Preventivní kontrola

Zpráva

kokon · #1 Příspěvek od **kokon** » 19 říj 2013 19:44

Zdravím,

našel jsem tu nainstalovaný Ask toolbar a také tu byl Avast který často moc nefunguje... tak prosím o kontrolu... díky

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uziv1 at 2013-10-19 20:42:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 28 GB (73%) free of 38 GB
Total RAM: 1014 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:56, on 19.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Uziv1\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Uziv1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2208131843
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4940 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF& ... =061513&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default\searchplugins\
ask-search.xml
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2013-04-11 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2013-04-11 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2013-04-11 118784]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-07-18 995184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-06-21 19875432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-04-11 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"C:\Program Files\LibreOffice 4\program\soffice.bin"="C:\Program Files\LibreOffice 4\program\soffice.bin:*:Enabled:LibreOffice"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-10-19 20:38:53 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-19 19:43:44 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-10-19 19:34:45 ----D---- C:\WINDOWS\system32\XPSViewer
2013-10-19 19:34:39 ----D---- C:\Program Files\MSBuild
2013-10-19 19:34:37 ----D---- C:\WINDOWS\system32\en-US
2013-10-19 19:34:29 ----D---- C:\Program Files\Reference Assemblies
2013-10-19 19:33:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2013-10-19 19:33:46 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2013-10-19 19:33:46 ----N---- C:\WINDOWS\system32\prntvpt.dll
2013-10-19 19:33:45 ----D---- C:\017bd91a347d873481f4
2013-10-19 19:31:55 ----RSD---- C:\WINDOWS\assembly
2013-10-19 19:30:30 ----D---- C:\WINDOWS\Microsoft.NET
2013-10-19 19:25:36 ----D---- C:\WINDOWS\system32\MRT
2013-10-19 19:23:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2013-10-19 19:23:01 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2013-10-19 19:22:38 ----D---- C:\Program Files\Windows Media Connect 2
2013-10-19 19:22:24 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2013-10-19 19:21:38 ----D---- C:\Program Files\Microsoft Security Client
2013-10-19 19:20:32 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2013-10-19 19:19:57 ----D---- C:\WINDOWS\system32\LogFiles
2013-10-19 19:19:57 ----D---- C:\WINDOWS\system32\drivers\UMDF
2013-10-19 19:19:52 ----D---- C:\Program Files\trend micro
2013-10-19 19:19:48 ----D---- C:\rsit
2013-10-19 19:19:39 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2013-10-19 19:09:34 ----SHD---- C:\Config.Msi
2013-10-19 18:37:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-10-19 18:20:36 ----A---- C:\WINDOWS\system32\hidserv.dll
2013-09-22 14:30:43 ----D---- C:\WINDOWS\ie8updates
2013-09-22 14:30:05 ----D---- C:\WINDOWS\WBEM
2013-09-22 14:28:56 ----HDC---- C:\WINDOWS\ie8
2013-09-22 14:26:24 ----A---- C:\WINDOWS\system32\MRT.exe
2013-09-22 09:26:30 ----N---- C:\WINDOWS\system32\browserchoice.exe
2013-09-22 09:20:33 ----N---- C:\WINDOWS\system32\iacenc.dll
2013-09-20 13:36:23 ----D---- C:\WINDOWS\system32\PreInstall
2013-09-20 13:36:20 ----HD---- C:\WINDOWS\$hf_mig$
2013-09-20 12:34:08 ----D---- C:\WINDOWS\system32\SoftwareDistribution

======List of files/folders modified in the last 1 month======

2013-10-19 20:42:50 ----D---- C:\WINDOWS\Prefetch
2013-10-19 20:42:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-10-19 20:42:20 ----D---- C:\WINDOWS\system32
2013-10-19 20:42:20 ----D---- C:\WINDOWS
2013-10-19 20:40:45 ----D---- C:\WINDOWS\Temp
2013-10-19 20:40:45 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-19 20:38:52 ----D---- C:\Program Files\Internet Explorer
2013-10-19 20:38:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-10-19 20:38:51 ----RD---- C:\Program Files
2013-10-19 20:38:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-19 20:37:06 ----D---- C:\WINDOWS\Debug
2013-10-19 19:51:03 ----SHD---- C:\WINDOWS\Installer
2013-10-19 19:44:53 ----SD---- C:\WINDOWS\Tasks
2013-10-19 19:43:55 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-19 19:41:56 ----D---- C:\WINDOWS\WinSxS
2013-10-19 19:34:35 ----RSD---- C:\WINDOWS\Fonts
2013-10-19 19:34:08 ----HD---- C:\WINDOWS\inf
2013-10-19 19:34:06 ----D---- C:\WINDOWS\system32\spool
2013-10-19 19:33:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-10-19 19:30:37 ----D---- C:\WINDOWS\system32\mui
2013-10-19 19:24:56 ----D---- C:\WINDOWS\system32\drivers
2013-10-19 19:22:46 ----A---- C:\WINDOWS\win.ini
2013-10-19 19:22:37 ----D---- C:\Program Files\Windows Media Player
2013-10-19 19:22:34 ----D---- C:\WINDOWS\Help
2013-10-19 19:21:56 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-10-19 19:21:43 ----D---- C:\WINDOWS\pchealth
2013-10-19 19:21:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-19 19:18:52 ----D---- C:\Program Files\Mozilla Firefox
2013-10-19 19:18:36 ----D---- C:\WINDOWS\Minidump
2013-10-19 19:10:17 ----RD---- C:\Program Files\Skype
2013-10-19 19:10:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-10-19 19:09:35 ----D---- C:\Program Files\HP
2013-10-19 18:38:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-23 23:55:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2013-09-23 20:25:11 ----N---- C:\WINDOWS\system32\occache.dll
2013-09-23 20:25:11 ----N---- C:\WINDOWS\system32\mstime.dll
2013-09-23 20:25:11 ----A---- C:\WINDOWS\system32\wininet.dll
2013-09-23 20:25:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2013-09-23 20:25:11 ----A---- C:\WINDOWS\system32\url.dll
2013-09-23 20:25:10 ----N---- C:\WINDOWS\system32\mshtmled.dll
2013-09-23 20:25:10 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-09-23 20:25:09 ----N---- C:\WINDOWS\system32\licmgr10.dll
2013-09-23 20:25:09 ----N---- C:\WINDOWS\system32\jsproxy.dll
2013-09-23 20:25:09 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 20:25:09 ----A---- C:\WINDOWS\system32\msfeeds.dll
2013-09-23 20:25:08 ----A---- C:\WINDOWS\system32\iertutil.dll
2013-09-23 20:25:08 ----A---- C:\WINDOWS\system32\iepeers.dll
2013-09-23 20:25:06 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2013-09-23 20:25:06 ----N---- C:\WINDOWS\system32\corpol.dll
2013-09-23 20:06:49 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2013-09-22 18:49:36 ----D---- C:\WINDOWS\system32\cs-cz
2013-09-22 18:49:35 ----D---- C:\WINDOWS\system32\wbem
2013-09-22 18:49:35 ----D---- C:\WINDOWS\AppPatch
2013-09-22 14:30:10 ----D---- C:\WINDOWS\system32\config
2013-09-22 14:29:55 ----D---- C:\WINDOWS\Media
2013-09-22 13:58:11 ----D---- C:\Program Files\Outlook Express
2013-09-22 13:57:36 ----D---- C:\Program Files\Movie Maker
2013-09-20 19:30:53 ----D---- C:\Program Files\Messenger
2013-09-20 13:34:09 ----D---- C:\Documents and Settings\Uziv1\Data aplikací\Skype
2013-09-20 12:34:39 ----D---- C:\WINDOWS\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2013-04-11 1353820]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-07-18 22216]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-19 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 19 říj 2013 20:01

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

kokon · #3 Příspěvek od **kokon** » 19 říj 2013 22:13

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Uziv1 on so 19.10.2013 at 22:34:50,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 19.10.2013 at 22:40:41,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.008 - Report created 19/10/2013 at 23:02:05
# Updated 17/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Uziv1 - HLAD
# Running from : C:\Documents and Settings\Uziv1\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
File Deleted : C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default\searchplugins\ask-search.xml
File Deleted : C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default\searchplugins\bingp.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\Uziv1\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1799 octets] - [19/10/2013 22:57:29]
AdwCleaner[S0].txt - [1740 octets] - [19/10/2013 23:02:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1800 octets] ##########

#4 Příspěvek od **vyosek** » 20 říj 2013 14:13

Poprosim o log z FRSTL http://forum.viry.cz/viewtopic.php?f=24&t=132509

kokon · #5 Příspěvek od **kokon** » 20 říj 2013 20:25

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-10-2013
Ran by Uziv1 (administrator) on HLAD on 20-10-2013 21:11:06
Running from C:\Documents and Settings\Uziv1\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(forum.viry.cz) C:\Documents and Settings\Uziv1\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2013-04-11] (Intel Corporation)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=061513
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 2208131843
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.1: Ask Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=061513&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: No Name - C:\Documents and Settings\Uziv1\Data aplikací\Mozilla\Firefox\Profiles\x3r8d45v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=061513", "hxxp://www.google.com"
CHR DefaultSearchURL: (Bing) - http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/osjson.aspx?query={ ... &dt=061513
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Google Docs) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (Gmail) - C:\DOCUME~1\Uziv1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)

==================== Drivers (Whitelisted) ====================

R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [156160 2006-05-10] (Broadcom Corporation)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1353820 2013-04-11] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R3 senfilt; C:\Windows\System32\drivers\senfilt.sys [732928 2004-09-17] (Creative Technology Ltd.)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-20 21:10 - 2013-10-20 21:10 - 00000000 ____D C:\FRST
2013-10-20 21:07 - 2013-10-20 21:07 - 01087515 _____ (Farbar) C:\Documents and Settings\Uziv1\Plocha\FRST.exe
2013-10-20 21:07 - 2013-10-20 21:06 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Uziv1\Plocha\FRSTLauncher.exe
2013-10-19 23:23 - 2013-10-20 21:05 - 00000366 ____H C:\WINDOWS\Tasks\MpIdleTask.job
2013-10-19 23:13 - 2013-10-19 23:14 - 00000000 ____D C:\00689ab4f40344476c
2013-10-19 23:13 - 2013-10-19 23:13 - 00000000 ____D C:\WINDOWS\Temp73D44E63-37A1-EBA5-F552-655A246707C6-Signatures
2013-10-19 23:13 - 2013-10-19 23:13 - 00000000 ____D C:\WINDOWS\LastGood
2013-10-19 22:57 - 2013-10-19 23:02 - 00000000 ____D C:\AdwCleaner
2013-10-19 22:57 - 2013-10-19 22:57 - 00001515 _____ C:\Documents and Settings\Uziv1\Plocha\JRT.txt
2013-10-19 22:34 - 2013-10-19 22:34 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-19 22:14 - 2013-10-19 22:14 - 00000000 ____D C:\WINDOWS\Temp4D6C9D7A-C284-E072-07EC-AC2179E47AAE-Signatures
2013-10-19 22:13 - 2013-10-19 22:14 - 00005300 _____ C:\WINDOWS\KB2834904-v2.log
2013-10-19 22:13 - 2013-10-19 22:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-10-19 22:00 - 2013-10-19 22:00 - 00000000 ____D C:\WINDOWS\pss
2013-10-19 21:24 - 2013-10-19 21:24 - 00006400 _____ C:\WINDOWS\KB975558.log
2013-10-19 21:24 - 2013-10-19 21:24 - 00006171 _____ C:\WINDOWS\KB2378111.log
2013-10-19 21:13 - 2013-10-19 21:13 - 00005743 _____ C:\WINDOWS\KB978695.log
2013-10-19 21:12 - 2013-10-19 21:24 - 00000790 _____ C:\WINDOWS\wmsetup.log
2013-10-19 21:12 - 2013-10-19 21:13 - 00010782 _____ C:\WINDOWS\KB952069.log
2013-10-19 21:12 - 2013-10-19 21:12 - 00005778 _____ C:\WINDOWS\KB954155.log
2013-10-19 21:11 - 2013-10-19 21:12 - 00004616 _____ C:\WINDOWS\KB961118.log
2013-10-19 21:11 - 2013-10-19 21:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2013-10-19 21:10 - 2013-10-19 22:14 - 00006498 _____ C:\WINDOWS\netfxocm.log
2013-10-19 21:10 - 2013-10-19 22:14 - 00002550 _____ C:\WINDOWS\MedCtrOC.log
2013-10-19 21:10 - 2013-10-19 22:14 - 00002316 _____ C:\WINDOWS\ocmsn.log
2013-10-19 21:10 - 2013-10-19 22:14 - 00001866 _____ C:\WINDOWS\tabletoc.log
2013-10-19 21:10 - 2013-10-19 22:14 - 00001854 _____ C:\WINDOWS\msgsocm.log
2013-10-19 21:10 - 2013-10-19 22:14 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-19 21:10 - 2013-10-19 21:12 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-19 21:10 - 2013-10-19 21:11 - 00004179 _____ C:\WINDOWS\KB954154.log
2013-10-19 21:10 - 2013-10-19 21:10 - 00004605 _____ C:\WINDOWS\KB929399.log
2013-10-19 21:10 - 2013-10-19 21:10 - 00004338 _____ C:\WINDOWS\KB939683.log
2013-10-19 21:10 - 2013-10-19 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954154_WM11$
2013-10-19 21:10 - 2013-10-19 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB939683$
2013-10-19 21:10 - 2013-10-19 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$
2013-10-19 21:09 - 2013-10-19 22:14 - 00040640 _____ C:\WINDOWS\iis6.log
2013-10-19 21:09 - 2013-10-19 22:14 - 00037101 _____ C:\WINDOWS\FaxSetup.log
2013-10-19 21:09 - 2013-10-19 22:14 - 00017736 _____ C:\WINDOWS\ocgen.log
2013-10-19 21:09 - 2013-10-19 22:14 - 00016927 _____ C:\WINDOWS\tsoc.log
2013-10-19 21:09 - 2013-10-19 22:14 - 00012333 _____ C:\WINDOWS\comsetup.log
2013-10-19 21:09 - 2013-10-19 22:14 - 00007466 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-19 21:09 - 2013-10-19 22:13 - 00011804 _____ C:\WINDOWS\msmqinst.log
2013-10-19 21:09 - 2013-10-19 21:10 - 00006217 _____ C:\WINDOWS\KB941569.log
2013-10-19 21:09 - 2013-10-19 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941569$
2013-10-19 21:09 - 2013-10-19 21:09 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-19 21:09 - 2013-10-19 21:09 - 00000000 _____ C:\WINDOWS\setupact.log
2013-10-19 21:05 - 2013-10-19 21:05 - 01050644 _____ C:\Documents and Settings\Uziv1\Plocha\adwcleaner.exe
2013-10-19 21:05 - 2009-01-09 21:19 - 01089883 ____C C:\WINDOWS\system32\dllcache\ntprint.cat
2013-10-19 21:04 - 2013-10-19 21:05 - 01033335 _____ (Thisisu) C:\Documents and Settings\Uziv1\Plocha\JRT.exe
2013-10-19 20:42 - 2013-10-19 21:10 - 00014500 _____ C:\WINDOWS\setupapi.log
2013-10-19 20:40 - 2013-10-19 20:40 - 00026408 _____ C:\Documents and Settings\Uziv1\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2013-10-19 20:39 - 2013-10-19 23:04 - 00003335 _____ C:\WINDOWS\spupdsvc.log
2013-10-19 20:38 - 2013-10-19 20:38 - 00158752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-19 19:43 - 2013-09-03 14:35 - 00238872 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-10-19 19:34 - 2013-10-19 22:07 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-10-19 19:34 - 2013-10-19 19:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-10-19 19:34 - 2013-10-19 19:34 - 00000000 ____D C:\Program Files\MSBuild
2013-10-19 19:33 - 2013-10-19 19:34 - 00000000 ____D C:\017bd91a347d873481f4
2013-10-19 19:33 - 2008-07-06 14:06 - 01676288 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
2013-10-19 19:33 - 2008-07-06 14:06 - 01676288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpssvcs.dll
2013-10-19 19:33 - 2008-07-06 14:06 - 00575488 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsshhdr.dll
2013-10-19 19:33 - 2008-07-06 14:06 - 00575488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2013-10-19 19:33 - 2008-07-06 14:06 - 00117760 ____N (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2013-10-19 19:33 - 2008-07-06 14:06 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2013-10-19 19:33 - 2008-07-06 12:50 - 00597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2013-10-19 19:32 - 2013-10-19 19:32 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-10-19 19:31 - 2013-10-19 23:14 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-10-19 19:30 - 2013-10-19 22:29 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-19 19:25 - 2013-10-19 19:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-19 19:23 - 2013-10-19 19:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallMSCompPackV1$
2013-10-19 19:23 - 2007-07-27 10:41 - 00016760 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2013-10-19 19:22 - 2013-10-19 23:13 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-10-19 19:22 - 2013-10-19 19:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallwmp11$
2013-10-19 19:22 - 2013-10-19 19:22 - 00000000 ____D C:\Program Files\Windows Media Connect 2
2013-10-19 19:21 - 2013-10-19 23:13 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-19 19:20 - 2013-10-19 19:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallWMFDist11$
2013-10-19 19:19 - 2013-10-19 20:42 - 00000000 ____D C:\rsit
2013-10-19 19:19 - 2013-10-19 20:42 - 00000000 ____D C:\Program Files\trend micro
2013-10-19 19:19 - 2013-10-19 20:37 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2013-10-19 19:19 - 2013-10-19 19:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallWudf01000$
2013-10-19 18:58 - 2013-10-19 18:58 - 00000000 __SHD C:\Documents and Settings\Uziv1\PrivacIE
2013-10-19 18:37 - 2013-10-19 18:37 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-10-19 18:37 - 2013-07-17 02:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-19 18:37 - 2013-07-17 02:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2013-10-19 18:37 - 2013-07-17 02:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2013-10-19 18:37 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-19 18:37 - 2013-07-03 03:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-19 18:36 - 2013-08-09 02:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-19 18:36 - 2013-08-09 02:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-19 18:36 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-19 18:36 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-19 18:20 - 2013-10-19 18:20 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2013-10-19 18:20 - 2008-04-14 08:51 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
2013-10-19 18:20 - 2008-04-14 08:51 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
2013-10-02 14:40 - 2013-10-02 14:40 - 00010360 _____ C:\Documents and Settings\Uziv1\Plocha\obalka2.odt
2013-10-02 09:07 - 2013-10-02 12:23 - 00011392 _____ C:\Documents and Settings\Uziv1\Plocha\obalka 1.odt
2013-09-22 18:50 - 2013-09-22 18:50 - 00000000 __SHD C:\Documents and Settings\Uziv1\IETldCache
2013-09-22 18:50 - 2013-09-22 18:50 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2013-09-22 14:32 - 2013-09-23 20:25 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-09-22 14:31 - 2011-08-16 12:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2013-09-22 14:30 - 2013-10-19 19:23 - 00000000 ____D C:\WINDOWS\ie8updates
2013-09-22 14:30 - 2013-09-23 23:55 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-09-22 14:30 - 2013-09-23 20:25 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-09-22 14:30 - 2013-09-23 20:25 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-09-22 14:30 - 2013-09-23 20:25 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-09-22 14:30 - 2013-09-23 20:25 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-09-22 14:30 - 2013-09-23 20:25 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-09-22 14:30 - 2013-09-23 20:25 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-09-22 14:30 - 2013-09-22 14:34 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2013-09-22 14:28 - 2013-09-22 14:30 - 00000000 __HDC C:\WINDOWS\ie8
2013-09-22 14:26 - 2013-10-19 19:25 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-22 13:59 - 2013-09-22 13:59 - 00006190 _____ C:\WINDOWS\system32\TZLog.log
2013-09-22 11:20 - 2013-09-30 12:39 - 00014273 _____ C:\Documents and Settings\Uziv1\Plocha\Bez názvu 1.odt
2013-09-22 09:42 - 2008-06-14 19:35 - 00272128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys
2013-09-22 09:39 - 2010-11-02 17:17 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2013-09-22 09:39 - 2010-08-27 10:03 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\t2embed.dll
2013-09-22 09:39 - 2009-10-15 18:32 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fontsub.dll
2013-09-22 09:38 - 2013-06-04 02:53 - 00290816 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\dllcache\atmfd.dll
2013-09-22 09:38 - 2009-06-21 23:48 - 00153088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
2013-09-22 09:37 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2013-09-22 09:37 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2013-09-22 09:37 - 2008-05-08 16:02 - 00203136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rmcast.sys
2013-09-22 09:37 - 2008-05-01 16:37 - 00331776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadce.dll
2013-09-22 09:36 - 2010-08-23 18:12 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2013-09-22 09:35 - 2011-07-15 15:29 - 00456320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2013-09-22 09:33 - 2010-09-18 08:53 - 00953856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2013-09-22 09:32 - 2010-06-14 16:31 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2013-09-22 09:30 - 2009-03-06 16:23 - 00284160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pdh.dll
2013-09-22 09:30 - 2009-02-09 13:25 - 00111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\services.exe
2013-09-22 09:30 - 2009-02-09 12:56 - 00684032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\advapi32.dll
2013-09-22 09:30 - 2009-02-09 12:56 - 00473600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
2013-09-22 09:30 - 2009-02-09 12:56 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2013-09-22 09:30 - 2009-02-09 12:56 - 00401408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcss.dll
2013-09-22 09:30 - 2009-02-06 12:10 - 00227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
2013-09-22 09:29 - 2009-07-28 00:27 - 00128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2013-09-22 09:27 - 2011-04-21 15:37 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2013-09-22 09:27 - 2009-11-21 18:03 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2013-09-22 09:26 - 2012-05-28 20:16 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2013-09-22 09:26 - 2010-02-12 12:03 - 00293376 ____N (Microsoft Corporation) C:\WINDOWS\system32\browserchoice.exe
2013-09-22 09:24 - 2012-07-04 16:05 - 00139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2013-09-22 09:24 - 2010-06-18 15:36 - 03558912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2013-09-22 09:20 - 2013-07-04 09:34 - 02195712 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2013-09-22 09:20 - 2013-07-04 09:34 - 02151936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2013-09-22 09:20 - 2013-07-04 09:34 - 02072320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2013-09-22 09:20 - 2013-07-04 09:33 - 02030592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2013-09-22 09:20 - 2012-01-11 21:07 - 00003072 ____N C:\WINDOWS\system32\iacenc.dll
2013-09-22 09:20 - 2012-01-11 21:07 - 00003072 ____C C:\WINDOWS\system32\dllcache\iacenc.dll
2013-09-22 09:20 - 2011-07-08 16:02 - 00010496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2013-09-22 09:20 - 2010-12-09 17:15 - 00713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2013-09-22 09:20 - 2010-07-16 13:58 - 00219136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2013-09-22 09:20 - 2009-11-21 18:03 - 01206508 ____C C:\WINDOWS\system32\dllcache\sysmain.sdb
2013-09-22 09:15 - 2010-10-11 16:59 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2013-09-20 13:36 - 2013-09-24 12:27 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-09-20 13:36 - 2013-09-20 13:36 - 00000000 ____D C:\WINDOWS\system32\PreInstall

==================== One Month Modified Files and Folders =======

2013-10-20 21:10 - 2013-10-20 21:10 - 00000000 ____D C:\FRST
2013-10-20 21:10 - 2013-08-29 13:53 - 00000000 ____D C:\Documents and Settings\Uziv1\Dokumenty\Stažené soubory
2013-10-20 21:10 - 2013-06-12 21:09 - 00000000 ___HD C:\Documents and Settings\Uziv1\Local Settings\Data aplikací
2013-10-20 21:10 - 2013-06-12 21:09 - 00000000 ____D C:\Documents and Settings\Uziv1\Plocha
2013-10-20 21:10 - 2013-06-12 20:46 - 01681485 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-20 21:07 - 2013-10-20 21:07 - 01087515 _____ (Farbar) C:\Documents and Settings\Uziv1\Plocha\FRST.exe
2013-10-20 21:06 - 2013-10-20 21:07 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Uziv1\Plocha\FRSTLauncher.exe
2013-10-20 21:05 - 2013-10-19 23:23 - 00000366 ____H C:\WINDOWS\Tasks\MpIdleTask.job
2013-10-19 23:38 - 2013-06-14 19:58 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-19 23:38 - 2004-08-18 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-19 23:31 - 2013-06-14 19:46 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-19 23:14 - 2013-10-19 23:13 - 00000000 ____D C:\00689ab4f40344476c
2013-10-19 23:14 - 2013-10-19 19:31 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-10-19 23:13 - 2013-10-19 23:13 - 00000000 ____D C:\WINDOWS\Temp73D44E63-37A1-EBA5-F552-655A246707C6-Signatures
2013-10-19 23:13 - 2013-10-19 23:13 - 00000000 ____D C:\WINDOWS\LastGood
2013-10-19 23:13 - 2013-10-19 19:22 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-10-19 23:13 - 2013-10-19 19:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-19 23:13 - 2013-06-12 22:38 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-10-19 23:12 - 2013-06-12 22:36 - 00000211 ___SH C:\boot.ini
2013-10-19 23:12 - 2004-08-18 14:00 - 00000507 _____ C:\WINDOWS\win.ini
2013-10-19 23:12 - 2004-08-18 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-10-19 23:04 - 2013-10-19 20:39 - 00003335 _____ C:\WINDOWS\spupdsvc.log
2013-10-19 23:04 - 2013-06-12 22:41 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-19 23:04 - 2013-06-12 22:41 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-19 23:03 - 2013-06-14 19:46 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-19 23:03 - 2013-06-12 20:52 - 00032526 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-19 23:03 - 2013-06-12 20:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-19 23:02 - 2013-10-19 22:57 - 00000000 ____D C:\AdwCleaner
2013-10-19 23:02 - 2013-06-12 22:37 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-10-19 23:02 - 2013-06-12 21:09 - 00000178 ___SH C:\Documents and Settings\Uziv1\ntuser.ini
2013-10-19 22:57 - 2013-10-19 22:57 - 00001515 _____ C:\Documents and Settings\Uziv1\Plocha\JRT.txt
2013-10-19 22:34 - 2013-10-19 22:34 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-19 22:29 - 2013-10-19 19:30 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-19 22:23 - 2013-06-12 22:38 - 00978934 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-19 22:14 - 2013-10-19 22:14 - 00000000 ____D C:\WINDOWS\Temp4D6C9D7A-C284-E072-07EC-AC2179E47AAE-Signatures
2013-10-19 22:14 - 2013-10-19 22:13 - 00005300 _____ C:\WINDOWS\KB2834904-v2.log
2013-10-19 22:14 - 2013-10-19 21:10 - 00006498 _____ C:\WINDOWS\netfxocm.log
2013-10-19 22:14 - 2013-10-19 21:10 - 00002550 _____ C:\WINDOWS\MedCtrOC.log
2013-10-19 22:14 - 2013-10-19 21:10 - 00002316 _____ C:\WINDOWS\ocmsn.log
2013-10-19 22:14 - 2013-10-19 21:10 - 00001866 _____ C:\WINDOWS\tabletoc.log
2013-10-19 22:14 - 2013-10-19 21:10 - 00001854 _____ C:\WINDOWS\msgsocm.log
2013-10-19 22:14 - 2013-10-19 21:10 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-19 22:14 - 2013-10-19 21:09 - 00040640 _____ C:\WINDOWS\iis6.log
2013-10-19 22:14 - 2013-10-19 21:09 - 00037101 _____ C:\WINDOWS\FaxSetup.log
2013-10-19 22:14 - 2013-10-19 21:09 - 00017736 _____ C:\WINDOWS\ocgen.log
2013-10-19 22:14 - 2013-10-19 21:09 - 00016927 _____ C:\WINDOWS\tsoc.log
2013-10-19 22:14 - 2013-10-19 21:09 - 00012333 _____ C:\WINDOWS\comsetup.log
2013-10-19 22:14 - 2013-10-19 21:09 - 00007466 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-19 22:13 - 2013-10-19 22:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-10-19 22:13 - 2013-10-19 21:09 - 00011804 _____ C:\WINDOWS\msmqinst.log
2013-10-19 22:07 - 2013-10-19 19:34 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-10-19 22:00 - 2013-10-19 22:00 - 00000000 ____D C:\WINDOWS\pss
2013-10-19 21:24 - 2013-10-19 21:24 - 00006400 _____ C:\WINDOWS\KB975558.log
2013-10-19 21:24 - 2013-10-19 21:24 - 00006171 _____ C:\WINDOWS\KB2378111.log
2013-10-19 21:24 - 2013-10-19 21:12 - 00000790 _____ C:\WINDOWS\wmsetup.log
2013-10-19 21:13 - 2013-10-19 21:13 - 00005743 _____ C:\WINDOWS\KB978695.log
2013-10-19 21:13 - 2013-10-19 21:12 - 00010782 _____ C:\WINDOWS\KB952069.log
2013-10-19 21:12 - 2013-10-19 21:12 - 00005778 _____ C:\WINDOWS\KB954155.log
2013-10-19 21:12 - 2013-10-19 21:11 - 00004616 _____ C:\WINDOWS\KB961118.log
2013-10-19 21:12 - 2013-10-19 21:10 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-19 21:11 - 2013-10-19 21:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2013-10-19 21:11 - 2013-10-19 21:10 - 00004179 _____ C:\WINDOWS\KB954154.log
2013-10-19 21:10 - 2013-10-19 21:10 - 00004605 _____ C:\WINDOWS\KB929399.log
2013-10-19 21:10 - 2013-10-19 21:10 - 00004338 _____ C:\WINDOWS\KB939683.log
2013-10-19 21:10 - 2013-10-19 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954154_WM11$
2013-10-19 21:10 - 2013-10-19 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB939683$
2013-10-19 21:10 - 2013-10-19 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$
2013-10-19 21:10 - 2013-10-19 21:09 - 00006217 _____ C:\WINDOWS\KB941569.log
2013-10-19 21:10 - 2013-10-19 20:42 - 00014500 _____ C:\WINDOWS\setupapi.log
2013-10-19 21:09 - 2013-10-19 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941569$
2013-10-19 21:09 - 2013-10-19 21:09 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-19 21:09 - 2013-10-19 21:09 - 00000000 _____ C:\WINDOWS\setupact.log
2013-10-19 21:05 - 2013-10-19 21:05 - 01050644 _____ C:\Documents and Settings\Uziv1\Plocha\adwcleaner.exe
2013-10-19 21:05 - 2013-10-19 21:04 - 01033335 _____ (Thisisu) C:\Documents and Settings\Uziv1\Plocha\JRT.exe
2013-10-19 20:42 - 2013-10-19 19:19 - 00000000 ____D C:\rsit
2013-10-19 20:42 - 2013-10-19 19:19 - 00000000 ____D C:\Program Files\trend micro
2013-10-19 20:40 - 2013-10-19 20:40 - 00026408 _____ C:\Documents and Settings\Uziv1\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2013-10-19 20:38 - 2013-10-19 20:38 - 00158752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-19 20:38 - 2013-06-14 19:44 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-10-19 20:37 - 2013-10-19 19:19 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2013-10-19 19:48 - 2013-06-12 20:52 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-10-19 19:34 - 2013-10-19 19:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-10-19 19:34 - 2013-10-19 19:34 - 00000000 ____D C:\Program Files\MSBuild
2013-10-19 19:34 - 2013-10-19 19:33 - 00000000 ____D C:\017bd91a347d873481f4
2013-10-19 19:34 - 2013-06-12 22:30 - 00000000 ____D C:\WINDOWS\system32\spool
2013-10-19 19:32 - 2013-10-19 19:32 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-10-19 19:30 - 2013-06-12 22:30 - 00000000 ____D C:\WINDOWS\system32\mui
2013-10-19 19:28 - 2013-10-19 19:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-19 19:25 - 2013-09-22 14:26 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-19 19:23 - 2013-10-19 19:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallMSCompPackV1$
2013-10-19 19:23 - 2013-09-22 14:30 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-19 19:22 - 2013-10-19 19:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallwmp11$
2013-10-19 19:22 - 2013-10-19 19:22 - 00000000 ____D C:\Program Files\Windows Media Connect 2
2013-10-19 19:22 - 2013-06-12 22:30 - 00000000 ____D C:\WINDOWS\Help
2013-10-19 19:22 - 2013-06-12 21:09 - 00000788 _____ C:\Documents and Settings\Uziv1\Nabídka Start\Programy\Windows Media Player.lnk
2013-10-19 19:22 - 2013-06-12 21:09 - 00000000 ___RD C:\Documents and Settings\Uziv1\Nabídka Start\Programy
2013-10-19 19:22 - 2013-06-12 20:47 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2013-10-19 19:22 - 2013-06-12 20:47 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2013-10-19 19:21 - 2013-06-12 22:38 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-19 19:21 - 2013-06-12 22:30 - 00000000 ____D C:\WINDOWS\pchealth
2013-10-19 19:21 - 2013-06-12 20:47 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2013-10-19 19:21 - 2013-06-12 20:44 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Hudba
2013-10-19 19:20 - 2013-10-19 19:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallWMFDist11$
2013-10-19 19:19 - 2013-10-19 19:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallWudf01000$
2013-10-19 19:18 - 2013-08-17 10:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-19 19:18 - 2013-07-19 23:01 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-19 19:10 - 2013-06-15 09:06 - 00000000 ___RD C:\Program Files\Skype
2013-10-19 19:10 - 2013-06-15 09:06 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2013-10-19 19:09 - 2013-08-29 12:05 - 00000000 ____D C:\Program Files\HP
2013-10-19 19:01 - 2013-06-12 22:38 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-10-19 19:00 - 2013-06-12 22:38 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2013-10-19 18:58 - 2013-10-19 18:58 - 00000000 __SHD C:\Documents and Settings\Uziv1\PrivacIE
2013-10-19 18:58 - 2013-06-12 21:09 - 00000000 ____D C:\Documents and Settings\Uziv1
2013-10-19 18:58 - 2013-06-12 20:48 - 00001507 _____ C:\Documents and Settings\All Users\Nabídka Start\Windows Update.lnk
2013-10-19 18:38 - 2013-06-14 19:58 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-19 18:38 - 2013-06-14 19:58 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-19 18:37 - 2013-10-19 18:37 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-10-19 18:20 - 2013-10-19 18:20 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2013-10-19 18:20 - 2013-06-12 20:51 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-10-19 18:20 - 2013-06-12 20:47 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-10-02 14:40 - 2013-10-02 14:40 - 00010360 _____ C:\Documents and Settings\Uziv1\Plocha\obalka2.odt
2013-10-02 12:23 - 2013-10-02 09:07 - 00011392 _____ C:\Documents and Settings\Uziv1\Plocha\obalka 1.odt
2013-09-30 12:39 - 2013-09-22 11:20 - 00014273 _____ C:\Documents and Settings\Uziv1\Plocha\Bez názvu 1.odt
2013-09-24 12:27 - 2013-09-20 13:36 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-09-23 23:55 - 2013-09-22 14:30 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-09-23 23:55 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 20:25 - 2013-09-22 14:32 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-09-23 20:25 - 2013-09-22 14:30 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-09-23 20:25 - 2013-09-22 14:30 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-09-23 20:25 - 2013-09-22 14:30 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-09-23 20:25 - 2013-09-22 14:30 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-09-23 20:25 - 2013-09-22 14:30 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-09-23 20:25 - 2013-09-22 14:30 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 06017536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 01215488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2013-09-23 20:25 - 2013-08-01 06:17 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2013-09-23 20:25 - 2009-03-08 14:09 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2013-09-23 20:25 - 2009-03-08 04:34 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2013-09-23 20:25 - 2009-03-08 04:34 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2013-09-23 20:25 - 2009-03-08 04:34 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2013-09-23 20:25 - 2009-03-08 04:33 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2013-09-23 20:25 - 2009-03-08 04:33 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2013-09-23 20:25 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-23 20:25 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-23 20:25 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 06017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-09-23 20:25 - 2004-08-18 14:00 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00067072 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-09-23 20:25 - 2004-08-18 14:00 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2013-09-23 20:06 - 2009-03-08 04:32 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2013-09-23 20:06 - 2004-08-18 14:00 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2013-09-23 20:06 - 2004-08-18 14:00 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-22 18:50 - 2013-09-22 18:50 - 00000000 __SHD C:\Documents and Settings\Uziv1\IETldCache
2013-09-22 18:50 - 2013-09-22 18:50 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2013-09-22 18:50 - 2013-09-18 19:02 - 00000000 ___RD C:\Documents and Settings\Uziv1\Dokumenty\Obrázky
2013-09-22 18:50 - 2013-09-18 19:02 - 00000000 ___RD C:\Documents and Settings\Uziv1\Dokumenty\Hudba
2013-09-22 18:50 - 2013-06-12 21:09 - 00000803 _____ C:\Documents and Settings\Uziv1\Nabídka Start\Programy\Internet Explorer.lnk
2013-09-22 18:50 - 2013-06-12 21:09 - 00000000 ___RD C:\Documents and Settings\Uziv1\Oblíbené položky
2013-09-22 18:50 - 2013-06-12 21:09 - 00000000 ___RD C:\Documents and Settings\Uziv1\Nabídka Start\Programy\Příslušenství
2013-09-22 18:50 - 2013-06-12 21:09 - 00000000 ___RD C:\Documents and Settings\Uziv1\Dokumenty
2013-09-22 18:50 - 2013-06-12 20:52 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-09-22 14:34 - 2013-09-22 14:30 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2013-09-22 14:30 - 2013-09-22 14:28 - 00000000 __HDC C:\WINDOWS\ie8
2013-09-22 14:29 - 2013-06-12 22:30 - 00000000 ____D C:\WINDOWS\Media
2013-09-22 13:59 - 2013-09-22 13:59 - 00006190 _____ C:\WINDOWS\system32\TZLog.log
2013-09-22 13:58 - 2013-06-12 20:45 - 00000000 ____D C:\Program Files\Outlook Express
2013-09-22 13:57 - 2013-06-12 20:45 - 00000000 ____D C:\Program Files\Movie Maker
2013-09-20 19:30 - 2013-06-12 20:44 - 00000000 ____D C:\Program Files\Messenger
2013-09-20 13:36 - 2013-09-20 13:36 - 00000000 ____D C:\WINDOWS\system32\PreInstall
2013-09-20 13:34 - 2013-06-15 09:07 - 00000000 ____D C:\Documents and Settings\Uziv1\Data aplikací\Skype

Some content of TEMP:
====================
C:\Documents and Settings\Uziv1\Local Settings\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-18 14:00] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-18 14:00] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-18 14:00] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-18 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-18 14:00] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-18 14:00] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-18 14:00] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:37.26 GB) (Free:26.18 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 339.07 MB
Total physical RAM: 1014.07 MB
Percentage of memory in use: 66%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 37 GB) (Disk ID: B654B654)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\MpIdleTask.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

==================== Security Center ==================

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Uziv1\Plocha" je 3 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"="C:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe:*:Enabled:Far Cry"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\HP\\HP Deskjet 2050 J510 series\\Bin\\USBSetup.exe"="C:\\Program Files\\HP\\HP Deskjet 2050 J510 series\\Bin\\USBSetup.exe:LocalSubNet:Enabled:Instalace zazen HP"
"C:\\Program Files\\LibreOffice 4\\program\\soffice.bin"="C:\\Program Files\\LibreOffice 4\\program\\soffice.bin:*:Enabled:LibreOffice"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"="C:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe:*:Enabled:PanProcess"
"C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"="C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **vyosek** » 20 říj 2013 21:20

Odinstalujte PANDORA.TV

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=061513
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search

FF DefaultSearchEngine: Bing
FF SearchEngineOrder.1: Ask Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF& ... =061513&q=

CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=061513", "hxxp://www.google.com"
CHR DefaultSearchURL: (Bing) - http://www.bing.com/search?FORM=UP97DF& ... =061513&q={searchTerms}&src=IE-SearchBox
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=UP97DF&PC=UP97&dt=061513

R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\MpIdleTask.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

C:\Program Files\PANDORA.TV

REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Program Files\PANDORA.TV\PanService\PanProcess.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Program Files\PANDORA.TV\PanService\PandoraService.exe" /f

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

kokon · #7 Příspěvek od **kokon** » 21 říj 2013 07:03

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-10-2013
Ran by Uziv1 at 2013-10-21 08:02:38 Run:1
Running from C:\Documents and Settings\Uziv1\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=061513
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search

FF DefaultSearchEngine: Bing
FF SearchEngineOrder.1: Ask Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF& ... =061513&q=

CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=061513", "hxxp://www.google.com"
CHR DefaultSearchURL: (Bing) - http://www.bing.com/search?FORM=UP97DF& ... =061513&q={searchTerms}&src=IE-SearchBox
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/osjson.aspx?query={ ... &dt=061513

R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S4 IntelIde; No ImagePath
U1 WS2IFSL;

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\MpIdleTask.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

C:\Program Files\PANDORA.TV

REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Program Files\PANDORA.TV\PanService\PanProcess.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Program Files\PANDORA.TV\PanService\PandoraService.exe" /f

Hosts:

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} => Value deleted successfully.
HKCR\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SearchEngineOrder.3 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
CHR HomePage: hxxp://www.seznam.cz/?clid=12454 ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=061513", "hxxp://www.google.com" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: (Bing) - http://www.bing.com/search?FORM=UP97DF& ... =061513&q={searchTerms}&src=IE-SearchBox ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/osjson.aspx?query={ ... &dt=061513 ==> The Chrome "Settings" can be used to fix the entry.
PanService => Service not found.
IntelIde => Service deleted successfully.
WS2IFSL => Service deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => Moved successfully.
C:\WINDOWS\Tasks\MpIdleTask.job => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":D1B5B4F1" ADS removed successfully.
"C:\Program Files\PANDORA.TV" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Program Files\PANDORA.TV\PanService\PanProcess.exe" /f =========

Operace byla dokončena úspěšně.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Program Files\PANDORA.TV\PanService\PandoraService.exe" /f =========

Operace byla dokončena úspěšně.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#8 Příspěvek od **vyosek** » 21 říj 2013 07:07

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

kokon · #9 Příspěvek od **kokon** » 21 říj 2013 23:34

Všechno šlape! Díky!

#10 Příspěvek od **vyosek** » 22 říj 2013 15:55

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola