Ide o starý notebook, ktorý používa mamina a oco na prezeranie internetu. Občas keď som doma tu spustím ccleaner. notas bol už v servise. ževraj odišla matičná doska.
Logfile of random's system information tool 1.06 (written by random/random)
Run by monika at 2013-12-05 23:11:29
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 148 GB (50%) free of 297 GB
Total RAM: 2045 MB (49% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-02-28 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}]
Help the General-Search Project - C:\Users\monika\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL [2012-03-06 431104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-02-28 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"NWEReboot"= []
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-04-16 442433]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-17 1033512]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-02-28 4767304]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\monika\AppData\Local\Akamai\netsession_win.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Finder]
C:\Program Files\Media Finder\MF.exe /opentotray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 159456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE -b -l []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{221a644e-e01b-11dd-a013-001e68dd9b34}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
shell\Open(0)\command - F:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{559173f3-d84a-11de-afcf-002186925f85}]
shell\AutoRun\command - G:\RECYCLERS\runmgr.exe
shell\open\command - G:\RECYCLERS\runmgr.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d292dddc-d291-11de-a7c7-002186925f85}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dce11c6c-9d16-11dd-9e41-002186925f85}]
shell\AutoRun\command - F:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dfb3e995-9cf0-11dd-b2db-002186925f85}]
shell\AutoRun\command - G:\LaunchU3.exe -a
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-12-05 23:11:30 ----D---- C:\Program Files\trend micro
2013-12-05 23:11:29 ----D---- C:\rsit
2013-12-05 22:20:38 ----SHD---- C:\Config.Msi
2013-11-15 17:19:02 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-15 17:19:01 ----A---- C:\Windows\system32\vbscript.dll
2013-11-15 17:18:57 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-15 17:18:57 ----A---- C:\Windows\system32\ieui.dll
2013-11-15 17:18:56 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-15 17:18:55 ----A---- C:\Windows\system32\wininet.dll
2013-11-15 17:18:55 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-15 17:18:54 ----A---- C:\Windows\system32\jscript.dll
2013-11-15 17:18:36 ----A---- C:\Windows\system32\url.dll
2013-11-15 17:18:36 ----A---- C:\Windows\system32\jscript9.dll
2013-11-15 17:18:35 ----A---- C:\Windows\system32\iertutil.dll
2013-11-15 17:18:32 ----A---- C:\Windows\system32\urlmon.dll
2013-11-15 17:18:28 ----A---- C:\Windows\system32\ieframe.dll
2013-11-15 17:18:27 ----A---- C:\Windows\system32\mshtml.dll
2013-11-15 17:08:15 ----A---- C:\Windows\system32\gdi32.dll
2013-11-15 17:08:10 ----A---- C:\Windows\system32\crypt32.dll
2013-11-15 17:07:55 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-15 17:07:54 ----A---- C:\Windows\system32\FWPUCLNT.DLL
======List of files/folders modified in the last 1 months======
2013-12-05 23:11:30 ----RD---- C:\Program Files
2013-12-05 23:11:30 ----D---- C:\Windows\Temp
2013-12-05 23:11:30 ----D---- C:\Windows\Prefetch
2013-12-05 22:58:17 ----SHD---- C:\Windows\Installer
2013-12-05 22:57:59 ----D---- C:\ProgramData\Microsoft Help
2013-12-05 22:57:57 ----RSD---- C:\Windows\assembly
2013-12-05 22:57:50 ----D---- C:\Program Files\Microsoft.NET
2013-12-05 22:57:50 ----D---- C:\Program Files\Microsoft Office
2013-12-05 22:57:50 ----D---- C:\Program Files\Common Files\microsoft shared
2013-12-05 22:57:46 ----D---- C:\Program Files\Microsoft Works
2013-12-05 22:57:40 ----D---- C:\Program Files\Common Files\Designer
2013-12-05 22:57:16 ----RSD---- C:\Windows\Fonts
2013-12-05 22:55:45 ----D---- C:\Windows\ShellNew
2013-12-05 22:50:55 ----SHD---- C:\System Volume Information
2013-12-05 22:23:32 ----D---- C:\Program Files\CyberLink
2013-12-05 22:22:19 ----D---- C:\Program Files\Common Files
2013-12-05 22:22:18 ----HD---- C:\ProgramData
2013-12-05 22:22:03 ----D---- C:\Windows\ehome
2013-12-05 22:22:00 ----D---- C:\Windows\System32
2013-12-05 22:21:53 ----D---- C:\Windows
2013-12-05 22:10:02 ----D---- C:\Windows\inf
2013-12-05 22:10:01 ----D---- C:\Windows\Debug
2013-12-05 22:08:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-05 22:07:27 ----A---- C:\Windows\NeroDigital.ini
2013-12-05 22:03:28 ----D---- C:\ADAM
2013-12-05 21:52:57 ----D---- C:\Users\monika\AppData\Roaming\Skype
2013-12-04 19:55:58 ----D---- C:\Windows\system32\Tasks
2013-12-04 15:57:55 ----D---- C:\Windows\system32\config
2013-12-04 15:57:46 ----D---- C:\Windows\Tasks
2013-12-04 15:57:46 ----D---- C:\Windows\system32\spool
2013-12-04 15:57:46 ----D---- C:\Windows\system32\Msdtc
2013-12-04 15:57:46 ----D---- C:\Windows\system32\catroot2
2013-12-04 15:57:45 ----D---- C:\Windows\system32\wbem
2013-12-04 15:57:45 ----D---- C:\Windows\registration
2013-11-15 17:58:59 ----D---- C:\Windows\rescache
2013-11-15 17:36:43 ----D---- C:\Windows\system32\migration
2013-11-15 17:36:43 ----D---- C:\Program Files\Internet Explorer
2013-11-15 17:36:42 ----D---- C:\Windows\system32\cs-CZ
2013-11-15 17:19:36 ----D---- C:\Windows\winsxs
2013-11-15 17:19:31 ----D---- C:\Windows\system32\catroot
2013-11-15 17:17:21 ----D---- C:\Windows\system32\MRT
2013-11-11 05:50:18 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-07 15:50:18 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2013-02-28 49832]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 765808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 368248]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 62448]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 29880]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 66408]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-12-10 4172288]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-04-22 26976]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-17 196784]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 a7xskwdm;a7xskwdm; C:\Windows\system32\drivers\a7xskwdm.sys []
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 163784]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-04-16 379904]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WinUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-02-12 73728]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-12-10 724992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-02-28 45248]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-20 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe [2008-04-16 221239]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-20 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 268512]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 6363872]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 444640]
S4 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
ešte dodám, pri zapínaní niekedy nenaskočí obrazovka, iba blikajú ledky
Re: Prosím o kontrolu logu
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by monika on pi 06. 12. 2013 at 15:11:19,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\download with &media finder
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\gencrawler_gc.gencrawler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{478DC354-9309-4E8B-B9C8-E5F6A9537D91}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\monika\AppData\Roaming\media finder"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Emptied folder: C:\Users\monika\AppData\Roaming\mozilla\firefox\profiles\4imfk3do.default\minidumps [113 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\monika\appdata\local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 06. 12. 2013 at 15:16:59,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by monika on pi 06. 12. 2013 at 15:11:19,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\download with &media finder
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\gencrawler_gc.gencrawler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{478DC354-9309-4E8B-B9C8-E5F6A9537D91}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\monika\AppData\Roaming\media finder"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Emptied folder: C:\Users\monika\AppData\Roaming\mozilla\firefox\profiles\4imfk3do.default\minidumps [113 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\monika\appdata\local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 06. 12. 2013 at 15:16:59,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu logu
# AdwCleaner v3.014 - Report created 06/12/2013 at 15:26:51
# Updated 01/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : monika - MONIKANB
# Running from : C:\Users\monika\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\ICQToolbarData
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\searchplugins\icqplugin-2.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16520
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v11.0 (cs)
[ File : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.enabledItems", "toolbar@ask.com:3.12.2.100010,{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.[...]
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "ako%20vymenit%20piesok%20v%20bazenovom%20filtri||yotube.sk||vymena%20piesku%20v%20bazenovom%20filtri||filtrovaci%20piesok||ams.at||ski%20cigel||little%20caprice||goo||[...]
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "2.0.0.17");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "124756022812475602281247589009017");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1334231372);
Line Deleted : user_pref("icqtoolbar.version", "1.1.5");
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4713 octets] - [06/12/2013 15:25:31]
AdwCleaner[S0].txt - [4626 octets] - [06/12/2013 15:26:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4686 octets] ##########
# Updated 01/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : monika - MONIKANB
# Running from : C:\Users\monika\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\ICQToolbarData
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\searchplugins\icqplugin-2.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16520
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v11.0 (cs)
[ File : C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.enabledItems", "toolbar@ask.com:3.12.2.100010,{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.[...]
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "ako%20vymenit%20piesok%20v%20bazenovom%20filtri||yotube.sk||vymena%20piesku%20v%20bazenovom%20filtri||filtrovaci%20piesok||ams.at||ski%20cigel||little%20caprice||goo||[...]
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "2.0.0.17");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "124756022812475602281247589009017");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1334231372);
Line Deleted : user_pref("icqtoolbar.version", "1.1.5");
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4713 octets] - [06/12/2013 15:25:31]
AdwCleaner[S0].txt - [4626 octets] - [06/12/2013 15:26:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4686 octets] ##########
Re: Prosím o kontrolu logu
Poprosim o log dle toho navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2013
Ran by monika (administrator) on MONIKANB on 06-12-2013 22:14:14
Running from C:\Users\monika\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Windows\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\monika\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2007-11-20] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [442433 2008-04-16] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-17] (Synaptics, Inc.)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4767304 2013-02-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-29] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: {221a644e-e01b-11dd-a013-001e68dd9b34} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
MountPoints2: {559173f3-d84a-11de-afcf-002186925f85} - G:\RECYCLERS\runmgr.exe
MountPoints2: {d292dddc-d291-11de-a7c7-002186925f85} - G:\LaunchU3.exe -a
MountPoints2: {dce11c6c-9d16-11dd-9e41-002186925f85} - F:\Autorun.exe
MountPoints2: {dfb3e995-9cf0-11dd-b2db-002186925f85} - G:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages] scecli DPPWDFLT
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\monika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\Alwil Software\Avast5\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.sk/
CHR RestoreOnStartup: "hxxp://www.google.sk/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Google Search) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (http://www.facebook.com/) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.9.30.25601_0
CHR Extension: (avast! WebRep) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1482_0
CHR Extension: (Gmail) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
========================== Services (Whitelisted) =================
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [73728 2008-02-12] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [45248 2013-02-28] (AVAST Software)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292248 2008-05-14] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116112 2008-05-14] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-26] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe [221239 2008-04-16] (IDT, Inc.)
==================== Drivers (Whitelisted) ====================
R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [170000 2008-04-14] (AMD Technologies Inc.)
R0 Amddfltr; C:\Windows\System32\DRIVERS\Amddfltr.sys [15416 2008-01-07] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29880 2013-02-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66408 2013-02-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49832 2013-02-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49320 2013-02-28] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765808 2013-02-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368248 2013-02-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62448 2013-02-28] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [163784 2013-02-28] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2012-04-22] (Feitian Technologies Co., Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [611064 2008-10-18] ()
U1 eabfiltr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
U3 aj93ym6g; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-06 22:14 - 2013-12-06 22:15 - 00014345 _____ C:\Users\monika\Desktop\FRST.txt
2013-12-06 22:13 - 2013-12-06 22:13 - 00000000 ____D C:\FRST
2013-12-06 22:10 - 2013-12-06 22:11 - 01058547 _____ (Farbar) C:\Users\monika\Desktop\FRST.exe
2013-12-06 22:10 - 2013-12-06 22:11 - 00112640 _____ (forum.viry.cz) C:\Users\monika\Desktop\FRSTLauncher.exe
2013-12-06 15:25 - 2013-12-06 15:27 - 00000000 ____D C:\AdwCleaner
2013-12-06 15:23 - 2013-12-06 15:24 - 01110034 _____ C:\Users\monika\Desktop\adwcleaner.exe
2013-12-06 15:17 - 2013-12-06 15:16 - 00003112 _____ C:\Users\monika\Desktop\JRT.txt
2013-12-06 15:11 - 2013-12-06 15:11 - 00000000 ____D C:\Windows\ERUNT
2013-12-06 15:07 - 2013-12-06 15:09 - 01034531 _____ (Thisisu) C:\Users\monika\Desktop\JRT.exe
2013-12-06 15:03 - 2013-12-06 15:03 - 00000352 _____ C:\Windows\PFRO.log
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setupact.log
2013-12-06 12:25 - 2013-12-06 12:25 - 00086496 _____ C:\Users\monika\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-06 12:21 - 2013-12-06 12:21 - 00336632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\rsit
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\Program Files\trend micro
2013-12-05 23:10 - 2013-12-05 23:11 - 00781909 _____ C:\Users\monika\Downloads\RSIT.exe
2013-12-05 23:08 - 2013-12-05 23:08 - 00058296 _____ C:\Users\monika\Documents\cc_20131205_230819.reg
2013-12-05 23:08 - 2013-12-05 23:08 - 00001994 _____ C:\Users\monika\Documents\cc_20131205_230841.reg
2013-12-05 22:12 - 2013-12-05 22:12 - 00001350 _____ C:\Users\monika\Documents\cc_20131205_221239.reg
2013-12-05 22:12 - 2013-12-05 22:12 - 00000358 _____ C:\Users\monika\Documents\cc_20131205_221219.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00030318 _____ C:\Users\monika\Documents\cc_20131205_221102.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00000520 _____ C:\Users\monika\Documents\cc_20131205_221152.reg
2013-12-04 20:02 - 2013-12-04 20:39 - 00000000 ____D C:\Users\monika\Desktop\Fotky
2013-12-04 19:55 - 2013-12-04 19:55 - 00001840 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-25 21:03 - 2013-11-25 21:04 - 00000000 ____D C:\Users\monika\Desktop\Nová složka
2013-11-15 17:19 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-15 17:19 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-15 17:19 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-15 17:18 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-15 17:18 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-15 17:18 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-15 17:18 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-15 17:18 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-15 17:18 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-15 17:18 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-15 17:18 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-15 17:18 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-15 17:18 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-15 17:18 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-15 17:18 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-15 17:18 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-15 17:08 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-15 17:08 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-15 17:07 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-15 17:07 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-15 17:07 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-09 08:12 - 2013-11-09 08:13 - 00000000 ____D C:\Users\monika\Desktop\Akadémia
==================== One Month Modified Files and Folders =======
2013-12-06 22:15 - 2013-12-06 22:14 - 00014345 _____ C:\Users\monika\Desktop\FRST.txt
2013-12-06 22:15 - 2010-11-20 15:29 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-06 22:15 - 2008-09-20 01:34 - 01211564 _____ C:\Windows\WindowsUpdate.log
2013-12-06 22:13 - 2013-12-06 22:13 - 00000000 ____D C:\FRST
2013-12-06 22:12 - 2006-11-02 11:33 - 01418466 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-06 22:11 - 2013-12-06 22:10 - 01058547 _____ (Farbar) C:\Users\monika\Desktop\FRST.exe
2013-12-06 22:11 - 2013-12-06 22:10 - 00112640 _____ (forum.viry.cz) C:\Users\monika\Desktop\FRSTLauncher.exe
2013-12-06 22:05 - 2010-11-20 15:29 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 22:05 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-06 22:05 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 22:05 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 15:27 - 2013-12-06 15:25 - 00000000 ____D C:\AdwCleaner
2013-12-06 15:27 - 2008-09-20 01:36 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-06 15:27 - 2006-11-02 14:01 - 00032512 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-06 15:26 - 2009-07-14 17:25 - 00000000 ____D C:\ProgramData\ICQ
2013-12-06 15:25 - 2013-03-06 22:54 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-06 15:24 - 2013-12-06 15:23 - 01110034 _____ C:\Users\monika\Desktop\adwcleaner.exe
2013-12-06 15:16 - 2013-12-06 15:17 - 00003112 _____ C:\Users\monika\Desktop\JRT.txt
2013-12-06 15:11 - 2013-12-06 15:11 - 00000000 ____D C:\Windows\ERUNT
2013-12-06 15:09 - 2013-12-06 15:07 - 01034531 _____ (Thisisu) C:\Users\monika\Desktop\JRT.exe
2013-12-06 15:03 - 2013-12-06 15:03 - 00000352 _____ C:\Windows\PFRO.log
2013-12-06 13:24 - 2008-11-04 21:00 - 00000000 ____D C:\Users\monika\AppData\Roaming\Skype
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setupact.log
2013-12-06 12:25 - 2013-12-06 12:25 - 00086496 _____ C:\Users\monika\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-06 12:21 - 2013-12-06 12:21 - 00336632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\rsit
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\Program Files\trend micro
2013-12-05 23:11 - 2013-12-05 23:10 - 00781909 _____ C:\Users\monika\Downloads\RSIT.exe
2013-12-05 23:08 - 2013-12-05 23:08 - 00058296 _____ C:\Users\monika\Documents\cc_20131205_230819.reg
2013-12-05 23:08 - 2013-12-05 23:08 - 00001994 _____ C:\Users\monika\Documents\cc_20131205_230841.reg
2013-12-05 22:57 - 2012-02-26 18:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-05 22:57 - 2010-10-26 09:16 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-05 22:57 - 2008-10-26 15:34 - 00000000 ____D C:\Program Files\Common Files\Designer
2013-12-05 22:57 - 2008-10-18 12:00 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-05 22:57 - 2008-10-18 11:59 - 00000000 ____D C:\Program Files\Microsoft Works
2013-12-05 22:57 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-05 22:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\ShellNew
2013-12-05 22:23 - 2008-10-18 11:55 - 00000000 ____D C:\Users\monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-12-05 22:23 - 2008-06-11 04:48 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-12-05 22:23 - 2008-06-11 04:48 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-12-05 22:23 - 2008-06-11 04:48 - 00000000 ____D C:\Program Files\CyberLink
2013-12-05 22:23 - 2008-06-11 03:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-05 22:12 - 2013-12-05 22:12 - 00001350 _____ C:\Users\monika\Documents\cc_20131205_221239.reg
2013-12-05 22:12 - 2013-12-05 22:12 - 00000358 _____ C:\Users\monika\Documents\cc_20131205_221219.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00030318 _____ C:\Users\monika\Documents\cc_20131205_221102.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00000520 _____ C:\Users\monika\Documents\cc_20131205_221152.reg
2013-12-05 22:07 - 2012-02-25 20:12 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-05 22:03 - 2008-11-23 12:44 - 00000000 ____D C:\ADAM
2013-12-04 20:39 - 2013-12-04 20:02 - 00000000 ____D C:\Users\monika\Desktop\Fotky
2013-12-04 19:55 - 2013-12-04 19:55 - 00001840 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-04 19:55 - 2006-11-02 11:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-04 15:57 - 2008-10-18 11:55 - 00000000 ____D C:\Users\monika
2013-12-04 15:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2013-12-04 15:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-04 15:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2013-12-04 15:57 - 2006-11-02 11:22 - 50331648 _____ C:\Windows\system32\config\software_previous
2013-12-04 15:57 - 2006-11-02 11:22 - 42205184 _____ C:\Windows\system32\config\system_previous
2013-12-04 15:49 - 2006-11-02 11:22 - 38797312 _____ C:\Windows\system32\config\components_previous
2013-12-04 15:49 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-12-01 22:49 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\default_previous
2013-12-01 09:36 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-11-25 21:04 - 2013-11-25 21:03 - 00000000 ____D C:\Users\monika\Desktop\Nová složka
2013-11-15 17:58 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-15 17:17 - 2013-09-05 02:29 - 00000000 ____D C:\Windows\system32\MRT
2013-11-11 05:50 - 2009-10-04 07:48 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-09 08:14 - 2013-10-19 17:46 - 00000000 ____D C:\Users\monika\Desktop\Školenie
2013-11-09 08:13 - 2013-11-09 08:12 - 00000000 ____D C:\Users\monika\Desktop\Akadémia
2013-11-07 15:50 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Files to move or delete:
====================
C:\Users\monika\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
C:\Users\monika\bulanci.exe
Some content of TEMP:
====================
C:\Users\monika\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\monika\Desktop" je 425 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
"C:\Users\monika\AppData\Local\Akamai\netsession_win.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler
c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher
"C:\Program Files\Zune\ZuneLauncher.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE -b -l [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Ran by monika (administrator) on MONIKANB on 06-12-2013 22:14:14
Running from C:\Users\monika\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Windows\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\monika\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2007-11-20] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [442433 2008-04-16] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-17] (Synaptics, Inc.)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4767304 2013-02-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-29] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: {221a644e-e01b-11dd-a013-001e68dd9b34} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
MountPoints2: {559173f3-d84a-11de-afcf-002186925f85} - G:\RECYCLERS\runmgr.exe
MountPoints2: {d292dddc-d291-11de-a7c7-002186925f85} - G:\LaunchU3.exe -a
MountPoints2: {dce11c6c-9d16-11dd-9e41-002186925f85} - F:\Autorun.exe
MountPoints2: {dfb3e995-9cf0-11dd-b2db-002186925f85} - G:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages] scecli DPPWDFLT
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\monika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\4imfk3do.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\Alwil Software\Avast5\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.sk/
CHR RestoreOnStartup: "hxxp://www.google.sk/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Google Search) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (http://www.facebook.com/) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.9.30.25601_0
CHR Extension: (avast! WebRep) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1482_0
CHR Extension: (Gmail) - C:\Users\monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
========================== Services (Whitelisted) =================
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [73728 2008-02-12] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [45248 2013-02-28] (AVAST Software)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292248 2008-05-14] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116112 2008-05-14] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-26] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe [221239 2008-04-16] (IDT, Inc.)
==================== Drivers (Whitelisted) ====================
R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [170000 2008-04-14] (AMD Technologies Inc.)
R0 Amddfltr; C:\Windows\System32\DRIVERS\Amddfltr.sys [15416 2008-01-07] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29880 2013-02-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66408 2013-02-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49832 2013-02-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49320 2013-02-28] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765808 2013-02-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368248 2013-02-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62448 2013-02-28] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [163784 2013-02-28] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2012-04-22] (Feitian Technologies Co., Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [611064 2008-10-18] ()
U1 eabfiltr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
U3 aj93ym6g; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-06 22:14 - 2013-12-06 22:15 - 00014345 _____ C:\Users\monika\Desktop\FRST.txt
2013-12-06 22:13 - 2013-12-06 22:13 - 00000000 ____D C:\FRST
2013-12-06 22:10 - 2013-12-06 22:11 - 01058547 _____ (Farbar) C:\Users\monika\Desktop\FRST.exe
2013-12-06 22:10 - 2013-12-06 22:11 - 00112640 _____ (forum.viry.cz) C:\Users\monika\Desktop\FRSTLauncher.exe
2013-12-06 15:25 - 2013-12-06 15:27 - 00000000 ____D C:\AdwCleaner
2013-12-06 15:23 - 2013-12-06 15:24 - 01110034 _____ C:\Users\monika\Desktop\adwcleaner.exe
2013-12-06 15:17 - 2013-12-06 15:16 - 00003112 _____ C:\Users\monika\Desktop\JRT.txt
2013-12-06 15:11 - 2013-12-06 15:11 - 00000000 ____D C:\Windows\ERUNT
2013-12-06 15:07 - 2013-12-06 15:09 - 01034531 _____ (Thisisu) C:\Users\monika\Desktop\JRT.exe
2013-12-06 15:03 - 2013-12-06 15:03 - 00000352 _____ C:\Windows\PFRO.log
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setupact.log
2013-12-06 12:25 - 2013-12-06 12:25 - 00086496 _____ C:\Users\monika\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-06 12:21 - 2013-12-06 12:21 - 00336632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\rsit
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\Program Files\trend micro
2013-12-05 23:10 - 2013-12-05 23:11 - 00781909 _____ C:\Users\monika\Downloads\RSIT.exe
2013-12-05 23:08 - 2013-12-05 23:08 - 00058296 _____ C:\Users\monika\Documents\cc_20131205_230819.reg
2013-12-05 23:08 - 2013-12-05 23:08 - 00001994 _____ C:\Users\monika\Documents\cc_20131205_230841.reg
2013-12-05 22:12 - 2013-12-05 22:12 - 00001350 _____ C:\Users\monika\Documents\cc_20131205_221239.reg
2013-12-05 22:12 - 2013-12-05 22:12 - 00000358 _____ C:\Users\monika\Documents\cc_20131205_221219.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00030318 _____ C:\Users\monika\Documents\cc_20131205_221102.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00000520 _____ C:\Users\monika\Documents\cc_20131205_221152.reg
2013-12-04 20:02 - 2013-12-04 20:39 - 00000000 ____D C:\Users\monika\Desktop\Fotky
2013-12-04 19:55 - 2013-12-04 19:55 - 00001840 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-25 21:03 - 2013-11-25 21:04 - 00000000 ____D C:\Users\monika\Desktop\Nová složka
2013-11-15 17:19 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-15 17:19 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-15 17:19 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-15 17:18 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-15 17:18 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-15 17:18 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-15 17:18 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-15 17:18 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-15 17:18 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-15 17:18 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-15 17:18 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-15 17:18 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-15 17:18 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-15 17:18 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-15 17:18 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-15 17:18 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-15 17:08 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-15 17:08 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-15 17:07 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-15 17:07 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-15 17:07 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-09 08:12 - 2013-11-09 08:13 - 00000000 ____D C:\Users\monika\Desktop\Akadémia
==================== One Month Modified Files and Folders =======
2013-12-06 22:15 - 2013-12-06 22:14 - 00014345 _____ C:\Users\monika\Desktop\FRST.txt
2013-12-06 22:15 - 2010-11-20 15:29 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-06 22:15 - 2008-09-20 01:34 - 01211564 _____ C:\Windows\WindowsUpdate.log
2013-12-06 22:13 - 2013-12-06 22:13 - 00000000 ____D C:\FRST
2013-12-06 22:12 - 2006-11-02 11:33 - 01418466 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-06 22:11 - 2013-12-06 22:10 - 01058547 _____ (Farbar) C:\Users\monika\Desktop\FRST.exe
2013-12-06 22:11 - 2013-12-06 22:10 - 00112640 _____ (forum.viry.cz) C:\Users\monika\Desktop\FRSTLauncher.exe
2013-12-06 22:05 - 2010-11-20 15:29 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 22:05 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-06 22:05 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 22:05 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 15:27 - 2013-12-06 15:25 - 00000000 ____D C:\AdwCleaner
2013-12-06 15:27 - 2008-09-20 01:36 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-06 15:27 - 2006-11-02 14:01 - 00032512 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-06 15:26 - 2009-07-14 17:25 - 00000000 ____D C:\ProgramData\ICQ
2013-12-06 15:25 - 2013-03-06 22:54 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-06 15:24 - 2013-12-06 15:23 - 01110034 _____ C:\Users\monika\Desktop\adwcleaner.exe
2013-12-06 15:16 - 2013-12-06 15:17 - 00003112 _____ C:\Users\monika\Desktop\JRT.txt
2013-12-06 15:11 - 2013-12-06 15:11 - 00000000 ____D C:\Windows\ERUNT
2013-12-06 15:09 - 2013-12-06 15:07 - 01034531 _____ (Thisisu) C:\Users\monika\Desktop\JRT.exe
2013-12-06 15:03 - 2013-12-06 15:03 - 00000352 _____ C:\Windows\PFRO.log
2013-12-06 13:24 - 2008-11-04 21:00 - 00000000 ____D C:\Users\monika\AppData\Roaming\Skype
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 12:26 - 2013-12-06 12:26 - 00000000 _____ C:\Windows\setupact.log
2013-12-06 12:25 - 2013-12-06 12:25 - 00086496 _____ C:\Users\monika\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-06 12:21 - 2013-12-06 12:21 - 00336632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\rsit
2013-12-05 23:11 - 2013-12-05 23:11 - 00000000 ____D C:\Program Files\trend micro
2013-12-05 23:11 - 2013-12-05 23:10 - 00781909 _____ C:\Users\monika\Downloads\RSIT.exe
2013-12-05 23:08 - 2013-12-05 23:08 - 00058296 _____ C:\Users\monika\Documents\cc_20131205_230819.reg
2013-12-05 23:08 - 2013-12-05 23:08 - 00001994 _____ C:\Users\monika\Documents\cc_20131205_230841.reg
2013-12-05 22:57 - 2012-02-26 18:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-05 22:57 - 2010-10-26 09:16 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-05 22:57 - 2008-10-26 15:34 - 00000000 ____D C:\Program Files\Common Files\Designer
2013-12-05 22:57 - 2008-10-18 12:00 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-05 22:57 - 2008-10-18 11:59 - 00000000 ____D C:\Program Files\Microsoft Works
2013-12-05 22:57 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-05 22:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\ShellNew
2013-12-05 22:23 - 2008-10-18 11:55 - 00000000 ____D C:\Users\monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-12-05 22:23 - 2008-06-11 04:48 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-12-05 22:23 - 2008-06-11 04:48 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-12-05 22:23 - 2008-06-11 04:48 - 00000000 ____D C:\Program Files\CyberLink
2013-12-05 22:23 - 2008-06-11 03:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-05 22:12 - 2013-12-05 22:12 - 00001350 _____ C:\Users\monika\Documents\cc_20131205_221239.reg
2013-12-05 22:12 - 2013-12-05 22:12 - 00000358 _____ C:\Users\monika\Documents\cc_20131205_221219.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00030318 _____ C:\Users\monika\Documents\cc_20131205_221102.reg
2013-12-05 22:11 - 2013-12-05 22:11 - 00000520 _____ C:\Users\monika\Documents\cc_20131205_221152.reg
2013-12-05 22:07 - 2012-02-25 20:12 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-12-05 22:03 - 2008-11-23 12:44 - 00000000 ____D C:\ADAM
2013-12-04 20:39 - 2013-12-04 20:02 - 00000000 ____D C:\Users\monika\Desktop\Fotky
2013-12-04 19:55 - 2013-12-04 19:55 - 00001840 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-04 19:55 - 2006-11-02 11:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-12-04 15:57 - 2008-10-18 11:55 - 00000000 ____D C:\Users\monika
2013-12-04 15:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2013-12-04 15:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-04 15:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2013-12-04 15:57 - 2006-11-02 11:22 - 50331648 _____ C:\Windows\system32\config\software_previous
2013-12-04 15:57 - 2006-11-02 11:22 - 42205184 _____ C:\Windows\system32\config\system_previous
2013-12-04 15:49 - 2006-11-02 11:22 - 38797312 _____ C:\Windows\system32\config\components_previous
2013-12-04 15:49 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-12-01 22:49 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\default_previous
2013-12-01 09:36 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-11-25 21:04 - 2013-11-25 21:03 - 00000000 ____D C:\Users\monika\Desktop\Nová složka
2013-11-15 17:58 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-15 17:17 - 2013-09-05 02:29 - 00000000 ____D C:\Windows\system32\MRT
2013-11-11 05:50 - 2009-10-04 07:48 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-09 08:14 - 2013-10-19 17:46 - 00000000 ____D C:\Users\monika\Desktop\Školenie
2013-11-09 08:13 - 2013-11-09 08:12 - 00000000 ____D C:\Users\monika\Desktop\Akadémia
2013-11-07 15:50 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Files to move or delete:
====================
C:\Users\monika\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
C:\Users\monika\bulanci.exe
Some content of TEMP:
====================
C:\Users\monika\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\monika\Desktop" je 425 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
"C:\Users\monika\AppData\Local\Akamai\netsession_win.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler
c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher
"C:\Program Files\Zune\ZuneLauncher.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE -b -l [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Re: Prosím o kontrolu logu
Dobre rano
Tvorba fixlistu pro FRST
Spustte znovu FRST.exe
Restart PC a dejte mi sem fixlog.txt
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [NWEReboot] - [x] HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) MountPoints2: F - F:\LaunchU3.exe -a MountPoints2: H - H:\LaunchU3.exe -a MountPoints2: {221a644e-e01b-11dd-a013-001e68dd9b34} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe MountPoints2: {559173f3-d84a-11de-afcf-002186925f85} - G:\RECYCLERS\runmgr.exe MountPoints2: {d292dddc-d291-11de-a7c7-002186925f85} - G:\LaunchU3.exe -a MountPoints2: {dce11c6c-9d16-11dd-9e41-002186925f85} - F:\Autorun.exe MountPoints2: {dfb3e995-9cf0-11dd-b2db-002186925f85} - G:\LaunchU3.exe -a SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search SearchScopes: HKCU - {A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms} FF DefaultSearchEngine: ICQ Search DisableService: RichVideo U1 eabfiltr; S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x] U3 aj93ym6g; No ImagePath C:\Users\monika\AppData\Roaming\desktop.ini C:\ProgramData\PKP_DLdu.DAT C:\ProgramData\PKP_DLdw.DAT REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk" /f Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Po spustení FRST.exe sa objavila hláška že je dostupná nová verzia, stiahla sa a na ploche sa vytvoril priečinok FRST-OlderVersion. Nevadí keď som fixlist spustil cez tu novšiu verziu ? Prikladám lixlog.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-12-2013 01
Ran by monika at 2013-12-07 09:50:13 Run:1
Running from C:\Users\monika\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: {221a644e-e01b-11dd-a013-001e68dd9b34} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
MountPoints2: {559173f3-d84a-11de-afcf-002186925f85} - G:\RECYCLERS\runmgr.exe
MountPoints2: {d292dddc-d291-11de-a7c7-002186925f85} - G:\LaunchU3.exe -a
MountPoints2: {dce11c6c-9d16-11dd-9e41-002186925f85} - F:\Autorun.exe
MountPoints2: {dfb3e995-9cf0-11dd-b2db-002186925f85} - G:\LaunchU3.exe -a
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
FF DefaultSearchEngine: ICQ Search
DisableService: RichVideo
U1 eabfiltr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
U3 aj93ym6g; No ImagePath
C:\Users\monika\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{221a644e-e01b-11dd-a013-001e68dd9b34} => Key deleted successfully.
HKCR\CLSID\{221a644e-e01b-11dd-a013-001e68dd9b34} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{559173f3-d84a-11de-afcf-002186925f85} => Key deleted successfully.
HKCR\CLSID\{559173f3-d84a-11de-afcf-002186925f85} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d292dddc-d291-11de-a7c7-002186925f85} => Key deleted successfully.
HKCR\CLSID\{d292dddc-d291-11de-a7c7-002186925f85} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dce11c6c-9d16-11dd-9e41-002186925f85} => Key deleted successfully.
HKCR\CLSID\{dce11c6c-9d16-11dd-9e41-002186925f85} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfb3e995-9cf0-11dd-b2db-002186925f85} => Key deleted successfully.
HKCR\CLSID\{dfb3e995-9cf0-11dd-b2db-002186925f85} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
RichVideo service was disabled
eabfiltr => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
upperdev => Service deleted successfully.
aj93ym6g => Service not found.
C:\Users\monika\AppData\Roaming\desktop.ini => Moved successfully.
C:\ProgramData\PKP_DLdu.DAT => Moved successfully.
C:\ProgramData\PKP_DLdw.DAT => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-12-2013 01
Ran by monika at 2013-12-07 09:50:13 Run:1
Running from C:\Users\monika\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: {221a644e-e01b-11dd-a013-001e68dd9b34} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
MountPoints2: {559173f3-d84a-11de-afcf-002186925f85} - G:\RECYCLERS\runmgr.exe
MountPoints2: {d292dddc-d291-11de-a7c7-002186925f85} - G:\LaunchU3.exe -a
MountPoints2: {dce11c6c-9d16-11dd-9e41-002186925f85} - F:\Autorun.exe
MountPoints2: {dfb3e995-9cf0-11dd-b2db-002186925f85} - G:\LaunchU3.exe -a
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
FF DefaultSearchEngine: ICQ Search
DisableService: RichVideo
U1 eabfiltr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
U3 aj93ym6g; No ImagePath
C:\Users\monika\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{221a644e-e01b-11dd-a013-001e68dd9b34} => Key deleted successfully.
HKCR\CLSID\{221a644e-e01b-11dd-a013-001e68dd9b34} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{559173f3-d84a-11de-afcf-002186925f85} => Key deleted successfully.
HKCR\CLSID\{559173f3-d84a-11de-afcf-002186925f85} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d292dddc-d291-11de-a7c7-002186925f85} => Key deleted successfully.
HKCR\CLSID\{d292dddc-d291-11de-a7c7-002186925f85} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dce11c6c-9d16-11dd-9e41-002186925f85} => Key deleted successfully.
HKCR\CLSID\{dce11c6c-9d16-11dd-9e41-002186925f85} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfb3e995-9cf0-11dd-b2db-002186925f85} => Key deleted successfully.
HKCR\CLSID\{dfb3e995-9cf0-11dd-b2db-002186925f85} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A8B9C78B-34E2-4BFE-B255-D21EAEA508F7} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
RichVideo service was disabled
eabfiltr => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
upperdev => Service deleted successfully.
aj93ym6g => Service not found.
C:\Users\monika\AppData\Roaming\desktop.ini => Moved successfully.
C:\ProgramData\PKP_DLdu.DAT => Moved successfully.
C:\ProgramData\PKP_DLdw.DAT => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Prosím o kontrolu logu
Aktualizace naprosto v poradku 
Jak se chova PC
Jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Zatiaľ to neviem posúdiť, posadím sem maminu nech si niečo porobí a nech povie či je to lepšie Ďakujem zatiaľ. Budem hlásiť výsledky.
Ďakujem zatiaľ. Budem hlásiť výsledky. Re: Prosím o kontrolu logu
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?