Pomale PC

Zpráva

Oji · #1 Příspěvek od **Oji** » 05 říj 2013 15:05

Logfile of random's system information tool 1.06 (written by random/random)
Run by uživatel at 2013-10-05 16:03:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 121 GB (79%) free of 153 GB
Total RAM: 3006 MB (85% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-10-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2005-11-01 163840]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"HPPQVideo"=C:\Program Files\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe [2007-05-07 106496]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-22 3080264]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN]
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-01 347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN (news)]
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-01 347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN (update)]
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-01 347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrMan]
C:\PCFPRINT\PRMAN32.EXE [2009-03-13 1297628]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX]
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [2008-08-01 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2006-06-16 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
C:\PROGRA~1\RALINK\Common\RaUI.exe [2007-08-29 675840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfsu_cm1312.exe"="C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfsu_cm1312.exe:*:Enabled:HP Networked Printer Installer"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxnc2.exe"="C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxnc2.exe:*:Enabled:HP Networked Printer Installer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2013-10-05 16:03:25 ----D---- C:\rsit
2013-10-05 16:03:25 ----D---- C:\Program Files\trend micro
2013-09-13 06:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 06:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 06:35:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

======List of files/folders modified in the last 1 months======

2013-10-05 16:03:25 ----RD---- C:\Program Files
2013-10-05 16:01:35 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-05 16:01:00 ----D---- C:\WINDOWS\Temp
2013-10-05 13:15:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-05 13:13:04 ----SH---- C:\boot.ini
2013-10-05 13:13:04 ----D---- C:\WINDOWS\pss
2013-10-05 13:13:04 ----A---- C:\WINDOWS\win.ini
2013-10-05 13:13:04 ----A---- C:\WINDOWS\system.ini
2013-10-05 09:26:02 ----D---- C:\WINDOWS\Prefetch
2013-10-03 18:25:42 ----D---- C:\FANDPRN
2013-10-03 18:25:42 ----A---- C:\WINDOWS\PRMANPCF.INI
2013-10-01 06:21:32 ----D---- C:\WINDOWS\Help
2013-09-15 06:12:29 ----D---- C:\Documents and Settings\uživatel\Data aplikací\Skype
2013-09-13 15:49:51 ----HD---- C:\Config.Msi
2013-09-13 15:49:50 ----SHD---- C:\WINDOWS\Installer
2013-09-13 14:39:05 ----D---- C:\WINDOWS
2013-09-13 14:37:27 ----D---- C:\WINDOWS\system32
2013-09-13 06:36:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-09-13 06:36:35 ----HD---- C:\WINDOWS\inf
2013-09-13 06:36:30 ----A---- C:\WINDOWS\imsins.BAK
2013-09-13 06:36:21 ----D---- C:\Program Files\Internet Explorer
2013-09-13 06:36:14 ----D---- C:\WINDOWS\system32\cs-cz
2013-09-13 06:33:54 ----D---- C:\WINDOWS\system32\MRT
2013-09-13 06:32:17 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2011-08-04 103112]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-12 21419]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2011-08-09 154136]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-11-23 4025088]
R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2007-07-28 483968]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-06-23 808448]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfxbulk.sys [2007-07-16 17432]
S3 HPFXFAX;HPFXFAX; C:\WINDOWS\system32\drivers\hpfxfax.sys [2007-07-16 20504]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-09-22 974944]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-04 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **cernohous13** » 05 říj 2013 15:49

Zdravím, zkusíme odbrzdit

Stáhni Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
Ulož nejlépe na plochu
Ukonči všechny programy a dvojklikem SC spusť
Proběhne skenování a pak se objevi log, případně bude uložen v místě spuštení jako sc-cleaner.txt, jeho obsah sem vlož

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Search po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

Oji · #3 Příspěvek od **Oji** » 05 říj 2013 18:38

Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 10/05/2013 07:37:51 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Documents and Settings\uživatel\Nabídka Start\

Searching C:\Documents and Settings\All Users\Nabídka Start\

Searching C:\Documents and Settings\uživatel\Data aplikací\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Documents and Settings\All Users\Plocha\

Searching C:\Documents and Settings\uživatel\Plocha

0 bad shortcuts found.

Program finished at: 10/05/2013 07:37:51 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

Oji · #4 Příspěvek od **Oji** » 05 říj 2013 18:44

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Microsoft Windows XP x86
Ran by u§ivatel on so 05.10.2013 at 19:39:07,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 05.10.2013 at 19:41:58,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oji · #5 Příspěvek od **Oji** » 05 říj 2013 18:46

# AdwCleaner v3.006 - Report created 05/10/2013 at 19:44:55
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : uživatel - PC
# Running from : C:\Documents and Settings\uživatel\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21352

*************************

AdwCleaner[R0].txt - [1360 octets] - [05/10/2013 19:44:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1420 octets] ##########

#6 Příspěvek od **cernohous13** » 05 říj 2013 19:07

AdwCleaner -> Clean

Oji · #7 Příspěvek od **Oji** » 05 říj 2013 19:28

# AdwCleaner v3.006 - Report created 05/10/2013 at 20:24:38
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : uživatel - PC
# Running from : C:\Documents and Settings\uživatel\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Minibar
Folder Deleted : C:\Documents and Settings\uživatel\Local Settings\Data aplikací\FilesFrog Update Checker
Folder Deleted : C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Minibar
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\Minibar
Folder Deleted : C:\Documents and Settings\uživatel\Nabídka Start\Programy\FilesFrog Update Checker

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AppsHat]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKLM\Software\Minibar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21352

*************************

AdwCleaner[R0].txt - [1500 octets] - [05/10/2013 19:44:55]
AdwCleaner[R1].txt - [3367 octets] - [05/10/2013 20:24:14]
AdwCleaner[S0].txt - [3358 octets] - [05/10/2013 20:24:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3418 octets] ##########

#8 Příspěvek od **cernohous13** » 06 říj 2013 04:42

Teď se podíváme po škodné

Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

Ty máš servis nebo velkou rodinu?
za poslední měsíc:
viktor
uživatel
robin
administator

Oji · #9 Příspěvek od **Oji** » 06 říj 2013 17:03

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.06.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
uživatel :: PC [administrátor]

Ochrana: Povolena

6.10.2013 8:55:01
MBAM-log-2013-10-06 (18-02-02).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 311385
Uplynulý čas: 45 minut, 32 sekund

Nalezené procesy v paměti: 1
C:\Program Files\LemurLeap\updateLemurLeap.exe (PUP.Optional.LemurLeap.A) -> 804 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 7
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\Update LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Program Files\LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 16
C:\AdwCleaner\Quarantine\C\Documents and Settings\uživatel\Local Settings\Data aplikací\FilesFrog Update Checker\uninstall.exe.vir (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\uživatel\Local Settings\Data aplikací\FilesFrog Update Checker\update_checker.exe.vir (PUP.Optional.FilesFrog.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Minibar\Minibar.dll.vir (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\AppsHat Mobile Apps\Uninstall.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Local Settings\Temp\LemurLeap_sm.exe (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Local Settings\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Local Settings\Temp\BI_RunOnce.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Local Settings\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Local Settings\Temporary Internet Files\Content.IE5\PZH84L96\Setup[1].exe (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Local Settings\Temporary Internet Files\Content.IE5\TA6DWNCS\minibar-core[1].exe (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uživatel\Plocha\7ZipSetup.exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Záloha\Program Files\Mail PassView\mailpv.exe (PUP.MailPassView) -> Nebyla provedena žádná instrukce.
C:\Program Files\LemurLeap\updateLemurLeap.InstallState (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\LemurLeap\LemurLeap.ico (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\LemurLeap\LemurLeapUninstall.exe (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\LemurLeap\updateLemurLeap.exe (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.

(konec)

Rodina a kamaradi

#10 Příspěvek od **cernohous13** » 06 říj 2013 17:31

MBAM spustit znovu - Kontrolor -> dát Úplná kontrola
po ukončení -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Nalezené soubory
C:\Program Files\xxxxxx -> Umístnění do karantény a smazání se zdařilo..(Quarantined and deleted successfully)
ten bych taky rád viděl

Oji · #11 Příspěvek od **Oji** » 06 říj 2013 18:19

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.06.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
uživatel :: PC [administrátor]

Ochrana: Povolena

6.10.2013 8:55:01
mbam-log-2013-10-06 (08-55-01).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 311385
Uplynulý čas: 45 minut, 32 sekund

Nalezené procesy v paměti: 1
C:\Program Files\LemurLeap\updateLemurLeap.exe (PUP.Optional.LemurLeap.A) -> 804 -> Bude smazán při restartu.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 7
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} (PUP.Optional.MiniBar.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LemurLeap (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SYSTEM\CurrentControlSet\Services\Update LemurLeap (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\LemurLeap (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Program Files\LemurLeap (PUP.Optional.LemurLeap.A) -> Bude smazán při restartu.

Nalezené soubory: 16
C:\AdwCleaner\Quarantine\C\Documents and Settings\uživatel\Local Settings\Data aplikací\FilesFrog Update Checker\uninstall.exe.vir (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Documents and Settings\uživatel\Local Settings\Data aplikací\FilesFrog Update Checker\update_checker.exe.vir (PUP.Optional.FilesFrog.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files\Minibar\Minibar.dll.vir (PUP.Optional.MiniBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\AppsHat Mobile Apps\Uninstall.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Local Settings\Temp\LemurLeap_sm.exe (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Local Settings\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Local Settings\Temp\BI_RunOnce.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Local Settings\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Local Settings\Temporary Internet Files\Content.IE5\PZH84L96\Setup[1].exe (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Local Settings\Temporary Internet Files\Content.IE5\TA6DWNCS\minibar-core[1].exe (PUP.Optional.MiniBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\uživatel\Plocha\7ZipSetup.exe (PUP.Optional.Somoto) -> Přesun do karantény a smazání se zdařilo.
C:\Záloha\Program Files\Mail PassView\mailpv.exe (PUP.MailPassView) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\LemurLeap\updateLemurLeap.InstallState (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\LemurLeap\LemurLeap.ico (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\LemurLeap\LemurLeapUninstall.exe (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\LemurLeap\updateLemurLeap.exe (PUP.Optional.LemurLeap.A) -> Bude smazán při restartu.

(konec)

#12 Příspěvek od **cernohous13** » 06 říj 2013 19:39

Pozoruješ nějakou změnu nebo budeme ještě opravovat?

Oji · #13 Příspěvek od **Oji** » 06 říj 2013 20:00

je to lepší ale myslím že to ještě není ono....

#14 Příspěvek od **cernohous13** » 07 říj 2013 05:04

Dej mi aktuální RSIT

Oji · #15 Příspěvek od **Oji** » 07 říj 2013 13:21

Logfile of random's system information tool 1.06 (written by random/random)
Run by uživatel at 2013-10-07 14:20:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 121 GB (79%) free of 153 GB
Total RAM: 3006 MB (74% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-10-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2005-11-01 163840]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"HPPQVideo"=C:\Program Files\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe [2007-05-07 106496]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-22 3080264]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN]
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-01 347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN (news)]
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-01 347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN (update)]
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-01 347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrMan]
C:\PCFPRINT\PRMAN32.EXE [2009-03-13 1297628]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX]
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [2008-08-01 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2006-06-16 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
C:\PROGRA~1\RALINK\Common\RaUI.exe [2007-08-29 675840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfsu_cm1312.exe"="C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfsu_cm1312.exe:*:Enabled:HP Networked Printer Installer"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxnc2.exe"="C:\Program Files\HP\HP Color LaserJet CM1312 MFP Series\hppfaxnc2.exe:*:Enabled:HP Networked Printer Installer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2013-10-06 08:40:51 ----D---- C:\Documents and Settings\uživatel\Data aplikací\Malwarebytes
2013-10-06 08:40:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-10-06 08:40:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-10-05 20:23:10 ----D---- C:\Program Files\7-Zip
2013-10-05 19:44:53 ----D---- C:\AdwCleaner
2013-10-05 19:42:41 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-05 19:39:05 ----D---- C:\WINDOWS\ERUNT
2013-10-05 19:37:51 ----A---- C:\sc-cleaner.txt
2013-10-05 16:03:25 ----D---- C:\rsit
2013-10-05 16:03:25 ----D---- C:\Program Files\trend micro
2013-09-13 06:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 06:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 06:35:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

======List of files/folders modified in the last 1 months======

2013-10-07 14:19:07 ----D---- C:\WINDOWS\Prefetch
2013-10-07 14:18:37 ----D---- C:\WINDOWS\Temp
2013-10-06 19:25:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-06 19:25:28 ----D---- C:\WINDOWS\system32\drivers
2013-10-06 19:19:59 ----RD---- C:\Program Files
2013-10-06 19:18:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
2013-10-05 19:42:42 ----SD---- C:\WINDOWS\Tasks
2013-10-05 19:42:41 ----D---- C:\WINDOWS\system32
2013-10-05 19:39:05 ----D---- C:\WINDOWS
2013-10-05 16:01:35 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-05 13:13:04 ----SH---- C:\boot.ini
2013-10-05 13:13:04 ----D---- C:\WINDOWS\pss
2013-10-05 13:13:04 ----A---- C:\WINDOWS\win.ini
2013-10-05 13:13:04 ----A---- C:\WINDOWS\system.ini
2013-10-03 18:25:42 ----D---- C:\FANDPRN
2013-10-03 18:25:42 ----A---- C:\WINDOWS\PRMANPCF.INI
2013-10-01 06:21:32 ----D---- C:\WINDOWS\Help
2013-09-15 06:12:29 ----D---- C:\Documents and Settings\uživatel\Data aplikací\Skype
2013-09-13 15:49:51 ----HD---- C:\Config.Msi
2013-09-13 15:49:50 ----SHD---- C:\WINDOWS\Installer
2013-09-13 06:36:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-09-13 06:36:35 ----HD---- C:\WINDOWS\inf
2013-09-13 06:36:30 ----A---- C:\WINDOWS\imsins.BAK
2013-09-13 06:36:21 ----D---- C:\Program Files\Internet Explorer
2013-09-13 06:36:14 ----D---- C:\WINDOWS\system32\cs-cz
2013-09-13 06:33:54 ----D---- C:\WINDOWS\system32\MRT
2013-09-13 06:32:17 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2011-08-04 103112]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-12 21419]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2011-08-09 154136]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-11-23 4025088]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2007-07-28 483968]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-06-23 808448]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfxbulk.sys [2007-07-16 17432]
S3 HPFXFAX;HPFXFAX; C:\WINDOWS\system32\drivers\hpfxfax.sys [2007-07-16 20504]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-09-22 974944]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-04 153376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-05 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

VIRY.CZ

Pomale PC

Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC

Re: Pomale PC