2013-11-09 23:15 - 00000000 ____D C:\Documents and Settings\The_Jacob\Nabídka Start\Programy\EDDICA
2013-11-09 23:15 - 2013-04-07 17:43 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Nabídka Start\Programy
2013-11-09 22:39 - 2005-07-24 15:22 - 01763934 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-09 21:56 - 2009-07-20 21:08 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-09 21:53 - 2013-04-07 20:12 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-09 21:48 - 2013-09-16 22:09 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Audacity
2013-11-09 20:40 - 2013-10-20 12:17 - 00000466 _____ C:\WINDOWS\Tasks\At2.job
2013-11-09 19:24 - 2013-09-05 16:55 - 00002563 _____ C:\Documents and Settings\The_Jacob\Plocha\Microsoft Office Word 2007.lnk
2013-11-09 18:00 - 2005-07-25 21:04 - 00000000 ____D C:\Program Files\Google
2013-11-09 18:00 - 2003-12-03 22:12 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-09 18:00 - 2003-12-03 22:12 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2013-11-09 18:00 - 2003-12-03 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-09 16:52 - 2013-11-09 16:52 - 00002541 _____ C:\Documents and Settings\The_Jacob\Plocha\AdwCleaner[S0].txt
2013-11-09 16:46 - 2002-11-02 07:32 - 01246838 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-09 16:43 - 2013-09-05 06:30 - 00000316 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-11-09 16:42 - 2013-09-06 14:41 - 00088566 _____ C:\WINDOWS\system32\nvapps.xml
2013-11-09 16:42 - 2013-04-10 14:47 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-09 16:42 - 2013-04-10 14:47 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-11-09 16:42 - 2009-07-20 21:08 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-09 16:42 - 2009-07-20 20:52 - 00000960 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-11-09 16:42 - 2003-12-03 22:12 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-11-09 16:42 - 2002-11-02 07:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-09 16:42 - 2002-11-02 07:47 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-09 16:41 - 2002-11-02 07:48 - 00032406 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-09 16:40 - 2013-04-07 17:43 - 00000178 ___SH C:\Documents and Settings\The_Jacob\ntuser.ini
2013-11-09 16:40 - 2013-04-07 17:43 - 00000000 ____D C:\Documents and Settings\The_Jacob
2013-11-09 16:35 - 2013-11-09 16:31 - 00000000 ____D C:\AdwCleaner
2013-11-09 16:34 - 2003-12-03 22:12 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-09 16:30 - 2013-09-14 19:07 - 00091648 ___SH C:\Documents and Settings\The_Jacob\Plocha\Thumbs.db
2013-11-09 16:27 - 2013-11-09 16:55 - 00003370 _____ C:\Documents and Settings\The_Jacob\Plocha\JRT.txt
2013-11-09 16:17 - 2013-04-07 17:43 - 00000000 __RHD C:\Documents and Settings\The_Jacob\Data aplikací
2013-11-09 16:15 - 2013-11-09 16:15 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-09 15:15 - 2013-11-09 15:15 - 00021261 _____ C:\Documents and Settings\The_Jacob\Plocha\ComboFix.txt
2013-11-09 15:15 - 2013-11-09 14:56 - 00000000 ____D C:\Qoobox
2013-11-09 15:13 - 2013-11-09 14:55 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-09 15:12 - 2002-11-02 08:24 - 00000246 _____ C:\WINDOWS\system.ini
2013-11-09 15:11 - 2003-12-03 22:12 - 00000000 ____D C:\Documents and Settings\Administrator
2013-11-09 15:01 - 2013-11-09 15:01 - 00000000 _RSHD C:\cmdcons
2013-11-09 15:01 - 2002-11-02 07:29 - 00000327 __RSH C:\boot.ini
2013-11-09 14:55 - 2013-11-09 15:27 - 05145633 ____R (Swearware) C:\Documents and Settings\The_Jacob\Plocha\ComboFix.exe
2013-11-09 14:44 - 2013-11-09 14:44 - 00000000 ____D C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\VNT
2013-11-09 14:44 - 2013-11-09 14:44 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
2013-11-09 14:44 - 2011-12-07 17:29 - 00001700 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-11-09 14:44 - 2002-11-02 07:37 - 00002504 ____C C:\WINDOWS\system32\CONFIG.NT
2013-11-09 14:43 - 2013-11-09 14:43 - 00000000 ____D C:\Program Files\VNT
2013-11-09 14:43 - 2013-04-07 17:43 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Dokumenty
2013-11-09 14:42 - 2013-04-07 17:43 - 00001610 _____ C:\Documents and Settings\The_Jacob\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-09 14:37 - 2003-12-03 22:12 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-11-09 14:37 - 2003-12-03 22:12 - 00000000 ____D C:\WINDOWS\Registration
2013-11-09 14:35 - 2013-11-07 18:10 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\FILMY
2013-11-09 14:35 - 2013-11-07 17:57 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\ABSOLVENTKA
2013-11-09 14:33 - 2013-09-08 16:19 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Skype
2013-11-09 10:10 - 2013-04-07 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2723135-v2$
2013-11-09 09:51 - 2013-11-09 09:47 - 00000048 _____ C:\Documents and Settings\The_Jacob\Data aplikací\mbam.context.scan
2013-11-09 09:46 - 2013-11-09 09:46 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Malwarebytes
2013-11-09 09:46 - 2013-11-09 09:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-11-06 22:49 - 2013-10-20 15:33 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Milacek ;D
2013-11-06 21:37 - 2013-04-07 17:43 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Dokumenty\Obrázky
2013-11-05 07:41 - 2013-10-21 17:15 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Škola
2013-11-03 14:00 - 2013-10-20 12:17 - 00000466 _____ C:\WINDOWS\Tasks\At4.job
2013-11-03 13:17 - 2013-10-20 12:17 - 00000466 _____ C:\WINDOWS\Tasks\At3.job
2013-11-02 22:48 - 2013-10-05 16:41 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Winamp
2013-11-02 22:48 - 2013-09-08 16:18 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-11-02 18:54 - 2013-10-25 18:05 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Music mix
2013-11-02 18:23 - 2013-11-02 18:23 - 00000005 _____ C:\WINDOWS\system32\mvc3Seed.dll
2013-11-02 11:05 - 2013-10-28 23:20 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Ruská Voda
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Help
2013-11-01 21:23 - 2013-11-01 21:23 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Help
2013-11-01 21:21 - 2013-11-01 21:21 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Roxio
2013-11-01 21:14 - 2003-12-03 13:27 - 00002674 _____ C:\devicetable.log
2013-11-01 21:06 - 2013-11-01 21:06 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Ahead
2013-11-01 21:04 - 2013-11-01 21:03 - 00000000 ____D C:\Documents and Settings\The_Jacob\Dokumenty\nc
2013-10-31 22:28 - 2013-09-14 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-30 12:52 - 2013-04-09 17:07 - 00010752 ____C C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-29 10:10 - 2013-10-20 12:17 - 00000466 _____ C:\WINDOWS\Tasks\At1.job
2013-10-28 23:50 - 2013-10-28 23:42 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\ŠkolaMix
2013-10-28 23:50 - 2013-10-28 23:12 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Praha
2013-10-28 23:45 - 2013-10-28 23:11 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Mix
2013-10-28 23:45 - 2013-10-28 22:49 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Lyžák
2013-10-28 23:41 - 2013-10-28 23:04 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Malta-2013
2013-10-28 23:40 - 2013-10-28 22:45 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Malta-RGG
2013-10-28 23:37 - 2013-10-28 23:01 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Maledivy-2013
2013-10-28 23:31 - 2013-10-28 23:00 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Povodně-2013
2013-10-28 23:30 - 2013-10-28 22:58 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Dánsko
2013-10-28 23:28 - 2013-10-28 22:52 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Tramvaje-mikulášská
2013-10-28 23:26 - 2013-10-28 22:57 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Peršlák
2013-10-28 23:25 - 2013-10-28 23:06 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Chalupa
2013-10-28 23:24 - 2013-10-28 23:07 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Techmania-Plzeň
2013-10-28 23:24 - 2013-10-28 22:51 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Svatba
2013-10-28 23:21 - 2013-10-28 23:21 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\ZOO
2013-10-28 23:21 - 2013-09-18 15:51 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Rebecca-R.I.P
2013-10-28 23:20 - 2013-10-28 23:20 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Tenis. soustředění
2013-10-28 23:18 - 2013-10-28 23:15 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Výstava
2013-10-28 23:18 - 2013-10-28 23:11 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Houby
2013-10-28 23:17 - 2013-10-28 22:59 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Mnichov
2013-10-28 23:12 - 2013-10-28 22:56 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Hory-2013
2013-10-28 22:55 - 2013-10-28 22:55 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Vánoce-2012
2013-10-28 22:54 - 2013-10-28 22:53 - 00000000 ____D C:\Documents and Settings\The_Jacob\Plocha\Vídeň
2013-10-28 22:39 - 2013-10-28 22:39 - 00000484 _____ C:\Documents and Settings\The_Jacob\Plocha\KMPlayer.lnk
2013-10-28 22:39 - 2013-10-28 22:39 - 00000000 ____D C:\Documents and Settings\The_Jacob\Nabídka Start\Programy\The KMPlayer
2013-10-28 19:56 - 2013-10-28 19:56 - 00000000 __SHD C:\Documents and Settings\The_Jacob\Data aplikací\Common
2013-10-28 19:55 - 2013-10-28 19:55 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Binary Fortress Software
2013-10-25 18:06 - 2013-10-25 18:04 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Rudimental - Home (Deluxe Edition)
2013-10-24 16:07 - 2013-04-07 17:43 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Nabídka Start\Programy\Po spuštění
2013-10-23 18:43 - 2013-10-20 12:16 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
2013-10-21 16:22 - 2013-09-05 16:56 - 00002481 _____ C:\Documents and Settings\The_Jacob\Plocha\Microsoft Office PowerPoint 2007.lnk
2013-10-20 19:47 - 2013-10-07 21:10 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Pictures mix
2013-10-20 16:17 - 2003-12-03 22:12 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-10-20 16:15 - 2013-10-20 16:15 - 00000000 ____D C:\Program Files\Logitech
2013-10-20 16:15 - 2013-10-20 16:15 - 00000000 ____D C:\Program Files\Common Files\Logitech
2013-10-20 16:15 - 2013-10-20 16:15 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Logitech
2013-10-20 16:12 - 2013-10-20 16:12 - 00000910 _____ C:\Documents and Settings\All Users\Plocha\CL-Eye Test.lnk
2013-10-20 16:12 - 2013-10-20 16:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CL-Eye Driver
2013-10-20 16:10 - 2013-10-20 16:10 - 00000818 _____ C:\Documents and Settings\All Users\Plocha\HTC Sync.lnk
2013-10-20 16:10 - 2013-10-20 16:10 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\HTC
2013-10-20 16:10 - 2013-10-20 16:09 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HTC Sync
2013-10-20 16:09 - 2013-10-20 16:06 - 00000000 ____D C:\Program Files\HTC
2013-10-20 16:07 - 2013-10-20 16:07 - 00000000 ____D C:\Program Files\Spirent Communications
2013-10-20 16:07 - 2013-10-20 16:07 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HTC
2013-10-20 16:05 - 2013-10-20 16:05 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-10-20 16:05 - 2013-09-15 18:05 - 00000000 ____D C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Adobe
2013-10-20 16:05 - 2013-04-07 20:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-10-20 16:05 - 2013-04-07 18:09 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\Adobe
2013-10-20 16:05 - 2009-06-30 02:06 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-10-20 16:05 - 2003-12-05 19:04 - 00000000 ____D C:\Program Files\Adobe
2013-10-20 16:04 - 2013-09-06 14:20 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2013-10-20 16:04 - 2013-09-06 14:16 - 00851176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2013-10-20 16:04 - 2012-12-06 10:57 - 00074752 _____ C:\WINDOWS\system32\CLEyeDevices.dll
2013-10-20 15:32 - 2003-12-03 22:12 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2013-10-20 15:31 - 2013-10-20 15:31 - 00000192 _____ C:\BcBtRmv.log
2013-10-20 15:27 - 2003-12-03 22:12 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-10-20 15:17 - 2013-10-20 15:16 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HP WLAN
2013-10-20 15:16 - 2013-10-20 15:16 - 00000000 ____D C:\WINDOWS\system32\Samsung
2013-10-20 15:16 - 2013-10-20 15:16 - 00000000 ____D C:\Program Files\HP WLAN
2013-10-20 15:16 - 2003-12-03 22:12 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-20 15:07 - 2013-10-20 15:07 - 00000052 _____ C:\WINDOWS\system32\DOErrors.log
2013-10-20 15:02 - 2003-12-05 19:02 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-10-20 13:11 - 2013-10-20 13:11 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Visan
2013-10-20 13:09 - 2013-10-20 12:15 - 00000000 ____D C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\HP
2013-10-20 13:09 - 2013-10-20 12:15 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\HP
2013-10-20 12:30 - 2013-07-15 15:16 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2013-10-20 12:17 - 2013-10-20 12:17 - 00000000 ____D C:\Documents and Settings\The_Jacob\Data aplikací\HpUpdate
2013-10-20 12:17 - 2013-10-20 12:15 - 00000000 ____D C:\Program Files\HP
2013-10-20 12:16 - 2013-10-20 12:16 - 00002028 _____ C:\Documents and Settings\All Users\Plocha\HP Photosmart Plus B210 series.lnk
2013-10-20 12:16 - 2013-10-20 12:16 - 00001731 _____ C:\Documents and Settings\All Users\Plocha\HP ePrintCenter - HP Photosmart Plus B210 series.lnk
2013-10-20 12:16 - 2013-10-20 12:16 - 00000971 _____ C:\Documents and Settings\All Users\Plocha\Nakupujte spotřební materiál - HP Photosmart Plus B210 series.lnk
2013-10-20 12:16 - 2013-10-20 12:16 - 00000966 _____ C:\Documents and Settings\All Users\Plocha\HP Photosmart Plus B210 series Scan.lnk
2013-10-20 12:16 - 2003-12-03 22:12 - 00000000 ____D C:\WINDOWS\twain_32
2013-10-18 22:16 - 2013-07-15 16:13 - 00001824 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-10-16 17:36 - 2013-09-08 16:18 - 00000000 ___RD C:\Program Files\Skype
2013-10-16 17:36 - 2013-09-08 16:18 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2013-10-15 20:45 - 2013-10-15 19:17 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Macklemore & Ryan Lewis - The Heist (Deluxe Edition) (2012)
2013-10-15 20:45 - 2013-10-15 19:16 - 00000000 ___RD C:\Documents and Settings\The_Jacob\Plocha\Night Visions
2013-10-14 14:47 - 2009-08-05 15:53 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-13 20:22 - 2002-11-02 07:42 - 00350584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-13 19:15 - 2013-09-04 19:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-10-13 19:06 - 2013-10-13 19:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-13 19:04 - 2013-10-13 19:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-13 19:03 - 2013-09-06 22:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-13 18:58 - 2005-07-24 20:44 - 78106760 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-13 18:51 - 2013-10-13 18:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-13 18:51 - 2013-10-13 18:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-13 18:44 - 2013-10-13 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-13 18:44 - 2009-08-05 14:54 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-13 18:43 - 2013-10-13 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-10 17:01 - 2013-09-14 20:22 - 00000000 ____D C:\Documents and Settings\The_Jacob\Dokumenty\GTA San Andreas User Files

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job

Some content of TEMP:
====================
C:\Documents and Settings\The_Jacob\Local Settings\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2002-09-23 02:00] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2002-09-23 02:00] - [2008-04-14 04:22] - 0507904 ____N (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2002-09-23 02:00] - [2008-04-14 04:22] - 0014336 ____N (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2002-09-23 02:00] - [2009-02-09 12:25] - 0111104 ____N (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2002-09-23 02:00] - [2008-04-14 04:22] - 0578560 ____N (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2002-09-23 02:00] - [2008-04-14 04:22] - 0026112 ____N (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2002-09-23 02:00] - [2008-04-14 03:12] - 0052480 ____C (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Místní disk) (Fixed) (Total:37.26 GB) (Free:3.97 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive g: (System) (Fixed) (Total:37.31 GB) (Free:3.08 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive h: (Data) (Fixed) (Total:74.48 GB) (Free:52.15 GB) NTFS

Available physical RAM: 963.26 MB
Total physical RAM: 2047.48 MB
Percentage of memory in use: 52%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 37 GB) (Disk ID: BAD2BAD2)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
Disk: 1 (Size: 112 GB) (Disk ID: 29522951)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => c:\Program Files\Microsoft IntelliPoint\ipoint.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{DEC88521-5DE4-4B9D-9799-10AA0862DC3B}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\The_Jacob\Plocha" je 9300 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck
C:\WINDOWS\system32\NeroCheck.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"H:\\Winamp\\winamp.exe"="H:\\Winamp\\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Documents and Settings\\The_Jacob\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\The_Jacob\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"H:\\Winamp\\winamp.exe"="H:\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\HP\\HP Photosmart Plus B210 series\\Bin\\DeviceSetup.exe"="C:\\Program Files\\HP\\HP Photosmart Plus B210 series\\Bin\\DeviceSetup.exe:LocalSubNet:Enabled:Instalace zazen HP"
"C:\\Program Files\\HP\\HP Photosmart Plus B210 series\\Bin\\HPNetworkCommunicator.exe"="C:\\Program Files\\HP\\HP Photosmart Plus B210 series\\Bin\\HPNetworkCommunicator.exe:LocalSubNet:Enabled:Sov komuniktor HP"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

#12 Příspěvek od **vyosek** » 09 lis 2013 23:40

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-10-02] (Facebook Inc.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0405/bl7.asp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0405/bl8.asp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File
Toolbar: HKLM - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File
Toolbar: HKCU - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File

DisableService: gupdate1ca0973bda54276
DisableService: JavaQuickStarterService

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

2013-11-09 16:55 - 2013-11-09 16:27 - 00003370 _____ C:\Documents and Settings\The_Jacob\Plocha\JRT.txt
2013-11-09 16:52 - 2013-11-09 16:52 - 00002541 _____ C:\Documents and Settings\The_Jacob\Plocha\AdwCleaner[S0].txt
2013-11-09 16:31 - 2013-11-09 16:35 - 00000000 ____D C:\AdwCleaner
2013-11-09 15:15 - 2013-11-09 15:15 - 00021261 _____ C:\Documents and Settings\The_Jacob\Plocha\ComboFix.txt

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => c:\Program Files\Microsoft IntelliPoint\ipoint.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{DEC88521-5DE4-4B9D-9799-10AA0862DC3B}.job => C:\WINDOWS\system32\msfeedssync.exe

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Jacob.J · #13 Příspěvek od **Jacob.J** » 09 lis 2013 23:51

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by The_Jacob at 2013-11-09 23:44:38 Run:1
Running from C:\Documents and Settings\The_Jacob\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\The_Jacob\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-10-02] (Facebook Inc.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0405/bl7.asp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0405/bl8.asp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File
Toolbar: HKLM - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File
Toolbar: HKCU - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" No File

DisableService: gupdate1ca0973bda54276
DisableService: JavaQuickStarterService

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

2013-11-09 16:55 - 2013-11-09 16:27 - 00003370 _____ C:\Documents and Settings\The_Jacob\Plocha\JRT.txt
2013-11-09 16:52 - 2013-11-09 16:52 - 00002541 _____ C:\Documents and Settings\The_Jacob\Plocha\AdwCleaner[S0].txt
2013-11-09 16:31 - 2013-11-09 16:35 - 00000000 ____D C:\AdwCleaner
2013-11-09 15:15 - 2013-11-09 15:15 - 00021261 _____ C:\Documents and Settings\The_Jacob\Plocha\ComboFix.txt

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => c:\Program Files\Microsoft IntelliPoint\ipoint.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{DEC88521-5DE4-4B9D-9799-10AA0862DC3B}.job => C:\WINDOWS\system32\msfeedssync.exe

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MsmqIntCert => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7} => Key deleted successfully.
HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{5054562D-5247-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5054562D-5247-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7} => Key not found.
gupdate1ca0973bda54276 service was disabled
JavaQuickStarterService service was disabled
Winsock - Google Desktop Search Backup Before First Install => Service deleted successfully.
Winsock - Google Desktop Search Backup Before Last Install => Service deleted successfully.
C:\Documents and Settings\The_Jacob\Plocha\JRT.txt => Moved successfully.
C:\Documents and Settings\The_Jacob\Plocha\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\The_Jacob\Plocha\ComboFix.txt => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\At1.job => Moved successfully.
C:\WINDOWS\Tasks\At2.job => Moved successfully.
C:\WINDOWS\Tasks\At3.job => Moved successfully.
C:\WINDOWS\Tasks\At4.job => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
C:\WINDOWS\Tasks\Google Software Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => Moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{DEC88521-5DE4-4B9D-9799-10AA0862DC3B}.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#14 Příspěvek od **vyosek** » 09 lis 2013 23:58

Jak se chova PC?

Jacob.J · #15 Příspěvek od **Jacob.J** » 09 lis 2013 23:59

Normálně, jak se choval. Nic zvláštního se nědeje. Pokud myslite toto.

VIRY.CZ

Prosím o kontolu logu, díky

Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky

Re: Prosím o kontolu logu, díky