dobrý den, prosím o kontrolu logu. popř. o popis co mám udělat jako pro tříletý dítě. díky
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomas at 2013-12-01 16:59:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (23%) free of 288 GB
Total RAM: 2811 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:20, on 1.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.wisesearch.info/?pid=9 ... Z&unqvl=39
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - (no file)
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11948 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:212 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:212 CREDAT:3347756 /prefetch:2
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" mode=windowless
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:212 CREDAT:922888 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:212 CREDAT:988440 /prefetch:2
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\sppsvc.exe
"D:\instalačky\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job
C:\Windows\tasks\HPCeeScheduleForTOMAS-HP$.job
C:\Windows\tasks\HPCeeScheduleForTomas.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default
prefs.js - "browser.startup.homepage" - "http://websearch.wisesearch.info/?pid=9 ... Z&unqvl=39"
prefs.js - "keyword.URL" - "http://websearch.wisesearch.info/?pid=9 ... =39&l=1&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\extensions\
hdxxeyo@cvqrgo.edu
s3o3vmrpe@m-v.com
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\searchplugins\
WebSearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-14 43520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-10-27 6489704]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-10 24783624]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-09-29 20880]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-09-25 20133824]
"Google Update"=C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-09 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-06-17 98304]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-01 16:59:14 ----D---- C:\Program Files\trend micro
2013-12-01 16:59:13 ----D---- C:\rsit
2013-12-01 16:51:54 ----D---- C:\Program Files (x86)\Trend Micro
2013-12-01 13:41:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-01 13:37:46 ----D---- C:\Windows\Migration
2013-11-12 22:16:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-12 22:16:35 ----A---- C:\Windows\system32\ieui.dll
2013-11-12 22:16:33 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-12 22:16:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-12 22:16:33 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-12 22:16:33 ----A---- C:\Windows\system32\iesetup.dll
2013-11-12 22:16:33 ----A---- C:\Windows\system32\iernonce.dll
2013-11-12 22:16:32 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-12 22:16:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-12 22:16:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 22:16:32 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-12 22:16:32 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-12 22:16:31 ----A---- C:\Windows\system32\iertutil.dll
2013-11-12 22:16:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-12 22:16:28 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-12 22:16:27 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-12 22:16:27 ----A---- C:\Windows\system32\jscript.dll
2013-11-12 22:16:26 ----A---- C:\Windows\system32\jscript9.dll
2013-11-12 22:16:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-12 22:16:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-12 22:16:23 ----A---- C:\Windows\system32\urlmon.dll
2013-11-12 22:16:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-12 22:16:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-12 22:16:21 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-12 22:16:20 ----A---- C:\Windows\system32\wininet.dll
2013-11-12 22:16:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-12 22:16:17 ----A---- C:\Windows\system32\ieframe.dll
2013-11-12 22:16:16 ----A---- C:\Windows\system32\mshtml.dll
2013-11-12 22:16:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-12 21:22:58 ----A---- C:\Windows\system32\crypt32.dll
2013-11-12 21:22:57 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-12 21:22:46 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-12 21:22:42 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-12 21:22:42 ----A---- C:\Windows\system32\authui.dll
2013-11-12 21:22:41 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:22:41 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-12 21:22:41 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 21:22:41 ----A---- C:\Windows\system32\credui.dll
2013-11-12 21:22:31 ----A---- C:\Windows\system32\schannel.dll
2013-11-12 21:22:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-12 21:22:30 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-12 21:22:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-12 21:22:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-12 21:22:30 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-12 21:22:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-12 21:22:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-12 21:22:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-12 21:22:29 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-12 21:22:29 ----A---- C:\Windows\system32\sspicli.dll
2013-11-12 21:22:29 ----A---- C:\Windows\system32\secur32.dll
2013-11-12 21:22:29 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-12 21:22:29 ----A---- C:\Windows\system32\lsass.exe
2013-11-12 21:22:26 ----A---- C:\Windows\system32\gdi32.dll
2013-11-12 21:22:25 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-12 21:22:24 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-12 21:22:23 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-12 21:22:23 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-12 21:22:23 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-12 21:22:22 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-03 08:49:55 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-03 08:49:55 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-03 08:49:55 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-11-03 08:49:53 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-11-03 08:49:52 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-11-03 08:49:50 ----A---- C:\Windows\system32\wksprtPS.dll
2013-11-03 08:49:50 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-03 08:49:50 ----A---- C:\Windows\system32\tsgqec.dll
2013-11-03 08:49:49 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-11-03 08:49:49 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-11-03 08:49:49 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-11-03 08:49:49 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-11-03 08:49:49 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-11-03 08:49:49 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-11-03 08:49:49 ----A---- C:\Windows\system32\rdpudd.dll
2013-11-03 08:49:49 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-11-03 08:49:49 ----A---- C:\Windows\system32\aaclient.dll
2013-11-03 08:49:48 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-11-03 08:49:48 ----A---- C:\Windows\system32\wksprt.exe
2013-11-03 08:49:48 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-11-03 08:49:47 ----A---- C:\Windows\system32\rdpcorets.dll
2013-11-03 08:49:47 ----A---- C:\Windows\system32\mstsc.exe
2013-11-03 08:49:46 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-11-03 08:49:45 ----A---- C:\Windows\system32\mstscax.dll
2013-11-03 08:44:49 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-11-03 08:44:49 ----A---- C:\Windows\system32\qdvd.dll
2013-11-03 08:44:08 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-11-03 08:44:08 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-11-03 08:44:08 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-11-03 08:44:08 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-11-03 08:44:07 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-11-03 08:44:07 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-11-03 08:44:07 ----A---- C:\Windows\system32\drivers\usbhub.sys
======List of files/folders modified in the last 1 month======
2013-12-01 16:59:14 ----RD---- C:\Program Files
2013-12-01 16:58:58 ----D---- C:\Windows\Temp
2013-12-01 16:56:24 ----D---- C:\Windows\system32\config
2013-12-01 16:51:57 ----SHD---- C:\Windows\Installer
2013-12-01 16:51:56 ----SHD---- C:\Config.Msi
2013-12-01 16:51:55 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
2013-12-01 16:51:54 ----D---- C:\Program Files (x86)
2013-12-01 16:51:37 ----SHD---- C:\System Volume Information
2013-12-01 16:36:24 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2013-12-01 16:17:01 ----D---- C:\Program Files (x86)\Common Files
2013-12-01 16:14:59 ----RSD---- C:\Windows\assembly
2013-12-01 16:13:38 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-12-01 16:11:25 ----D---- C:\Users\Tomas\AppData\Roaming\Mozilla
2013-12-01 14:52:39 ----D---- C:\Windows\Microsoft.NET
2013-12-01 13:44:40 ----D---- C:\Windows\System32
2013-12-01 13:44:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-01 13:44:38 ----D---- C:\Windows\inf
2013-12-01 13:41:40 ----D---- C:\Windows\SysWOW64
2013-12-01 13:38:24 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-01 13:38:24 ----D---- C:\Windows\system32\en-US
2013-12-01 13:37:46 ----SD---- C:\ProgramData\Microsoft
2013-12-01 13:37:46 ----D---- C:\Windows
2013-12-01 13:33:27 ----D---- C:\Windows\Prefetch
2013-11-21 08:18:49 ----D---- C:\Windows\system32\catroot2
2013-11-19 11:21:41 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-16 08:39:11 ----D---- C:\Windows\Logs
2013-11-16 01:16:13 ----D---- C:\ProgramData\Recovery
2013-11-14 16:21:01 ----D---- C:\Windows\rescache
2013-11-13 18:04:22 ----D---- C:\Windows\winsxs
2013-11-13 18:01:29 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-13 18:01:27 ----D---- C:\Program Files\Internet Explorer
2013-11-13 18:01:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-13 18:01:26 ----D---- C:\Windows\system32\drivers
2013-11-13 18:01:26 ----D---- C:\Windows\system32\cs-CZ
2013-11-12 22:17:41 ----D---- C:\Windows\system32\catroot
2013-11-12 22:16:05 ----D---- C:\ProgramData\Microsoft Help
2013-11-12 22:13:56 ----D---- C:\Program Files\Microsoft Security Client
2013-11-12 22:13:54 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-12 22:12:56 ----D---- C:\Windows\system32\MRT
2013-11-12 22:10:01 ----A---- C:\Windows\system32\MRT.exe
2013-11-03 10:08:00 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-03 10:08:00 ----D---- C:\Windows\PolicyDefinitions
2013-11-03 10:07:59 ----D---- C:\Windows\system32\wbem
2013-11-03 10:07:59 ----D---- C:\Windows\system32\drivers\en-US
2013-11-03 10:07:56 ----D---- C:\Windows\system32\DriverStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-09-12 481912]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111012.034\IDSvia64.sys [2011-09-12 488568]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-06-17 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-06-17 188928]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-27 2494056]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2011-09-13 174200]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110929.001\BHDrvx64.sys [2011-09-29 1152632]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaudio;Motorola Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2010-05-20 42496]
S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys [2010-04-09 52736]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2011-01-20 20552]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 massfilter;MBB Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111012.017\ENG64.SYS [2011-09-12 117880]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111012.017\EX64.SYS [2011-09-12 2048632]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [2011-03-31 744568]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-01-20 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-06-17 202752]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-29 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-09 116648]
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-27 257416]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-29 647680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-09 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-18 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu - szamotys
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Kontrola logu - szamotys
Naposledy upravil(a) vyosek dne 02 pro 2013 21:39, celkem upraveno 1 x.
Důvod: Prispevek oddelen, do cizich temat se nevstupuje
Důvod: Prispevek oddelen, do cizich temat se nevstupuje
Re: Kontrola logu - szamotys
Zdravim 
V prve rade bude dobre si precist pravidla fora, tam byste se treba mimo jine dozvedel, ze si mate zalozit sve tema a nevstupovat do cizich - nyni jsem vam to jiz oddelil do samostatneho tematu
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
V prve rade bude dobre si precist pravidla fora, tam byste se treba mimo jine dozvedel, ze si mate zalozit sve tema a nevstupovat do cizich - nyni jsem vam to jiz oddelil do samostatneho tematu Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu - szamotys
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tomas on po 02.12.2013 at 22:06:18,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C86A6AC3-07F3-4109-8D0E-F7163FC4A38D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF11C051-B515-4A22-896B-A77630A9B117}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{C86A6AC3-07F3-4109-8D0E-F7163FC4A38D}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Tomas\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Tomas\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\Users\Tomas\AppData\Roaming\mozilla\firefox\profiles\dmernu79.default\searchplugins\websearch.xml
Successfully deleted the following from C:\Users\Tomas\AppData\Roaming\mozilla\firefox\profiles\dmernu79.default\prefs.js
user_pref("browser.search.defaultenginename", "WebSearch");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://websearch.wisesearch.info/?pid=969&r=2013/10/28&hid=11102972600842348490&lg=EN&cc=CZ&unqvl=39&l=1&q=");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.startup.homepage", "hxxp://websearch.wisesearch.info/?pid=969&r=2013/10/28&hid=11102972600842348490&lg=EN&cc=CZ&unqvl=39");
user_pref("extensions.ViMe.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElem
user_pref("extensions.YfrY2eMl.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)
user_pref("keyword.URL", "hxxp://websearch.wisesearch.info/?pid=969&r=2013/10/28&hid=11102972600842348490&lg=EN&cc=CZ&unqvl=39&l=1&q=");
Emptied folder: C:\Users\Tomas\AppData\Roaming\mozilla\firefox\profiles\dmernu79.default\minidumps [100 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 02.12.2013 at 22:23:40,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tomas on po 02.12.2013 at 22:06:18,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C86A6AC3-07F3-4109-8D0E-F7163FC4A38D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF11C051-B515-4A22-896B-A77630A9B117}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{C86A6AC3-07F3-4109-8D0E-F7163FC4A38D}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Tomas\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Tomas\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\Users\Tomas\AppData\Roaming\mozilla\firefox\profiles\dmernu79.default\searchplugins\websearch.xml
Successfully deleted the following from C:\Users\Tomas\AppData\Roaming\mozilla\firefox\profiles\dmernu79.default\prefs.js
user_pref("browser.search.defaultenginename", "WebSearch");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://websearch.wisesearch.info/?pid=969&r=2013/10/28&hid=11102972600842348490&lg=EN&cc=CZ&unqvl=39&l=1&q=");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.startup.homepage", "hxxp://websearch.wisesearch.info/?pid=969&r=2013/10/28&hid=11102972600842348490&lg=EN&cc=CZ&unqvl=39");
user_pref("extensions.ViMe.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElem
user_pref("extensions.YfrY2eMl.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)
user_pref("keyword.URL", "hxxp://websearch.wisesearch.info/?pid=969&r=2013/10/28&hid=11102972600842348490&lg=EN&cc=CZ&unqvl=39&l=1&q=");
Emptied folder: C:\Users\Tomas\AppData\Roaming\mozilla\firefox\profiles\dmernu79.default\minidumps [100 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 02.12.2013 at 22:23:40,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Kontrola logu - szamotys
Jeste poprosim o AdwCleaner
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu - szamotys
# AdwCleaner v3.014 - Report created 02/12/2013 at 22:38:32
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tomas - TOMAS-HP
# Running from : C:\Users\Tomas\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\DOwnlooad kEeper
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\Program Files (x86)\DOwnlooad kEeper
Folder Deleted : C:\Program Files (x86)\SearchNewTab
Folder Deleted : C:\Users\Tomas\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\Extensions\hdxxeyo@cvqrgo.edu
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\Extensions\s3o3vmrpe@m-v.com
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v18.0.1 (cs)
[ File : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\prefs.js ]
Line Deleted : user_pref("extensions.ViMe.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement(\"script\");script.ty[...]
Line Deleted : user_pref("extensions.YfrY2eMl.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++)[...]
*************************
AdwCleaner[R0].txt - [3072 octets] - [02/12/2013 22:35:43]
AdwCleaner[S0].txt - [2738 octets] - [02/12/2013 22:38:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2798 octets] ##########
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tomas - TOMAS-HP
# Running from : C:\Users\Tomas\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\DOwnlooad kEeper
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\Program Files (x86)\DOwnlooad kEeper
Folder Deleted : C:\Program Files (x86)\SearchNewTab
Folder Deleted : C:\Users\Tomas\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\Extensions\hdxxeyo@cvqrgo.edu
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\Extensions\s3o3vmrpe@m-v.com
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v18.0.1 (cs)
[ File : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default\prefs.js ]
Line Deleted : user_pref("extensions.ViMe.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement(\"script\");script.ty[...]
Line Deleted : user_pref("extensions.YfrY2eMl.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++)[...]
*************************
AdwCleaner[R0].txt - [3072 octets] - [02/12/2013 22:35:43]
AdwCleaner[S0].txt - [2738 octets] - [02/12/2013 22:38:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2798 octets] ##########
Re: Kontrola logu - szamotys
Fajn, spustte tam FRSTLauncher dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu - szamotys
zdravím, tak tady to je
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-12-2013
Ran by Tomas (administrator) on TOMAS-HP on 05-12-2013 18:08:57
Running from C:\Users\Tomas\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_152_ActiveX.exe
(forum.viry.cz) C:\Users\Tomas\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2013-10-27] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-09-29] ()
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Google Update] - C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-09] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {86ed4378-de24-11e0-b730-60eb6936c14e} - F:\unlock.exe autoplay=true
MountPoints2: {e3411fb4-985a-11e1-b186-60eb6936c14e} - F:\MI.exe
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
AppInit_DLLs-x32: [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {C86A6AC3-07F3-4109-8D0E-F7163FC4A38D} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tomas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tomas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
==================== Services (Whitelisted) =================
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
==================== Drivers (Whitelisted) ====================
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110929.001\BHDrvx64.sys [1152632 2011-09-29] (Symantec Corporation)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [42496 2010-05-20] (Motorola, Inc.)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2011-01-20] (Devguru Co., Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [481912 2011-09-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111012.034\IDSvia64.sys [488568 2011-09-12] (Symantec Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111012.017\ENG64.SYS [117880 2011-09-12] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111012.017\EX64.SYS [2048632 2011-09-12] (Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-09-13] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-05 18:08 - 2013-12-05 18:10 - 00013244 _____ C:\Users\Tomas\Desktop\FRST.txt
2013-12-05 18:08 - 2013-12-05 18:08 - 00000000 ____D C:\FRST
2013-12-05 18:07 - 2013-12-05 18:07 - 01925140 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2013-12-05 18:00 - 2013-12-05 18:01 - 00112640 _____ (forum.viry.cz) C:\Users\Tomas\Desktop\FRSTLauncher.exe
2013-12-02 22:35 - 2013-12-02 22:38 - 00000000 ____D C:\AdwCleaner
2013-12-02 22:33 - 2013-12-02 22:35 - 01110034 _____ C:\Users\Tomas\Desktop\adwcleaner.exe
2013-12-02 22:23 - 2013-12-02 22:23 - 00006046 _____ C:\Users\Tomas\Desktop\JRT.txt
2013-12-02 22:06 - 2013-12-02 22:06 - 00000000 ____D C:\Windows\ERUNT
2013-12-02 22:05 - 2013-12-02 22:06 - 01034531 _____ (Thisisu) C:\Users\Tomas\Desktop\JRT.exe
2013-12-01 17:19 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-01 17:10 - 2013-12-01 17:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\rsit
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\Program Files\trend micro
2013-12-01 16:51 - 2013-12-01 16:51 - 00002975 _____ C:\Users\Tomas\Desktop\HiJackThis.lnk
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-12-01 16:10 - 2013-12-01 16:10 - 00000134 _____ C:\Users\Tomas\Desktop\Poradce při potížích s aplikací Internet Explorer.url
2013-12-01 13:41 - 2013-12-01 13:41 - 01552642 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-16 08:39 - 2013-12-01 17:19 - 00026171 _____ C:\Windows\IE11_main.log
2013-11-12 21:22 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-12 21:22 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-12 21:22 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-12 21:22 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-12 21:22 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 21:22 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-12 21:22 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-12 21:22 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 21:22 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-12 21:22 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-12 21:22 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:22 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-12 21:22 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-12 21:22 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-12 21:22 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 21:22 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-12 21:22 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-12 21:22 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-12 21:22 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-12 21:22 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-12 21:22 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-12 21:22 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-12 21:22 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-12 21:22 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-12 21:22 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-12 21:22 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-12 21:22 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-12 21:22 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-12 21:22 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-12 21:22 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
==================== One Month Modified Files and Folders =======
2013-12-05 18:10 - 2013-12-05 18:08 - 00013244 _____ C:\Users\Tomas\Desktop\FRST.txt
2013-12-05 18:08 - 2013-12-05 18:08 - 00000000 ____D C:\FRST
2013-12-05 18:07 - 2013-12-05 18:07 - 01925140 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2013-12-05 18:03 - 2013-08-29 20:52 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job
2013-12-05 18:01 - 2013-12-05 18:00 - 00112640 _____ (forum.viry.cz) C:\Users\Tomas\Desktop\FRSTLauncher.exe
2013-12-05 18:01 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-05 18:01 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-05 17:59 - 2013-08-09 18:07 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-05 17:59 - 2010-08-29 00:39 - 01313743 _____ C:\Windows\WindowsUpdate.log
2013-12-05 17:58 - 2012-04-26 18:12 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-05 17:12 - 2013-08-09 18:07 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-05 17:12 - 2013-07-26 18:07 - 00000000 ___RD C:\Users\Tomas\Disk Google
2013-12-05 17:11 - 2013-09-29 22:00 - 00006572 _____ C:\Windows\setupact.log
2013-12-05 17:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-02 22:38 - 2013-12-02 22:35 - 00000000 ____D C:\AdwCleaner
2013-12-02 22:35 - 2013-12-02 22:33 - 01110034 _____ C:\Users\Tomas\Desktop\adwcleaner.exe
2013-12-02 22:27 - 2012-04-26 18:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-02 22:27 - 2012-04-26 18:12 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-02 22:27 - 2011-05-17 14:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 22:27 - 2011-04-20 19:39 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2013-12-02 22:23 - 2013-12-02 22:23 - 00006046 _____ C:\Users\Tomas\Desktop\JRT.txt
2013-12-02 22:06 - 2013-12-02 22:06 - 00000000 ____D C:\Windows\ERUNT
2013-12-02 22:06 - 2013-12-02 22:05 - 01034531 _____ (Thisisu) C:\Users\Tomas\Desktop\JRT.exe
2013-12-02 21:03 - 2013-08-29 20:52 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job
2013-12-02 17:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-02 16:03 - 2011-04-13 06:40 - 00001397 _____ C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-02 16:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-01 17:19 - 2013-11-16 08:39 - 00026171 _____ C:\Windows\IE11_main.log
2013-12-01 17:10 - 2013-12-01 17:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\rsit
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\Program Files\trend micro
2013-12-01 16:51 - 2013-12-01 16:51 - 00002975 _____ C:\Users\Tomas\Desktop\HiJackThis.lnk
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-12-01 16:38 - 2013-09-29 22:00 - 00182404 _____ C:\Windows\PFRO.log
2013-12-01 16:36 - 2011-04-17 07:35 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\uTorrent
2013-12-01 16:13 - 2010-08-14 12:15 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-01 16:11 - 2012-04-26 18:12 - 00000000 ____D C:\Users\Tomas\AppData\Local\Google
2013-12-01 16:11 - 2011-04-15 10:11 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Mozilla
2013-12-01 16:10 - 2013-12-01 16:10 - 00000134 _____ C:\Users\Tomas\Desktop\Poradce při potížích s aplikací Internet Explorer.url
2013-12-01 15:34 - 2011-04-20 16:58 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashDumps
2013-12-01 13:44 - 2010-08-14 21:37 - 00669132 _____ C:\Windows\system32\perfh005.dat
2013-12-01 13:44 - 2010-08-14 21:37 - 00141760 _____ C:\Windows\system32\perfc005.dat
2013-12-01 13:44 - 2009-07-14 06:13 - 01603646 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 13:41 - 2013-12-01 13:41 - 01552642 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-29 15:24 - 2011-09-19 17:19 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTomas
2013-11-29 15:24 - 2011-09-19 17:19 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForTomas.job
2013-11-28 21:28 - 2011-05-19 17:52 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTOMAS-HP$
2013-11-28 21:28 - 2011-05-19 17:52 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job
2013-11-25 23:56 - 2011-07-03 20:47 - 00000108 _____ C:\Users\Tomas\AppData\Roaming\default.pls
2013-11-19 11:21 - 2011-06-12 13:06 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-16 01:16 - 2012-12-16 18:03 - 00000000 ____D C:\ProgramData\Recovery
2013-11-12 22:16 - 2011-07-02 23:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-12 22:14 - 2013-09-25 18:04 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-12 22:13 - 2013-09-25 18:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-12 22:13 - 2013-09-25 18:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-12 22:12 - 2013-08-17 21:45 - 00000000 ____D C:\Windows\system32\MRT
2013-11-12 22:10 - 2011-04-20 15:05 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Tomas\AppData\Local\Temp\Extract.exe
C:\Users\Tomas\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe
C:\Users\Tomas\AppData\Local\Temp\Resource.exe
C:\Users\Tomas\AppData\Local\Temp\SP50720.exe
C:\Users\Tomas\AppData\Local\Temp\SP50941.exe
C:\Users\Tomas\AppData\Local\Temp\SP52007.exe
C:\Users\Tomas\AppData\Local\Temp\SP52913.exe
C:\Users\Tomas\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tomas\Desktop" je 136534 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-12-2013
Ran by Tomas (administrator) on TOMAS-HP on 05-12-2013 18:08:57
Running from C:\Users\Tomas\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_152_ActiveX.exe
(forum.viry.cz) C:\Users\Tomas\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2013-10-27] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-09-29] ()
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Google Update] - C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-09] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {86ed4378-de24-11e0-b730-60eb6936c14e} - F:\unlock.exe autoplay=true
MountPoints2: {e3411fb4-985a-11e1-b186-60eb6936c14e} - F:\MI.exe
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
AppInit_DLLs-x32: [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {C86A6AC3-07F3-4109-8D0E-F7163FC4A38D} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\dmernu79.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tomas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tomas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
==================== Services (Whitelisted) =================
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
==================== Drivers (Whitelisted) ====================
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110929.001\BHDrvx64.sys [1152632 2011-09-29] (Symantec Corporation)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [42496 2010-05-20] (Motorola, Inc.)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2011-01-20] (Devguru Co., Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [481912 2011-09-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111012.034\IDSvia64.sys [488568 2011-09-12] (Symantec Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111012.017\ENG64.SYS [117880 2011-09-12] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111012.017\EX64.SYS [2048632 2011-09-12] (Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-09-13] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-05 18:08 - 2013-12-05 18:10 - 00013244 _____ C:\Users\Tomas\Desktop\FRST.txt
2013-12-05 18:08 - 2013-12-05 18:08 - 00000000 ____D C:\FRST
2013-12-05 18:07 - 2013-12-05 18:07 - 01925140 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2013-12-05 18:00 - 2013-12-05 18:01 - 00112640 _____ (forum.viry.cz) C:\Users\Tomas\Desktop\FRSTLauncher.exe
2013-12-02 22:35 - 2013-12-02 22:38 - 00000000 ____D C:\AdwCleaner
2013-12-02 22:33 - 2013-12-02 22:35 - 01110034 _____ C:\Users\Tomas\Desktop\adwcleaner.exe
2013-12-02 22:23 - 2013-12-02 22:23 - 00006046 _____ C:\Users\Tomas\Desktop\JRT.txt
2013-12-02 22:06 - 2013-12-02 22:06 - 00000000 ____D C:\Windows\ERUNT
2013-12-02 22:05 - 2013-12-02 22:06 - 01034531 _____ (Thisisu) C:\Users\Tomas\Desktop\JRT.exe
2013-12-01 17:19 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-01 17:10 - 2013-12-01 17:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\rsit
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\Program Files\trend micro
2013-12-01 16:51 - 2013-12-01 16:51 - 00002975 _____ C:\Users\Tomas\Desktop\HiJackThis.lnk
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-12-01 16:10 - 2013-12-01 16:10 - 00000134 _____ C:\Users\Tomas\Desktop\Poradce při potížích s aplikací Internet Explorer.url
2013-12-01 13:41 - 2013-12-01 13:41 - 01552642 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-16 08:39 - 2013-12-01 17:19 - 00026171 _____ C:\Windows\IE11_main.log
2013-11-12 21:22 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-12 21:22 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-12 21:22 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-12 21:22 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-12 21:22 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 21:22 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-12 21:22 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-12 21:22 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 21:22 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-12 21:22 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-12 21:22 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:22 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-12 21:22 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-12 21:22 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-12 21:22 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 21:22 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-12 21:22 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-12 21:22 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-12 21:22 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-12 21:22 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-12 21:22 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-12 21:22 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-12 21:22 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-12 21:22 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-12 21:22 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-12 21:22 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-12 21:22 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-12 21:22 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-12 21:22 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-12 21:22 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
==================== One Month Modified Files and Folders =======
2013-12-05 18:10 - 2013-12-05 18:08 - 00013244 _____ C:\Users\Tomas\Desktop\FRST.txt
2013-12-05 18:08 - 2013-12-05 18:08 - 00000000 ____D C:\FRST
2013-12-05 18:07 - 2013-12-05 18:07 - 01925140 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2013-12-05 18:03 - 2013-08-29 20:52 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job
2013-12-05 18:01 - 2013-12-05 18:00 - 00112640 _____ (forum.viry.cz) C:\Users\Tomas\Desktop\FRSTLauncher.exe
2013-12-05 18:01 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-05 18:01 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-05 17:59 - 2013-08-09 18:07 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-05 17:59 - 2010-08-29 00:39 - 01313743 _____ C:\Windows\WindowsUpdate.log
2013-12-05 17:58 - 2012-04-26 18:12 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-05 17:12 - 2013-08-09 18:07 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-05 17:12 - 2013-07-26 18:07 - 00000000 ___RD C:\Users\Tomas\Disk Google
2013-12-05 17:11 - 2013-09-29 22:00 - 00006572 _____ C:\Windows\setupact.log
2013-12-05 17:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-02 22:38 - 2013-12-02 22:35 - 00000000 ____D C:\AdwCleaner
2013-12-02 22:35 - 2013-12-02 22:33 - 01110034 _____ C:\Users\Tomas\Desktop\adwcleaner.exe
2013-12-02 22:27 - 2012-04-26 18:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-02 22:27 - 2012-04-26 18:12 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-02 22:27 - 2011-05-17 14:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 22:27 - 2011-04-20 19:39 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2013-12-02 22:23 - 2013-12-02 22:23 - 00006046 _____ C:\Users\Tomas\Desktop\JRT.txt
2013-12-02 22:06 - 2013-12-02 22:06 - 00000000 ____D C:\Windows\ERUNT
2013-12-02 22:06 - 2013-12-02 22:05 - 01034531 _____ (Thisisu) C:\Users\Tomas\Desktop\JRT.exe
2013-12-02 21:03 - 2013-08-29 20:52 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job
2013-12-02 17:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-02 16:03 - 2011-04-13 06:40 - 00001397 _____ C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-02 16:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-01 17:19 - 2013-11-16 08:39 - 00026171 _____ C:\Windows\IE11_main.log
2013-12-01 17:10 - 2013-12-01 17:10 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-01 17:10 - 2013-12-01 17:10 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-01 17:10 - 2013-12-01 17:10 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-01 17:10 - 2013-12-01 17:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-01 17:10 - 2013-12-01 17:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-01 17:10 - 2013-12-01 17:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-01 17:10 - 2013-12-01 17:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-01 17:10 - 2013-12-01 17:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\rsit
2013-12-01 16:59 - 2013-12-01 16:59 - 00000000 ____D C:\Program Files\trend micro
2013-12-01 16:51 - 2013-12-01 16:51 - 00002975 _____ C:\Users\Tomas\Desktop\HiJackThis.lnk
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-01 16:51 - 2013-12-01 16:51 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-12-01 16:38 - 2013-09-29 22:00 - 00182404 _____ C:\Windows\PFRO.log
2013-12-01 16:36 - 2011-04-17 07:35 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\uTorrent
2013-12-01 16:13 - 2010-08-14 12:15 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-01 16:11 - 2012-04-26 18:12 - 00000000 ____D C:\Users\Tomas\AppData\Local\Google
2013-12-01 16:11 - 2011-04-15 10:11 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Mozilla
2013-12-01 16:10 - 2013-12-01 16:10 - 00000134 _____ C:\Users\Tomas\Desktop\Poradce při potížích s aplikací Internet Explorer.url
2013-12-01 15:34 - 2011-04-20 16:58 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashDumps
2013-12-01 13:44 - 2010-08-14 21:37 - 00669132 _____ C:\Windows\system32\perfh005.dat
2013-12-01 13:44 - 2010-08-14 21:37 - 00141760 _____ C:\Windows\system32\perfc005.dat
2013-12-01 13:44 - 2009-07-14 06:13 - 01603646 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 13:41 - 2013-12-01 13:41 - 01552642 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-29 15:24 - 2011-09-19 17:19 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTomas
2013-11-29 15:24 - 2011-09-19 17:19 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForTomas.job
2013-11-28 21:28 - 2011-05-19 17:52 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTOMAS-HP$
2013-11-28 21:28 - 2011-05-19 17:52 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job
2013-11-25 23:56 - 2011-07-03 20:47 - 00000108 _____ C:\Users\Tomas\AppData\Roaming\default.pls
2013-11-19 11:21 - 2011-06-12 13:06 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-16 01:16 - 2012-12-16 18:03 - 00000000 ____D C:\ProgramData\Recovery
2013-11-12 22:16 - 2011-07-02 23:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-12 22:14 - 2013-09-25 18:04 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-12 22:13 - 2013-09-25 18:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-12 22:13 - 2013-09-25 18:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-12 22:12 - 2013-08-17 21:45 - 00000000 ____D C:\Windows\system32\MRT
2013-11-12 22:10 - 2011-04-20 15:05 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Tomas\AppData\Local\Temp\Extract.exe
C:\Users\Tomas\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe
C:\Users\Tomas\AppData\Local\Temp\Resource.exe
C:\Users\Tomas\AppData\Local\Temp\SP50720.exe
C:\Users\Tomas\AppData\Local\Temp\SP50941.exe
C:\Users\Tomas\AppData\Local\Temp\SP52007.exe
C:\Users\Tomas\AppData\Local\Temp\SP52913.exe
C:\Users\Tomas\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tomas\Desktop" je 136534 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Re: Kontrola logu - szamotys
Mate tam MSE a Nortno, jeden musi pryc, jinak bude dochazet ke kolizi. Takze ktery?? Tohle Velikost slozky "C:\Users\Tomas\Desktop" je 136534 MB. taky neni optimalni, plocha ma mit max 300 MB. Maji ta byt spise jen zastupci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu - szamotys
norton. jaktože ho nemám odinstalovanej? přes programy mi to nejde odstranit. použil jsem na to i OSHI cleaner, ale furt tam je. co s tím?
na ploše jsou nějaký seriály a filmy. smažu
ještě něco s tím je, co bych měl udělat? děkuji
na ploše jsou nějaký seriály a filmy. smažu
ještě něco s tím je, co bych měl udělat? děkuji
Re: Kontrola logu - szamotys
Na plose by meli byt defakto jen zastupci, vse ostatni hodte nekam na disk Pouzijte tento remover ftp://ftp.symantec.com/public/english_u ... l_Tool.exe Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-09-29] () HKCU\...\Run: [Google Update] - C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-09] (Google Inc.) HKCU\...\Policies\system: [DisableLockWorkstation] 0 HKCU\...\Policies\system: [DisableChangePassword] 0 MountPoints2: {86ed4378-de24-11e0-b730-60eb6936c14e} - F:\unlock.exe autoplay=true MountPoints2: {e3411fb4-985a-11e1-b186-60eb6936c14e} - F:\MI.exe HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) AppInit_DLLs-x32: [ ] () URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ] DisableService: Nero BackItUp Scheduler 3 DisableService: NMIndexingService C:\Users\Tomas\AppData\Local\Temp\Extract.exe C:\Users\Tomas\AppData\Local\Temp\HPHelpUpdater.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.109.exe C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.113.exe C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe C:\Users\Tomas\AppData\Local\Temp\Resource.exe C:\Users\Tomas\AppData\Local\Temp\SP50720.exe C:\Users\Tomas\AppData\Local\Temp\SP50941.exe C:\Users\Tomas\AppData\Local\Temp\SP52007.exe C:\Users\Tomas\AppData\Local\Temp\SP52913.exe C:\Users\Tomas\AppData\Local\Temp\UninstallHPSA.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu - szamotys
"přesunout fixlist vedle frst" je rozuměno jako přesunout jenom ikonu fixlist vedle ikony frst?
jestli ano, tak tohle je výsledek
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2013
Ran by Tomas at 2013-12-09 22:16:50 Run:1
Running from C:\Users\Tomas\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-09-29] ()
HKCU\...\Run: [Google Update] - C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-09] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {86ed4378-de24-11e0-b730-60eb6936c14e} - F:\unlock.exe autoplay=true
MountPoints2: {e3411fb4-985a-11e1-b186-60eb6936c14e} - F:\MI.exe
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
AppInit_DLLs-x32: [ ] ()
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
DisableService: Nero BackItUp Scheduler 3
DisableService: NMIndexingService
C:\Users\Tomas\AppData\Local\Temp\Extract.exe
C:\Users\Tomas\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe
C:\Users\Tomas\AppData\Local\Temp\Resource.exe
C:\Users\Tomas\AppData\Local\Temp\SP50720.exe
C:\Users\Tomas\AppData\Local\Temp\SP50941.exe
C:\Users\Tomas\AppData\Local\Temp\SP52007.exe
C:\Users\Tomas\AppData\Local\Temp\SP52913.exe
C:\Users\Tomas\AppData\Local\Temp\UninstallHPSA.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPDLR => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86ed4378-de24-11e0-b730-60eb6936c14e} => Key deleted successfully.
HKCR\CLSID\{86ed4378-de24-11e0-b730-60eb6936c14e} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3411fb4-985a-11e1-b186-60eb6936c14e} => Key deleted successfully.
HKCR\CLSID\{e3411fb4-985a-11e1-b186-60eb6936c14e} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Key deleted successfully.
Nero BackItUp Scheduler 3 service was disabled
NMIndexingService service was disabled
C:\Users\Tomas\AppData\Local\Temp\Extract.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\HPHelpUpdater.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.109.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.113.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\Resource.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP50720.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP50941.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP52007.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP52913.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForTomas.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
jestli ano, tak tohle je výsledek
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2013
Ran by Tomas at 2013-12-09 22:16:50 Run:1
Running from C:\Users\Tomas\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-09-29] ()
HKCU\...\Run: [Google Update] - C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-09] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {86ed4378-de24-11e0-b730-60eb6936c14e} - F:\unlock.exe autoplay=true
MountPoints2: {e3411fb4-985a-11e1-b186-60eb6936c14e} - F:\MI.exe
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
AppInit_DLLs-x32: [ ] ()
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
DisableService: Nero BackItUp Scheduler 3
DisableService: NMIndexingService
C:\Users\Tomas\AppData\Local\Temp\Extract.exe
C:\Users\Tomas\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe
C:\Users\Tomas\AppData\Local\Temp\Resource.exe
C:\Users\Tomas\AppData\Local\Temp\SP50720.exe
C:\Users\Tomas\AppData\Local\Temp\SP50941.exe
C:\Users\Tomas\AppData\Local\Temp\SP52007.exe
C:\Users\Tomas\AppData\Local\Temp\SP52913.exe
C:\Users\Tomas\AppData\Local\Temp\UninstallHPSA.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPDLR => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86ed4378-de24-11e0-b730-60eb6936c14e} => Key deleted successfully.
HKCR\CLSID\{86ed4378-de24-11e0-b730-60eb6936c14e} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3411fb4-985a-11e1-b186-60eb6936c14e} => Key deleted successfully.
HKCR\CLSID\{e3411fb4-985a-11e1-b186-60eb6936c14e} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Key deleted successfully.
Nero BackItUp Scheduler 3 service was disabled
NMIndexingService service was disabled
C:\Users\Tomas\AppData\Local\Temp\Extract.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\HPHelpUpdater.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.109.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\KMP_3.7.0.113.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\Resource.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP50720.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP50941.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP52007.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\SP52913.exe => Moved successfully.
C:\Users\Tomas\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1832258359-2469536320-1982005640-1000UA.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForTOMAS-HP$.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForTomas.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Kontrola logu - szamotys
Ano, je to tak 
Tak jeste uklidime
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu - szamotys
dobrý den,
pc běží parádně. akorát se často stává, že když si chci rozjet nějakou stránku, tak mi to hodí, že Tato stránka nejde zobrazit.
třeba maps.google. samotný google.cz mi normálně jede. ale mapy ne.
nebo na cztorrent.net pokud kliknu na nějaký film, který bych chtěl, tak taky. Tato stránka nelze zobrazit.
nevíte proč to dělá? děkuji
pc běží parádně. akorát se často stává, že když si chci rozjet nějakou stránku, tak mi to hodí, že Tato stránka nejde zobrazit.
třeba maps.google. samotný google.cz mi normálně jede. ale mapy ne.
nebo na cztorrent.net pokud kliknu na nějaký film, který bych chtěl, tak taky. Tato stránka nelze zobrazit.
nevíte proč to dělá? děkuji
Re: Kontrola logu - szamotys
Problem je ve vsech prohlizecich??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?