Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Internet Security 2013 dočištění

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
xgazzyx
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 črc 2013 11:14

Internet Security 2013 dočištění

#1 Příspěvek od xgazzyx »

Ahoj. Prosím o kontrolu logu. Je to z PC kamarádky. Natáhla si do PC Internet Security.. Stáhl jsem "něco" co by to mělo umět odvirovat. PC už funguje bez problému, tak jen jestli tu nejsou nějaké zbytky. Předpokládám, že v PC bude kupa bordelu - typický dívčí NTB :) Předem díky

Logfile of random's system information tool 1.09 (written by random/random)
Run by Klára at 2013-07-27 12:17:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 310 GB (52%) free of 595 GB
Total RAM: 3947 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:54, on 27.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE
C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
C:\Users\Klára\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Hi Suite\Hi Suite.exe
C:\Program Files (x86)\Hi Suite\ADB\adb.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Klára.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Free Lunch Design TB Toolbar - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - C:\Program Files (x86)\Free_Lunch_Design_TB\prxtbFree.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Free Lunch Design TB - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - C:\Program Files (x86)\Free_Lunch_Design_TB\prxtbFree.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Free Lunch Design TB Toolbar - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - C:\Program Files (x86)\Free_Lunch_Design_TB\prxtbFree.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Mobile Partner] C:\Program Files (x86)\Hi Suite\Hi Suite.exe -s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Klára\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Klára\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Users\Klára\Desktop\VŠ\Verdict Free\etnxp.dll (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Users\Klára\Desktop\VŠ\Verdict Free\etnxp.dll (file missing)
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Users\Klára\Desktop\VŠ\Verdict Free\etnxp.dll (file missing)
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13342 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
WLIDSvcM.exe 1844
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE !hide Canon LBP3010/LBP3018/LBP3050
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe" /auto
szndesktop.exe default start
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Hi Suite\Hi Suite.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
adb fork-server server
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2688 CREDAT:4076568 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2688 CREDAT:4142157 /prefetch:2
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Windows\system32\StikyNot.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2688 CREDAT:3945473 /prefetch:2
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe43_ Global\UsGthrCtrlFltPipeMssGthrPipe43 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Klára\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Acer Registration - Reminder Recall task.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default

prefs.js - "browser.startup.homepage" - "http://www2.delta-search.com/?affID=119 ... A3C4CA0483"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml

C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\extensions\
{a5ae8924-4036-420f-b7f6-a47e4b8f692e}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\searchplugins\
babylon.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-08 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-21 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}]
Free Lunch Design TB Toolbar - C:\Program Files (x86)\Free_Lunch_Design_TB\prxtbFree.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-08 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{a5ae8924-4036-420f-b7f6-a47e4b8f692e} - Free Lunch Design TB Toolbar - C:\Program Files (x86)\Free_Lunch_Design_TB\prxtbFree.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-12-30 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-12-30 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-12-30 418328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2531624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-12 11775592]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-10 2186856]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-21 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-21 379552]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-02-23 1796200]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2007-09-05 406944]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 4035152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Google Update"=C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-18 136176]
"Facebook Update"=C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"cz.seznam.software.autoupdate"=C:\Users\Klára\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Klára\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]
"SDP"=C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [2013-01-31 201808]
"RESTART_STICKY_NOTES"=C:\Windows\system32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [2011-09-18 1892352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Mobile Partner"=C:\Program Files (x86)\Hi Suite\Hi Suite.exe [2012-07-08 518656]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-12-23 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-27 12:17:35 ----D---- C:\rsit
2013-07-27 12:17:35 ----D---- C:\Program Files\trend micro
2013-07-25 22:05:28 ----A---- C:\Windows\system32\roboot64.exe
2013-07-25 22:05:27 ----D---- C:\Users\Klára\AppData\Roaming\systweak
2013-07-25 22:05:27 ----D---- C:\Program Files (x86)\RegClean Pro
2013-07-25 22:05:13 ----A---- C:\Windows\SYSWOW64\ssleay32.dll
2013-07-25 22:05:13 ----A---- C:\Windows\SYSWOW64\libeay32.dll
2013-07-25 22:05:13 ----A---- C:\Windows\eSellerateEngine.dll
2013-07-25 22:05:13 ----A---- C:\Windows\eSellerateControl350.dll
2013-07-25 22:05:12 ----D---- C:\Program Files (x86)\Internet Security Pro 2013 Vvirus Removal Tool
2013-07-25 21:57:11 ----SHD---- C:\Config.Msi
2013-07-25 21:53:59 ----D---- C:\Program Files\Enigma Software Group
2013-07-25 21:53:46 ----D---- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-25 21:33:55 ----A---- C:\Windows\ntbtlog.txt
2013-07-18 15:20:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-15 22:50:01 ----D---- C:\ProgramData\Mozilla
2013-07-15 22:50:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-15 03:09:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-15 03:09:41 ----A---- C:\Windows\system32\ieui.dll
2013-07-15 03:09:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-15 03:09:40 ----A---- C:\Windows\system32\iesetup.dll
2013-07-15 03:09:40 ----A---- C:\Windows\system32\iernonce.dll
2013-07-15 03:09:39 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-15 03:09:39 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-15 03:09:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-15 03:09:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-15 03:09:39 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-15 03:09:39 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-15 03:09:39 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-15 03:09:38 ----A---- C:\Windows\system32\iertutil.dll
2013-07-15 03:09:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-15 03:09:36 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-15 03:09:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-15 03:09:36 ----A---- C:\Windows\system32\jscript.dll
2013-07-15 03:09:34 ----A---- C:\Windows\system32\jscript9.dll
2013-07-15 03:09:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-15 03:09:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-15 03:09:32 ----A---- C:\Windows\system32\urlmon.dll
2013-07-15 03:09:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-15 03:09:30 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-15 03:09:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-15 03:09:27 ----A---- C:\Windows\system32\wininet.dll
2013-07-15 03:09:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-15 03:09:21 ----A---- C:\Windows\system32\ieframe.dll
2013-07-15 03:09:20 ----A---- C:\Windows\system32\mshtml.dll
2013-07-15 03:09:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-13 16:55:05 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-13 16:55:05 ----A---- C:\Windows\system32\qedit.dll
2013-07-13 16:55:03 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-13 16:55:02 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-13 16:54:29 ----A---- C:\Windows\system32\win32k.sys
2013-07-13 16:53:36 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-13 16:53:36 ----A---- C:\Windows\system32\DWrite.dll

======List of files/folders modified in the last 1 month======

2013-07-27 12:17:49 ----D---- C:\Windows\Temp
2013-07-27 12:17:35 ----RD---- C:\Program Files
2013-07-27 11:31:58 ----D---- C:\Windows\system32\config
2013-07-27 10:35:03 ----D---- C:\Windows\System32
2013-07-27 10:35:03 ----D---- C:\Windows\inf
2013-07-27 10:35:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-25 22:33:05 ----D---- C:\Users\Klára\AppData\Roaming\Seznam.cz
2013-07-25 22:29:49 ----A---- C:\Windows\SYSWOW64\log.txt
2013-07-25 22:05:27 ----RD---- C:\Program Files (x86)
2013-07-25 22:05:13 ----D---- C:\Windows\SysWOW64
2013-07-25 22:05:13 ----D---- C:\Windows
2013-07-25 21:57:15 ----SHD---- C:\Windows\Installer
2013-07-25 21:57:15 ----SD---- C:\Users\Klára\AppData\Roaming\Microsoft
2013-07-25 21:57:12 ----HD---- C:\ProgramData
2013-07-25 21:54:03 ----D---- C:\Windows\system32\drivers
2013-07-25 21:53:41 ----D---- C:\Program Files (x86)\Common Files
2013-07-25 21:23:55 ----D---- C:\Windows\Prefetch
2013-07-24 23:34:26 ----A---- C:\Windows\NeroDigital.ini
2013-07-24 21:02:18 ----D---- C:\Windows\system32\NDF
2013-07-23 19:10:46 ----SHD---- C:\System Volume Information
2013-07-15 23:40:00 ----D---- C:\Windows\system32\catroot2
2013-07-15 03:50:45 ----D---- C:\Windows\Microsoft.NET
2013-07-15 03:50:27 ----RSD---- C:\Windows\assembly
2013-07-15 03:35:47 ----D---- C:\Windows\winsxs
2013-07-15 03:34:20 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-15 03:34:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-15 03:33:29 ----D---- C:\Program Files\Windows Defender
2013-07-15 03:33:29 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-15 03:33:28 ----D---- C:\Program Files\Internet Explorer
2013-07-15 03:33:28 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-15 03:33:27 ----D---- C:\Program Files\Windows Journal
2013-07-15 03:11:30 ----A---- C:\Windows\system32\MRT.exe
2013-07-15 03:10:58 ----D---- C:\ProgramData\Microsoft Help
2013-07-15 03:10:08 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-31 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-22 270912]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-05-09 22912]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-05-09 20328]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-05-09 62584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-09 2377216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-01-21 28832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-12-23 12260000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-13 2712680]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1404464]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\fxxandroidusb.sys [2011-03-22 31744]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-01-21 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-01-21 298144]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-01-21 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-01-21 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-01-21 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-01-21 279200]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 qcusbser;USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\FXX\qcusbser.sys [2011-03-22 364288]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2010-10-29 326760]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-21 76448]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-02-23 873064]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-07-28 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-18 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-10 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Naposledy upravil(a) vyosek dne 27 črc 2013 11:40, celkem upraveno 1 x.
Důvod: Log odstranen z [code]
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Internet Security 2013 dočištění

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Kdyz pouziva cracknuty bezpecnostni SW, tak se neni cemu divit :?:

:arrow: Pred pokracovanim, vas musim pozadat o odstraneni NELEGALNIHO ESETu. Tento muj "pozadavek" vychazi z platnych pravidel fora http://forum.viry.cz/viewtopic.php?f=12&t=115512, ktere jste vy i ja povinnen dodrzovat
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
:arrow: Takze pokud chcete pomoci, tak jej odinstalujte, nainstalujte free reseni (napr. Avast), napiste a budeme pokracovat
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
Pavuk29
VIP in memoriam
VIP in memoriam
Příspěvky: 6953
Registrován: 31 říj 2003 08:26
Bydliště: Banská Bystrica
Kontaktovat uživatele:
Kontaktovat uživatele Pavuk29

Re: Internet Security 2013 dočištění

#3 Příspěvek od Pavuk29 »

xgazzyx píše:Ahoj. Prosím o kontrolu logu. Je to z PC kamarádky. Natáhla si do PC Internet Security.. Stáhl jsem "něco" co by to mělo umět odvirovat. PC už funguje bez problému, tak jen jestli tu nejsou nějaké zbytky. Předpokládám, že v PC bude kupa bordelu - typický dívčí NTB :)
Teba asi zeny zboznuju :)
------------------------------------------------------------------------------------------------------------------------------
:!: PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA :!: :spam:
------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora, :207: pripadne s inymi uzivatelmi, :whip: kontaktujte ma na ICQ alebo mailom :31: na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.
http://www.icq.com/people/267560078/
:183: hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821
:!: pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
Nahoru
xgazzyx
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 črc 2013 11:14

Re: Internet Security 2013 dočištění

#4 Příspěvek od xgazzyx »

Eset byl zakoupeny, licence expirovala - uz neaktualizuje
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Internet Security 2013 dočištění

#5 Příspěvek od vyosek »

xgazzyx píše:Eset byl zakoupeny, licence expirovala - uz neaktualizuje
Pouzivani verze po expirace licence = poruseni licencnich podminek = pouzivani produktu nelegalne, porusovani autorskeho zakona a pachani trestneho cinu...

A navic je tam pouzity crack, takze si pohadky o expiraci nechte pro kamaradku a nedelejte ze me medvidky...

Nebo ten crack neni crackem ale treba simulator akvarijnich rybicek :?:


No ale delejte jak umite, pokud ho tam chcete nechavat, klidne si jej nechte i s spolu s pozustaky IS 2013, ktere se mohou aktivovat. Pomoci se ale u nas nedockate - my tu pomoci muzeme, nikoliv musime :!:

Pravidla jsou jasne dana, pokud se vam nelibi, nikdo vas tu nenuti byt, tlacitko Odhlasit mate vlevo nahore.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
xgazzyx
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 črc 2013 11:14

Re: Internet Security 2013 dočištění

#6 Příspěvek od xgazzyx »

Bylo mi receno, ze byl koupeny. Pardon, jdu nahodit avast.
Nahoru
Uživatelský avatar
Pavuk29
VIP in memoriam
VIP in memoriam
Příspěvky: 6953
Registrován: 31 říj 2003 08:26
Bydliště: Banská Bystrica
Kontaktovat uživatele:
Kontaktovat uživatele Pavuk29

Re: Internet Security 2013 dočištění

#7 Příspěvek od Pavuk29 »

xgazzyx píše:Bylo mi receno, ze byl koupeny. Pardon, jdu nahodit avast.
ano mami. To kamoska pacha nehoraznosti, a ty uz aj ides nahodit Avast.
Bud je kamoska velmi dobra kamoska, alebo je to tvoj pocitac. Bud chlap, priznaj sa :D
Ak sa priznas, tak sa odhlasim :D
------------------------------------------------------------------------------------------------------------------------------
:!: PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA :!: :spam:
------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora, :207: pripadne s inymi uzivatelmi, :whip: kontaktujte ma na ICQ alebo mailom :31: na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.
http://www.icq.com/people/267560078/
:183: hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821
:!: pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Internet Security 2013 dočištění

#8 Příspěvek od vyosek »

:arrow: Az tam bude legalni zabezpeceni, nejlepe Avast Free, tak pokracujte dale SecurityCheckem

:arrow: Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe
  • Ulozte nejlepe na Plochu
  • Spustte tradicne dvouklikem a postupujte dle pokynu utility
  • Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
xgazzyx
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 črc 2013 11:14

Re: Internet Security 2013 dočištění

#9 Příspěvek od xgazzyx »

Kamarádka je sousedka. Co to má ale s tématem společného mi není jasné. O.o

Už jsem odstřelil Eset. Avast se instaluje. Hnedka na to vlítnu ;)
Nahoru
Uživatelský avatar
Pavuk29
VIP in memoriam
VIP in memoriam
Příspěvky: 6953
Registrován: 31 říj 2003 08:26
Bydliště: Banská Bystrica
Kontaktovat uživatele:
Kontaktovat uživatele Pavuk29

Re: Internet Security 2013 dočištění

#10 Příspěvek od Pavuk29 »

xgazzyx píše:Kamarádka je sousedka. Co to má ale s tématem společného mi není jasné. O.o
Vela napovie o tvojej doveryhodnosti. Ked ten megaavast doinstalujes, pokracuj v topicu. Ja sa len ucim teraz niektorym veciam, tak si ma do konca instalacie nevsimaj. Len to potom napis.
------------------------------------------------------------------------------------------------------------------------------
:!: PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA :!: :spam:
------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora, :207: pripadne s inymi uzivatelmi, :whip: kontaktujte ma na ICQ alebo mailom :31: na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.
http://www.icq.com/people/267560078/
:183: hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821
:!: pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
Nahoru
xgazzyx
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 črc 2013 11:14

Re: Internet Security 2013 dočištění

#11 Příspěvek od xgazzyx »

Results of screen317's Security Check version 0.99.71
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 31
Java version out of Date!
Adobe Flash Player 11.7.700.224
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (22.0)
Mozilla Thunderbird (9.0.1)
Google Chrome 27.0.1453.116
Google Chrome 28.0.1500.72
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


Doufám, že je to to, co si chtěl.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Internet Security 2013 dočištění

#12 Příspěvek od vyosek »

:arrow: Ano je to ono :thumbsup:

Poprosim o spusteni nasledujiciho

:arrow: Aplikace ke stažení:
:arrow: Po stažení je nutné na systémech Vista, W7 a W8 spustit utilitu jako Správce - kliknutí pravým tlačítkem myši na ikonu a zvolení možnosti Spustit jako správce či Run As Administrator
Obrázek


:arrow: Následně dojde ke stažení FRST a inicializaci
  • Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
  • Dooznačíme položku Addition.txt - viz obrázek.
    Obrázek
  • Klikneme na tlačítko Scan čímž spustíme skenování.
  • Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
  • Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
  • Po uzavření logu se Test.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
xgazzyx
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 črc 2013 11:14

Re: Internet Security 2013 dočištění

#13 Příspěvek od xgazzyx »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-07-2013 04
Ran by Klára (administrator) on 27-07-2013 14:58:04
Running from C:\Users\Klára\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Somoto) C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE
() C:\Users\Klára\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Hi Suite\Hi Suite.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Program Files (x86)\Hi Suite\ADB\adb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
() C:\Users\Klára\Desktop\Test.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-21] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-01-21] (Atheros Commnucations)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-23] (Acer Incorporated)
HKLM\...\Run: [CNAP2 Launcher] - C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [406944 2007-09-05] (CANON INC.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-18] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Klára\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Klára\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92296 2012-12-19] ()
HKCU\...\Run: [SDP] - C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
MountPoints2: G - G:\Setup.exe
MountPoints2: {404507ed-bd1d-11e1-a71f-002354af9133} - F:\Setup.exe
MountPoints2: {53ff8b4f-5984-11e1-b2eb-002354af9133} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {76f80f86-b518-11e1-a839-002354af9133} - G:\Setup.exe
MountPoints2: {946dad43-ccc8-11e0-bafa-002354af9133} - E:\Setup.exe
MountPoints2: {993af20e-867d-11e1-9375-002354af9133} - F:\Autorun.exe
MountPoints2: {d3affe11-1678-11e2-bdfe-002354af9133} - "H:\WD SmartWare.exe" autoplay=true
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Mobile Partner] - C:\Program Files (x86)\Hi Suite\Hi Suite.exe [518656 2012-07-08] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [x]
HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [x]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [226920 2011-03-31] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [193128 2011-03-31] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
URLSearchHook: (No Name) - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - No File
StartMenuInternet: IEXPLORE.EXE - %ProgramFiles(x86)%\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {08DC37CF-B73D-4412-AE4A-341177D35967} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={search ... A3C4CA0483
SearchScopes: HKCU - {28B17AF9-BF49-431D-90D2-B20268213AE9} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {300375E7-89ED-48D2-9A36-DBAEB12B7B10} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKCU - {30C4C069-1CB9-4065-AD1B-A079A18F0736} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_13415
SearchScopes: HKCU - {84F12193-445C-44E7-B7D3-EB1C06B5CDEE} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {A174A675-4997-4250-8F32-0CB7C2ED0A8F} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {DDD3EE0A-9601-4B08-A667-C20677B464AA} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {ECAE3A3F-4010-419B-BD0A-8EA46E28D5D0} URL = http://search.conduit.com/ResultsExt.as ... =CT2670199
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Free Lunch Design TB Toolbar - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - C:\Program Files (x86)\Free_Lunch_Design_TB\prxtbFree.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Free Lunch Design TB Toolbar - {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - C:\Program Files (x86)\Free_Lunch_Design_TB\prxtbFree.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.228.41.113 160.218.161.54

FireFox:
========
FF ProfilePath: C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default
FF user.js: detected! => C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\user.js
FF NewTab: hxxp://www2.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=663268A3C4CA0483
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=663268A3C4CA0483
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB3&ctid=CT2670199&SearchSource=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Klára\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Klára\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Klára\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: Free Lunch Design TB - C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}
FF Extension: Seznam lištička - C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: ftdownloader3 - C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\Extensions\ftdownloader3@ftdownloader.com.xpi
FF Extension: gophoto - C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\Extensions\gophoto@gophoto.it.xpi
FF Extension: zotero - C:\Users\Klára\AppData\Roaming\Mozilla\Firefox\Profiles\xtpnx9bi.default\Extensions\zotero@chnm.gmu.edu.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=663268A3C4CA0483
CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=663268A3C4CA0483"
CHR DefaultSearchURL: (Delta Search) - http://www2.delta-search.com/?q={search ... A3C4CA0483
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kl\u00E1ra\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kl\u00E1ra\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Kl\u00E1ra\AppData\Local\Google\Chrome\Application\27.0.1453.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Kl\u00E1ra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (FTdownloader V3.0) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Delta Toolbar) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj\1.0_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (GoPhoto.it) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0
CHR Extension: (Gmail) - C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [bbffdhejhaoiflnpooogkckfdcmmjppn] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [nohfdhapjjlndfgjnmdlcabloeembdkj] - C:\Users\Klára\AppData\Roaming\BabSolution\CR\delta2.crx
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx
CHR StartMenuInternet: Google Chrome - "C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe"

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [31744 2011-03-22] (Google Inc)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-08-22] (DT Soft Ltd)
S3 qcusbser; C:\Windows\System32\DRIVERS\FXX\qcusbser.sys [364288 2011-03-22] (QUALCOMM Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-27 14:57 - 2013-07-27 14:57 - 00000000 ____D C:\FRST
2013-07-27 14:56 - 2013-07-27 14:56 - 00154232 _____ (Noël Danjou) C:\Users\KLRA~1\AppData\Local\download.exe
2013-07-27 14:56 - 2013-07-27 14:56 - 00001355 ___HT C:\Users\Klára\Desktop\5684OBGR.bat
2013-07-27 14:56 - 2013-07-27 12:12 - 01780815 _____ (Farbar) C:\Users\Klára\Desktop\FRST64.exe
2013-07-27 14:56 - 2013-07-26 08:41 - 00002627 _____ C:\Users\Klára\Desktop\logmodification.bat
2013-07-27 14:55 - 2013-07-27 14:55 - 00361472 _____ C:\Users\Klára\Desktop\Test.exe
2013-07-27 14:31 - 2013-07-27 14:31 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-27 14:31 - 2013-07-27 14:31 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-27 14:31 - 2013-07-27 14:31 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-27 14:31 - 2013-07-27 14:31 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-27 14:31 - 2013-07-27 14:31 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-27 14:31 - 2013-07-27 14:31 - 00000000 ____D C:\Program Files\Google
2013-07-27 14:31 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-27 14:31 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-27 14:31 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-27 14:30 - 2013-07-27 14:31 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-27 14:30 - 2013-07-27 14:31 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-27 14:30 - 2013-07-27 14:30 - 00891098 _____ C:\Users\Klára\Desktop\SecurityCheck.exe
2013-07-27 14:30 - 2013-07-27 14:30 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-27 14:30 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-27 14:30 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-27 14:30 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-27 14:23 - 2013-07-27 14:23 - 00000002 _____ C:\AvastSetup.log
2013-07-27 14:07 - 2013-07-27 14:21 - 00022820 _____ C:\Users\Klára\Downloads\~ESETUninstaller.log
2013-07-27 14:07 - 2013-07-27 13:54 - 00663552 _____ (ESET) C:\Windows\ESETUninstaller.exe
2013-07-27 13:54 - 2013-07-27 13:54 - 00663552 _____ (ESET) C:\Users\Klára\Downloads\ESETUninstaller.exe
2013-07-27 12:17 - 2013-07-27 12:17 - 00935175 _____ C:\Users\Klára\Downloads\RSITx64.exe
2013-07-27 12:17 - 2013-07-27 12:17 - 00000000 ____D C:\rsit
2013-07-27 12:17 - 2013-07-27 12:17 - 00000000 ____D C:\Program Files\trend micro
2013-07-25 22:18 - 2013-07-25 22:18 - 00002388 _____ C:\Users\Klára\Desktop\Scan Report 25-07-13.lnk
2013-07-25 22:05 - 2013-07-25 22:19 - 00000000 ____D C:\Program Files (x86)\Internet Security Pro 2013 Vvirus Removal Tool
2013-07-25 22:05 - 2013-07-25 22:05 - 00001058 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-25 22:05 - 2013-07-25 22:05 - 00000000 ____D C:\Users\Klára\AppData\Roaming\systweak
2013-07-25 22:05 - 2013-07-25 22:05 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-07-25 22:05 - 2012-12-10 11:04 - 00356352 _____ (eSellerate Inc.) C:\Windows\eSellerateEngine.dll
2013-07-25 22:05 - 2012-12-10 11:04 - 00081920 _____ (eSellerate Inc.) C:\Windows\eSellerateControl350.dll
2013-07-25 22:05 - 2012-01-20 14:14 - 00018816 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-07-25 22:05 - 2009-07-23 18:32 - 01122304 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2013-07-25 22:05 - 2009-07-23 18:32 - 00274432 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2013-07-25 21:53 - 2013-07-25 21:57 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-25 21:53 - 2013-07-25 21:53 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-25 21:47 - 2013-07-25 21:47 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Klára\Downloads\SpyHunter-Installer.exe
2013-07-18 15:20 - 2013-07-22 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-15 22:50 - 2013-07-22 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-15 22:50 - 2013-07-15 22:50 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-15 03:09 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-15 03:09 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-15 03:09 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-15 03:09 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-15 03:09 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-15 03:09 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-15 03:09 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-15 03:09 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-15 03:09 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-15 03:09 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-15 03:09 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-15 03:09 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-15 03:09 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-15 03:09 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-15 03:09 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-15 03:09 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-15 03:09 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-15 03:09 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-15 03:09 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-15 03:09 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-15 03:09 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-15 03:09 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-13 16:55 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 16:55 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-13 16:55 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 16:55 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-13 16:54 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-13 16:53 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-13 16:53 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-06-29 21:19 - 2013-06-29 21:19 - 00008502 _____ C:\Users\Klára\.recently-used.xbel

==================== One Month Modified Files and Folders =======

2013-07-27 14:57 - 2013-07-27 14:57 - 00000000 ____D C:\FRST
2013-07-27 14:56 - 2013-07-27 14:56 - 00154232 _____ (Noël Danjou) C:\Users\KLRA~1\AppData\Local\download.exe
2013-07-27 14:56 - 2013-07-27 14:56 - 00001355 ___HT C:\Users\Klára\Desktop\5684OBGR.bat
2013-07-27 14:55 - 2013-07-27 14:55 - 00361472 _____ C:\Users\Klára\Desktop\Test.exe
2013-07-27 14:54 - 2012-03-15 12:59 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-27 14:40 - 2011-09-18 20:54 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job
2013-07-27 14:40 - 2011-07-28 13:00 - 00634780 _____ C:\Windows\system32\perfh005.dat
2013-07-27 14:40 - 2011-07-28 13:00 - 00123338 _____ C:\Windows\system32\perfc005.dat
2013-07-27 14:40 - 2009-07-14 07:13 - 01478822 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-27 14:40 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-27 14:40 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-27 14:39 - 2013-02-10 01:19 - 00000000 ____D C:\Users\Klára\AppData\Roaming\Seznam.cz
2013-07-27 14:37 - 2011-07-28 12:11 - 01684128 _____ C:\Windows\WindowsUpdate.log
2013-07-27 14:36 - 2012-03-15 12:59 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-27 14:36 - 2011-09-18 20:54 - 00000000 ____D C:\Users\KLRA~1\AppData\Local\Google
2013-07-27 14:35 - 2012-12-22 15:17 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-27 14:34 - 2012-03-15 12:59 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-27 14:34 - 2011-07-28 12:26 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-07-27 14:33 - 2010-11-21 05:47 - 00040430 _____ C:\Windows\PFRO.log
2013-07-27 14:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-27 14:33 - 2009-07-14 06:51 - 00118714 _____ C:\Windows\setupact.log
2013-07-27 14:32 - 2011-12-28 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-27 14:31 - 2013-07-27 14:31 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-27 14:31 - 2013-07-27 14:31 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-27 14:31 - 2013-07-27 14:31 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-27 14:31 - 2013-07-27 14:31 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-27 14:31 - 2013-07-27 14:31 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-27 14:31 - 2013-07-27 14:31 - 00000000 ____D C:\Program Files\Google
2013-07-27 14:31 - 2013-07-27 14:30 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-27 14:31 - 2013-07-27 14:30 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-27 14:30 - 2013-07-27 14:30 - 00891098 _____ C:\Users\Klára\Desktop\SecurityCheck.exe
2013-07-27 14:30 - 2013-07-27 14:30 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-27 14:30 - 2011-08-10 14:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-27 14:30 - 2011-08-10 14:23 - 00000386 _____ C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2013-07-27 14:29 - 2011-08-10 14:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-27 14:29 - 2011-08-10 14:42 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-27 14:23 - 2013-07-27 14:23 - 00000002 _____ C:\AvastSetup.log
2013-07-27 14:21 - 2013-07-27 14:07 - 00022820 _____ C:\Users\Klára\Downloads\~ESETUninstaller.log
2013-07-27 13:56 - 2011-08-19 18:37 - 00000000 ____D C:\Users\KLRA~1\AppData\Local\CrashDumps
2013-07-27 13:54 - 2013-07-27 14:07 - 00663552 _____ (ESET) C:\Windows\ESETUninstaller.exe
2013-07-27 13:54 - 2013-07-27 13:54 - 00663552 _____ (ESET) C:\Users\Klára\Downloads\ESETUninstaller.exe
2013-07-27 12:17 - 2013-07-27 12:17 - 00935175 _____ C:\Users\Klára\Downloads\RSITx64.exe
2013-07-27 12:17 - 2013-07-27 12:17 - 00000000 ____D C:\rsit
2013-07-27 12:17 - 2013-07-27 12:17 - 00000000 ____D C:\Program Files\trend micro
2013-07-27 12:12 - 2013-07-27 14:56 - 01780815 _____ (Farbar) C:\Users\Klára\Desktop\FRST64.exe
2013-07-27 12:10 - 2011-10-20 13:05 - 00000982 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job
2013-07-27 10:40 - 2011-09-18 20:54 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job
2013-07-27 10:39 - 2011-10-20 13:05 - 00000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job
2013-07-26 14:35 - 2012-11-24 02:19 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{01F6E1F8-0A1E-4681-B9B0-C742A3C11C0A}
2013-07-26 08:41 - 2013-07-27 14:56 - 00002627 _____ C:\Users\Klára\Desktop\logmodification.bat
2013-07-25 22:19 - 2013-07-25 22:05 - 00000000 ____D C:\Program Files (x86)\Internet Security Pro 2013 Vvirus Removal Tool
2013-07-25 22:18 - 2013-07-25 22:18 - 00002388 _____ C:\Users\Klára\Desktop\Scan Report 25-07-13.lnk
2013-07-25 22:05 - 2013-07-25 22:05 - 00001058 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-25 22:05 - 2013-07-25 22:05 - 00000000 ____D C:\Users\Klára\AppData\Roaming\systweak
2013-07-25 22:05 - 2013-07-25 22:05 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-07-25 21:57 - 2013-07-25 21:53 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-25 21:53 - 2013-07-25 21:53 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-25 21:47 - 2013-07-25 21:47 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Klára\Downloads\SpyHunter-Installer.exe
2013-07-25 18:15 - 2013-05-01 12:46 - 00000000 ____D C:\Users\Klára\Desktop\Brigáda
2013-07-24 23:34 - 2011-08-19 18:36 - 00000116 _____ C:\Windows\NeroDigital.ini
2013-07-24 21:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-22 17:46 - 2013-07-15 22:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-22 11:01 - 2013-07-18 15:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-18 00:07 - 2012-08-06 12:41 - 00000000 ___RD C:\Users\Klára\Desktop\VŠ BRNO
2013-07-18 00:07 - 2012-02-01 13:27 - 00000000 ____D C:\Users\Klára\Desktop\Fotky
2013-07-16 10:49 - 2012-03-15 12:59 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-16 10:49 - 2012-03-15 12:59 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-16 10:35 - 2011-09-18 20:54 - 00003936 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA
2013-07-16 10:35 - 2011-09-18 20:54 - 00003540 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core
2013-07-16 10:22 - 2012-06-14 23:58 - 00000000 ____D C:\Users\Klára\Desktop\Terry Pratchett
2013-07-15 22:50 - 2013-07-15 22:50 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-15 03:35 - 2009-07-14 06:45 - 00414200 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-15 03:34 - 2012-05-15 11:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-15 03:34 - 2012-05-15 11:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-15 03:33 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-15 03:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-15 03:33 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-15 03:11 - 2011-08-10 12:37 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-15 03:10 - 2011-08-10 14:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-13 22:36 - 2011-09-18 20:55 - 00002372 _____ C:\Users\Klára\Desktop\Google Chrome.lnk
2013-06-29 21:19 - 2013-06-29 21:19 - 00008502 _____ C:\Users\Klára\.recently-used.xbel
2013-06-29 21:19 - 2011-09-08 20:17 - 00000000 ____D C:\Users\Klára\.gimp-2.6
2013-06-29 21:19 - 2011-08-10 12:03 - 00000000 ____D C:\Users\Klára

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 19:32

==================== Scheduled Tasks (whitelisted) =============

Task: {212CBEE0-CC69-49BA-8D44-76A6D3E2218D} - System32\Tasks\User_Feed_Synchronization-{01F6E1F8-0A1E-4681-B9B0-C742A3C11C0A} => C:\Windows\system32\msfeedssync.exe [2013-06-19] (Microsoft Corporation)
Task: {47163932-EC8F-49A2-B25D-A43CE2F468E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-18] (Google Inc.)
Task: {5329B7E1-9C61-493B-9671-E57ECA5AB870} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {575552AF-380A-4588-99A2-B24591723B88} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {5D692240-DAFC-4418-A4E7-82029248E0B2} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {68109DF4-5440-4E6A-88BC-DEDF99746FE6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {91092FA2-CF30-4D4D-9628-B6A6FB851EA8} - System32\Tasks\Acer Registration - Reminder Recall task => C:\Program Files (x86)\Acer\Registration\GREG.exe No File
Task: {981FE306-3E00-4B2C-8A70-128E27F576F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15] (Google Inc.)
Task: {B96C7A1F-1707-4795-9526-5E9760CCD1F2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {C7DC51BA-AEA1-4A8E-BCCD-67E781BF2AA1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {D29F54EE-8AB2-44A0-88C6-AC932FD16540} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15] (Google Inc.)
Task: {D345A559-84B9-429E-ADDB-6F04F8828FC7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {D6039FDB-3910-4796-94DA-0FBFDF8D5635} - System32\Tasks\EPUpdater => C:\Users\KLRA~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-04-07] ()
Task: {D9426A65-DC8C-42CB-A463-610644659568} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-18] (Google Inc.)
Task: {E879CFE3-2A28-40EB-88E7-9211118A7829} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Supplementary Scan (All) =============


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000000
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000000
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"vidc.uyvy"="msyuv.dll"
"vidc.yuy2"="msyuv.dll"
"vidc.yvyu"="msyuv.dll"
"vidc.iyuv"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"vidc.yvu9"="tsbyuv.dll"
"vidc.cvid"="iccvid.dll"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"wave2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"msacm.l3codecp"="l3codecp.acm"
"msacm.siren"="sirenacm.dll"
"VIDC.XVID"="xvidvfw.dll"
"VIDC.YV12"="yv12vfw.dll"
"msacm.ac3acm"="ac3acm.acm"
"msacm.lameacm"="lameACM.acm"
"VIDC.FFDS"="ff_vfw.dll"
"VIDC.ACDV"="ACDV.dll"
"vidc.VP60"="C:\\Windows\\system32\\vp6vfw.dll"
"vidc.VP61"="C:\\Windows\\system32\\vp6vfw.dll"


================ Drive and Memory info =====================

avast! Free Antivirus (x32 Version: 8.0.1489.0)
Free Lunch Design TB Toolbar (x32 Version: 6.8.5.1)
Slovník Verdict Free (a internetový překladač) (HKCU)
27-07-2013 12:29:18 Instalace avast! Free Antivirus
Drive c: (Acer) (Fixed) (Total:581.07 GB) (Free:303.54 GB) NTFS (Disk=0 Partition=3)

Available physical RAM: 2238.57 MB
Total physical RAM: 3946.73 MB
Percentage of memory in use: 43%

==================== End Of Log ============================



snad je to ono
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Internet Security 2013 dočištění

#14 Příspěvek od vyosek »

:arrow: Odinstalujte RegClean Pro - nejlepsi cesta ke zboreni systemu

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-18] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Klára\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Klára\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92296 2012-12-19] ()
HKCU\...\Run: [SDP] - C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
Toolbar: HKCU - No Name - {A5AE8924-4036-420F-B7F6-A47E4B8F692E} - No File
FF NewTab: hxxp://www2.delta-search.com/?affID=119 ... A3C4CA0483
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www2.delta-search.com/?affID=119 ... A3C4CA0483
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=
CHR HomePage: hxxp://www2.delta-search.com/?affID=119 ... A3C4CA0483
CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=663268A3C4CA0483"
CHR DefaultSearchURL: (Delta Search) - http://www2.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=663268A3C4CA0483
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR HKLM-x32\...\Chrome\Extension: [bbffdhejhaoiflnpooogkckfdcmmjppn] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [nohfdhapjjlndfgjnmdlcabloeembdkj] - C:\Users\Klára\AppData\Roaming\BabSolution\CR\delta2.crx
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx
2013-07-27 14:07 - 2013-07-27 14:21 - 00022820 _____ C:\Users\Klára\Downloads\~ESETUninstaller.log
2013-07-27 14:07 - 2013-07-27 13:54 - 00663552 _____ (ESET) C:\Windows\ESETUninstaller.exe
2013-07-27 13:54 - 2013-07-27 13:54 - 00663552 _____ (ESET) C:\Users\Klára\Downloads\ESETUninstaller.exe
2013-07-25 22:05 - 2013-07-25 22:19 - 00000000 ____D C:\Program Files (x86)\Internet Security Pro 2013 Vvirus Removal Tool
2013-07-25 22:05 - 2013-07-25 22:05 - 00001058 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-25 21:53 - 2013-07-25 21:57 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-25 21:53 - 2013-07-25 21:53 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-25 21:47 - 2013-07-25 21:47 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\Klára\Downloads\SpyHunter-Installer.exe
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
C:\Windows\tasks\Acer Registration - Reminder Recall task.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job
C:\Program Files (x86)\TNod User & Password Finder
C:\Windows\system32\roboot64.exe
Hosts:
CMD: shutdown -r
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava, restart PC a vytvori log Fixlog.txt
:arrow: Po restartu PC sem dejte fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
xgazzyx
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 črc 2013 11:14

Re: Internet Security 2013 dočištění

#15 Příspěvek od xgazzyx »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-07-2013 04
Ran by Klára at 2013-07-27 15:21:45 Run:1
Running from C:\Users\Klára\Desktop
Boot Mode: Normal
==============================================

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SDP => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisTecPMMUpdate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisUpdate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A5AE8924-4036-420F-B7F6-A47E4B8F692E} => Value deleted successfully.
HKCR\CLSID\{A5AE8924-4036-420F-B7F6-A47E4B8F692E} => Key not found.
Firefox newtab deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
CHR HomePage: hxxp://www2.delta-search.com/?affID=119 ... A3C4CA0483 ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=663268A3C4CA0483" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: (Delta Search) - http://www2.delta-search.com/?q={search ... A3C4CA0483 ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn => Key deleted successfully.
C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj => Key deleted successfully.
C:\Users\Klára\AppData\Roaming\BabSolution\CR\delta2.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk => Key deleted successfully.
C:\Program Files (x86)\Gophoto.it\gophotoit14.crx => Moved successfully.
C:\Users\Klára\Downloads\~ESETUninstaller.log => Moved successfully.
C:\Windows\ESETUninstaller.exe => Moved successfully.
C:\Users\Klára\Downloads\ESETUninstaller.exe => Moved successfully.
C:\Program Files (x86)\Internet Security Pro 2013 Vvirus Removal Tool => Moved successfully.
"C:\Users\Public\Desktop\RegClean Pro.lnk" => File/Directory not found.
C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\Klára\Downloads\SpyHunter-Installer.exe => Moved successfully.
C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector" /f =========

Operace byla dokonźena ŁspŘçnŘ.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f =========

Operace byla dokonźena ŁspŘçnŘ.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck" /f =========

Operace byla dokonźena ŁspŘçnŘ.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP" /f =========

Operace byla dokonźena ŁspŘçnŘ.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.


========= End of Reg: =========

"C:\Windows\tasks\Acer Registration - Reminder Recall task.job" => File/Directory not found.
"C:\Windows\tasks\Adobe Flash Player Updater.job" => File/Directory not found.
"C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job" => File/Directory not found.
"C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job" => File/Directory not found.
"C:\Windows\tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
"C:\Windows\tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001Core.job" => File/Directory not found.
"C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3422034195-2770934157-2175842181-1001UA.job" => File/Directory not found.
"C:\Program Files (x86)\TNod User & Password Finder" => File/Directory not found.
C:\Windows\system32\roboot64.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown -r =========


========= End of CMD: =========


==== End of Fixlog ====
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“