Prosím o kontrolu logu - postarší domácí PC:
Logfile of random's system information tool 1.06 (written by random/random)
Run by adlo at 2013-12-29 11:14:50
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (50%) free of 30 GB
Total RAM: 1023 MB (65% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-22 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-22 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SW20"=C:\WINDOWS\system32\sw20.exe [2005-06-29 212992]
"SW24"=C:\WINDOWS\system32\sw24.exe [2005-07-04 69632]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-07 6756048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-22 3764024]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\qttask.exe [2013-05-01 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime Alternative\qttask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2013-12-29 11:14:50 ----D---- C:\rsit
2013-12-29 11:14:50 ----D---- C:\Program Files\trend micro
2013-12-22 10:26:51 ----D---- C:\Program Files\VS Revo Group
2013-12-22 08:50:56 ----D---- C:\Documents and Settings\adlo\Data aplikací\Google
2013-12-22 08:49:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2013-12-21 21:31:18 ----D---- C:\Documents and Settings\adlo\Data aplikací\Malwarebytes
2013-12-21 21:31:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-21 21:31:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-12-12 16:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:19:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
======List of files/folders modified in the last 1 months======
2013-12-29 11:14:50 ----RD---- C:\Program Files
2013-12-29 11:08:31 ----D---- C:\WINDOWS\Temp
2013-12-29 11:01:43 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-28 13:51:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-28 09:47:27 ----D---- C:\WINDOWS\Prefetch
2013-12-22 13:21:32 ----D---- C:\Program Files\Google
2013-12-22 10:54:02 ----SD---- C:\WINDOWS\Tasks
2013-12-22 10:54:01 ----SHD---- C:\WINDOWS\Installer
2013-12-22 08:49:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-22 08:44:10 ----D---- C:\WINDOWS\system32\drivers
2013-12-22 08:44:10 ----D---- C:\WINDOWS
2013-12-22 08:44:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-12-21 22:18:32 ----D---- C:\WINDOWS\Debug
2013-12-13 14:55:48 ----D---- C:\WINDOWS\system32
2013-12-12 16:20:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-12 16:20:21 ----HD---- C:\WINDOWS\inf
2013-12-12 16:20:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-12 16:20:18 ----D---- C:\Program Files\Internet Explorer
2013-12-12 16:20:13 ----D---- C:\WINDOWS\ie8updates
2013-12-12 16:19:19 ----D---- C:\WINDOWS\system32\MRT
2013-12-12 16:15:33 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-06 17:38:43 ----D---- C:\Program Files\thinkTDA
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-11-07 497952]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-11-07 32640]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-03-23 12653120]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2013-06-09 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2013-06-09 12928]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-22 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-07 1990464]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-06-15 127043]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola - pro vyosek
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrola - pro vyosek
Zdravim 
Sken MBAMem neco ukazal???
Je nejaky problem??
Sken MBAMem neco ukazal??? Je nejaky problem??"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola - pro vyosek
Zdravím,
žádný problém není, MBAM nic nenašel.
Jde o preventivní kontrolu a o případné odstranění zbytečností. (Po kontrole notebooka, kde toho našlo zbytečného dost.)
žádný problém není, MBAM nic nenašel.
Jde o preventivní kontrolu a o případné odstranění zbytečností. (Po kontrole notebooka, kde toho našlo zbytečného dost.)
Re: kontrola - pro vyosek
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Dejte log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola - pro vyosek
Dávám požadované:
# AdwCleaner v3.016 - Report created 02/01/2014 at 17:20:16
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : adlo - AMD
# Running from : C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64697678-0000-0010-8000-00AA00389B71}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
*************************
AdwCleaner[R0].txt - [914 octets] - [02/01/2014 17:19:10]
AdwCleaner[S0].txt - [842 octets] - [02/01/2014 17:20:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [901 octets] ##########
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by adlo (administrator) on AMD on 02-01-2014 17:45:33
Running from C:\Documents and Settings\adlo\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SW20] - C:\WINDOWS\system32\sw20.exe [212992 2005-06-29] ()
HKLM\...\Run: [SW24] - C:\WINDOWS\system32\sw24.exe [69632 2005-07-04] ()
HKLM\...\Run: [SoundMan] - C:\WINDOWS\soundman.exe [577536 2006-11-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\Comodo\COMODO Internet Security\cfp.exe [6756048 2012-11-07] (COMODO)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-22] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\bezp\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [ 2013-05-01] (Apple Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-22] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-07] (COMODO)
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4027840 2007-03-08] (Realtek Semiconductor Corp.)
R1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-22] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-19] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-22] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-22] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [497952 2012-11-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32640 2012-11-07] (COMODO)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99080 2012-11-07] (COMODO)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [93568 2013-06-09] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33536 2013-06-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2013-06-09] (NVIDIA Corporation)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [x]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 MSICPL; \??\E:\install4\MSICPL.sys [x]
S3 NTACCESS; \??\E:\NTACCESS.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\E:\NTGLM7X.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-02 17:45 - 2014-01-02 17:45 - 00005361 _____ C:\Documents and Settings\adlo\Plocha\FRST.txt
2014-01-02 17:45 - 2014-01-02 17:45 - 00000000 ____D C:\FRST
2014-01-02 17:43 - 2014-01-02 17:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
2014-01-02 17:39 - 2014-01-02 17:39 - 01064581 _____ (Farbar) C:\Documents and Settings\adlo\Plocha\FRST.exe
2014-01-02 17:19 - 2014-01-02 17:20 - 00000000 ____D C:\AdwCleaner
2014-01-02 17:18 - 2014-01-02 17:18 - 01233962 _____ C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
2013-12-30 14:00 - 2013-12-31 15:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-30 13:45 - 2013-12-30 13:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2013-12-30 13:22 - 2013-12-30 13:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2013-12-30 13:20 - 2011-03-11 15:10 - 00225262 ____C C:\WINDOWS\system32\dllcache\msimain.sdb
2013-12-30 12:20 - 2013-12-30 12:20 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-30 12:12 - 2013-12-30 12:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallXPSEPSCLP$
2013-12-30 12:12 - 2006-06-29 13:07 - 00014048 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg2.dll
2013-12-30 10:09 - 2013-12-30 10:10 - 00000000 __HDC C:\WINDOWS\ie8
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\rsit
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\Program Files\trend micro
2013-12-22 10:26 - 2013-12-22 10:26 - 00000917 _____ C:\Documents and Settings\adlo\Plocha\Revo Uninstaller.lnk
2013-12-22 10:26 - 2013-12-22 10:26 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-22 08:52 - 2013-12-22 08:52 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-22 08:50 - 2013-12-22 10:10 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Google
2013-12-22 08:49 - 2013-12-22 10:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2013-12-21 21:31 - 2013-12-21 21:31 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Malwarebytes
2013-12-21 21:31 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-12 16:20 - 2013-12-12 16:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
==================== One Month Modified Files and Folders =======
2014-01-02 17:45 - 2014-01-02 17:45 - 00005361 _____ C:\Documents and Settings\adlo\Plocha\FRST.txt
2014-01-02 17:45 - 2014-01-02 17:45 - 00000000 ____D C:\FRST
2014-01-02 17:45 - 2013-06-26 15:10 - 00000000 ____D C:\Documents and Settings\adlo\Plocha
2014-01-02 17:44 - 2013-06-26 15:10 - 00000000 ___HD C:\Documents and Settings\adlo\Local Settings\Data aplikací
2014-01-02 17:43 - 2014-01-02 17:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
2014-01-02 17:39 - 2014-01-02 17:39 - 01064581 _____ (Farbar) C:\Documents and Settings\adlo\Plocha\FRST.exe
2014-01-02 17:26 - 2013-06-26 16:05 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-02 17:22 - 2013-06-26 15:22 - 01827872 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-02 17:21 - 2013-06-26 16:57 - 00000157 _____ C:\WINDOWS\wiadebug.log
2014-01-02 17:21 - 2013-06-26 16:57 - 00000048 _____ C:\WINDOWS\wiaservc.log
2014-01-02 17:21 - 2013-06-26 15:48 - 00000000 _____ C:\msicpl-getdispinfo.log
2014-01-02 17:21 - 2013-06-26 15:47 - 00000053 _____ C:\biosinfo
2014-01-02 17:21 - 2013-06-26 15:47 - 00000000 _____ C:\msicpl-getdataint.log
2014-01-02 17:21 - 2013-06-26 15:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-02 17:21 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-02 17:20 - 2014-01-02 17:19 - 00000000 ____D C:\AdwCleaner
2014-01-02 17:20 - 2013-06-26 15:10 - 00000178 ___SH C:\Documents and Settings\adlo\ntuser.ini
2014-01-02 17:20 - 2013-06-26 15:08 - 00032416 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-02 17:18 - 2014-01-02 17:18 - 01233962 _____ C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
2013-12-31 15:01 - 2013-12-30 14:00 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-31 09:11 - 2013-06-26 18:32 - 00000178 ___SH C:\Documents and Settings\bezp\ntuser.ini
2013-12-30 20:06 - 2013-06-26 18:32 - 00000000 ____D C:\Documents and Settings\bezp
2013-12-30 19:53 - 2013-06-26 15:10 - 00000000 ____D C:\Documents and Settings\adlo
2013-12-30 19:45 - 2013-06-26 17:31 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-30 18:49 - 2013-06-26 15:14 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-12-30 18:41 - 2013-06-27 20:01 - 00002563 _____ C:\Documents and Settings\bezp\Plocha\Microsoft Office Word 2007.lnk
2013-12-30 18:41 - 2013-06-27 20:01 - 00002477 _____ C:\Documents and Settings\bezp\Plocha\Microsoft Office Excel 2007.lnk
2013-12-30 14:29 - 2013-09-23 20:12 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-30 14:05 - 2013-06-26 18:29 - 00006144 _____ C:\Documents and Settings\adlo\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-30 14:00 - 2013-10-18 19:31 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-30 14:00 - 2013-10-18 19:31 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-30 14:00 - 2013-06-26 18:08 - 00000000 ____D C:\Documents and Settings\adlo\Local Settings\Data aplikací\Adobe
2013-12-30 13:45 - 2013-12-30 13:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2013-12-30 13:44 - 2013-06-26 16:55 - 01077882 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-30 13:41 - 2013-06-27 14:24 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-30 13:37 - 2013-06-26 16:39 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-12-30 13:22 - 2013-12-30 13:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2013-12-30 12:20 - 2013-12-30 12:20 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-30 12:12 - 2013-12-30 12:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallXPSEPSCLP$
2013-12-30 12:12 - 2013-09-24 20:34 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-12-30 10:12 - 2013-06-26 16:50 - 00000000 ____D C:\WINDOWS\Help
2013-12-30 10:12 - 2013-06-26 15:10 - 00000803 _____ C:\Documents and Settings\adlo\Nabídka Start\Programy\Internet Explorer.lnk
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Nabídka Start\Programy
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Dokumenty\Obrázky
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Dokumenty\Hudba
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Dokumenty
2013-12-30 10:10 - 2013-12-30 10:09 - 00000000 __HDC C:\WINDOWS\ie8
2013-12-30 10:10 - 2013-06-26 16:50 - 00000000 ____D C:\WINDOWS\Media
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\rsit
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\Program Files\trend micro
2013-12-23 13:08 - 2013-06-26 18:32 - 00000000 ___RD C:\Documents and Settings\bezp\Dokumenty
2013-12-23 13:08 - 2013-06-26 18:32 - 00000000 ____D C:\Documents and Settings\bezp\Plocha
2013-12-22 13:21 - 2013-06-26 16:05 - 00000000 ____D C:\Program Files\Google
2013-12-22 10:30 - 2013-12-22 08:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2013-12-22 10:30 - 2013-06-26 16:05 - 00000000 ____D C:\Documents and Settings\adlo\Local Settings\Data aplikací\Google
2013-12-22 10:28 - 2013-06-26 16:55 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-22 10:28 - 2013-06-26 16:55 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-22 10:26 - 2013-12-22 10:26 - 00000917 _____ C:\Documents and Settings\adlo\Plocha\Revo Uninstaller.lnk
2013-12-22 10:26 - 2013-12-22 10:26 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-22 10:10 - 2013-12-22 08:50 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Google
2013-12-22 08:52 - 2013-12-22 08:52 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-22 08:52 - 2013-06-26 15:08 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-12-22 08:50 - 2013-06-26 15:10 - 00000000 __RHD C:\Documents and Settings\adlo\Data aplikací
2013-12-22 08:49 - 2013-06-26 16:55 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-12-22 08:44 - 2013-10-19 09:09 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-12-22 08:44 - 2013-06-26 16:05 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-22 08:44 - 2013-06-26 16:05 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-12-22 08:44 - 2013-06-26 16:04 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-21 21:31 - 2013-12-21 21:31 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Malwarebytes
2013-12-21 20:44 - 2013-09-15 14:04 - 00000000 ____D C:\Documents and Settings\bezp\Data aplikací\Skype
2013-12-21 00:34 - 2013-06-26 18:32 - 00000000 ___RD C:\Documents and Settings\bezp\Oblíbené položky
2013-12-17 16:29 - 2013-10-05 13:37 - 00000000 ____D C:\Documents and Settings\adlo\.thinkorswim
2013-12-13 14:55 - 2013-06-26 16:55 - 00151584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 16:20 - 2013-12-12 16:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:19 - 2013-08-19 15:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-12 16:19 - 2013-06-26 17:46 - 00019306 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 16:15 - 2013-06-26 17:27 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-06 17:38 - 2013-10-05 13:34 - 00000000 ____D C:\Program Files\thinkTDA
Some content of TEMP:
====================
C:\Documents and Settings\adlo\Local Settings\Temp\DotNetFx20Client_Package_x86.exe
C:\Documents and Settings\adlo\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\adlo\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\adlo\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\bezp\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\bezp\Local Settings\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2001-10-25 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2001-10-25 13:00] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2001-10-25 13:00] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:29.3 GB) (Free:12.93 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:82.48 GB) (Free:65.53 GB) NTFS
Available physical RAM: 552.32 MB
Total physical RAM: 1023.48 MB
Percentage of memory in use: 46%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 112 GB) (Disk ID: 0003D581)
Partition 1: (Active) - (Size=29 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=82 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\adlo\Plocha" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SA1.tmp" /EF "HKLM" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
# AdwCleaner v3.016 - Report created 02/01/2014 at 17:20:16
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : adlo - AMD
# Running from : C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64697678-0000-0010-8000-00AA00389B71}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
*************************
AdwCleaner[R0].txt - [914 octets] - [02/01/2014 17:19:10]
AdwCleaner[S0].txt - [842 octets] - [02/01/2014 17:20:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [901 octets] ##########
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by adlo (administrator) on AMD on 02-01-2014 17:45:33
Running from C:\Documents and Settings\adlo\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SW20] - C:\WINDOWS\system32\sw20.exe [212992 2005-06-29] ()
HKLM\...\Run: [SW24] - C:\WINDOWS\system32\sw24.exe [69632 2005-07-04] ()
HKLM\...\Run: [SoundMan] - C:\WINDOWS\soundman.exe [577536 2006-11-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\Comodo\COMODO Internet Security\cfp.exe [6756048 2012-11-07] (COMODO)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-22] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\bezp\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [ 2013-05-01] (Apple Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-22] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-07] (COMODO)
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4027840 2007-03-08] (Realtek Semiconductor Corp.)
R1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-22] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-19] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-22] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-22] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [497952 2012-11-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32640 2012-11-07] (COMODO)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99080 2012-11-07] (COMODO)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [93568 2013-06-09] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33536 2013-06-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2013-06-09] (NVIDIA Corporation)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [x]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 MSICPL; \??\E:\install4\MSICPL.sys [x]
S3 NTACCESS; \??\E:\NTACCESS.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\E:\NTGLM7X.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-02 17:45 - 2014-01-02 17:45 - 00005361 _____ C:\Documents and Settings\adlo\Plocha\FRST.txt
2014-01-02 17:45 - 2014-01-02 17:45 - 00000000 ____D C:\FRST
2014-01-02 17:43 - 2014-01-02 17:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
2014-01-02 17:39 - 2014-01-02 17:39 - 01064581 _____ (Farbar) C:\Documents and Settings\adlo\Plocha\FRST.exe
2014-01-02 17:19 - 2014-01-02 17:20 - 00000000 ____D C:\AdwCleaner
2014-01-02 17:18 - 2014-01-02 17:18 - 01233962 _____ C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
2013-12-30 14:00 - 2013-12-31 15:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-30 13:45 - 2013-12-30 13:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2013-12-30 13:22 - 2013-12-30 13:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2013-12-30 13:20 - 2011-03-11 15:10 - 00225262 ____C C:\WINDOWS\system32\dllcache\msimain.sdb
2013-12-30 12:20 - 2013-12-30 12:20 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-30 12:12 - 2013-12-30 12:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallXPSEPSCLP$
2013-12-30 12:12 - 2006-06-29 13:07 - 00014048 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg2.dll
2013-12-30 10:09 - 2013-12-30 10:10 - 00000000 __HDC C:\WINDOWS\ie8
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\rsit
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\Program Files\trend micro
2013-12-22 10:26 - 2013-12-22 10:26 - 00000917 _____ C:\Documents and Settings\adlo\Plocha\Revo Uninstaller.lnk
2013-12-22 10:26 - 2013-12-22 10:26 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-22 08:52 - 2013-12-22 08:52 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-22 08:50 - 2013-12-22 10:10 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Google
2013-12-22 08:49 - 2013-12-22 10:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2013-12-21 21:31 - 2013-12-21 21:31 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Malwarebytes
2013-12-21 21:31 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-12 16:20 - 2013-12-12 16:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
==================== One Month Modified Files and Folders =======
2014-01-02 17:45 - 2014-01-02 17:45 - 00005361 _____ C:\Documents and Settings\adlo\Plocha\FRST.txt
2014-01-02 17:45 - 2014-01-02 17:45 - 00000000 ____D C:\FRST
2014-01-02 17:45 - 2013-06-26 15:10 - 00000000 ____D C:\Documents and Settings\adlo\Plocha
2014-01-02 17:44 - 2013-06-26 15:10 - 00000000 ___HD C:\Documents and Settings\adlo\Local Settings\Data aplikací
2014-01-02 17:43 - 2014-01-02 17:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
2014-01-02 17:39 - 2014-01-02 17:39 - 01064581 _____ (Farbar) C:\Documents and Settings\adlo\Plocha\FRST.exe
2014-01-02 17:26 - 2013-06-26 16:05 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-02 17:22 - 2013-06-26 15:22 - 01827872 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-02 17:21 - 2013-06-26 16:57 - 00000157 _____ C:\WINDOWS\wiadebug.log
2014-01-02 17:21 - 2013-06-26 16:57 - 00000048 _____ C:\WINDOWS\wiaservc.log
2014-01-02 17:21 - 2013-06-26 15:48 - 00000000 _____ C:\msicpl-getdispinfo.log
2014-01-02 17:21 - 2013-06-26 15:47 - 00000053 _____ C:\biosinfo
2014-01-02 17:21 - 2013-06-26 15:47 - 00000000 _____ C:\msicpl-getdataint.log
2014-01-02 17:21 - 2013-06-26 15:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-02 17:21 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-02 17:20 - 2014-01-02 17:19 - 00000000 ____D C:\AdwCleaner
2014-01-02 17:20 - 2013-06-26 15:10 - 00000178 ___SH C:\Documents and Settings\adlo\ntuser.ini
2014-01-02 17:20 - 2013-06-26 15:08 - 00032416 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-02 17:18 - 2014-01-02 17:18 - 01233962 _____ C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
2013-12-31 15:01 - 2013-12-30 14:00 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-31 09:11 - 2013-06-26 18:32 - 00000178 ___SH C:\Documents and Settings\bezp\ntuser.ini
2013-12-30 20:06 - 2013-06-26 18:32 - 00000000 ____D C:\Documents and Settings\bezp
2013-12-30 19:53 - 2013-06-26 15:10 - 00000000 ____D C:\Documents and Settings\adlo
2013-12-30 19:45 - 2013-06-26 17:31 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-30 18:49 - 2013-06-26 15:14 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-12-30 18:41 - 2013-06-27 20:01 - 00002563 _____ C:\Documents and Settings\bezp\Plocha\Microsoft Office Word 2007.lnk
2013-12-30 18:41 - 2013-06-27 20:01 - 00002477 _____ C:\Documents and Settings\bezp\Plocha\Microsoft Office Excel 2007.lnk
2013-12-30 14:29 - 2013-09-23 20:12 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-30 14:05 - 2013-06-26 18:29 - 00006144 _____ C:\Documents and Settings\adlo\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-30 14:00 - 2013-10-18 19:31 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-30 14:00 - 2013-10-18 19:31 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-30 14:00 - 2013-06-26 18:08 - 00000000 ____D C:\Documents and Settings\adlo\Local Settings\Data aplikací\Adobe
2013-12-30 13:45 - 2013-12-30 13:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2013-12-30 13:44 - 2013-06-26 16:55 - 01077882 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-30 13:41 - 2013-06-27 14:24 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-30 13:37 - 2013-06-26 16:39 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-12-30 13:22 - 2013-12-30 13:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2013-12-30 12:20 - 2013-12-30 12:20 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-30 12:12 - 2013-12-30 12:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallXPSEPSCLP$
2013-12-30 12:12 - 2013-09-24 20:34 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-12-30 10:12 - 2013-06-26 16:50 - 00000000 ____D C:\WINDOWS\Help
2013-12-30 10:12 - 2013-06-26 15:10 - 00000803 _____ C:\Documents and Settings\adlo\Nabídka Start\Programy\Internet Explorer.lnk
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Nabídka Start\Programy
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Dokumenty\Obrázky
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Dokumenty\Hudba
2013-12-30 10:12 - 2013-06-26 15:10 - 00000000 ___RD C:\Documents and Settings\adlo\Dokumenty
2013-12-30 10:10 - 2013-12-30 10:09 - 00000000 __HDC C:\WINDOWS\ie8
2013-12-30 10:10 - 2013-06-26 16:50 - 00000000 ____D C:\WINDOWS\Media
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\rsit
2013-12-29 11:14 - 2013-12-29 11:14 - 00000000 ____D C:\Program Files\trend micro
2013-12-23 13:08 - 2013-06-26 18:32 - 00000000 ___RD C:\Documents and Settings\bezp\Dokumenty
2013-12-23 13:08 - 2013-06-26 18:32 - 00000000 ____D C:\Documents and Settings\bezp\Plocha
2013-12-22 13:21 - 2013-06-26 16:05 - 00000000 ____D C:\Program Files\Google
2013-12-22 10:30 - 2013-12-22 08:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2013-12-22 10:30 - 2013-06-26 16:05 - 00000000 ____D C:\Documents and Settings\adlo\Local Settings\Data aplikací\Google
2013-12-22 10:28 - 2013-06-26 16:55 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-22 10:28 - 2013-06-26 16:55 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-22 10:26 - 2013-12-22 10:26 - 00000917 _____ C:\Documents and Settings\adlo\Plocha\Revo Uninstaller.lnk
2013-12-22 10:26 - 2013-12-22 10:26 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-22 10:10 - 2013-12-22 08:50 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Google
2013-12-22 08:52 - 2013-12-22 08:52 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-22 08:52 - 2013-06-26 15:08 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-12-22 08:50 - 2013-06-26 15:10 - 00000000 __RHD C:\Documents and Settings\adlo\Data aplikací
2013-12-22 08:49 - 2013-06-26 16:55 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-12-22 08:44 - 2013-10-19 09:09 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-12-22 08:44 - 2013-06-26 16:05 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-22 08:44 - 2013-06-26 16:05 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-12-22 08:44 - 2013-06-26 16:05 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-12-22 08:44 - 2013-06-26 16:04 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-21 21:31 - 2013-12-21 21:31 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-21 21:31 - 2013-12-21 21:31 - 00000000 ____D C:\Documents and Settings\adlo\Data aplikací\Malwarebytes
2013-12-21 20:44 - 2013-09-15 14:04 - 00000000 ____D C:\Documents and Settings\bezp\Data aplikací\Skype
2013-12-21 00:34 - 2013-06-26 18:32 - 00000000 ___RD C:\Documents and Settings\bezp\Oblíbené položky
2013-12-17 16:29 - 2013-10-05 13:37 - 00000000 ____D C:\Documents and Settings\adlo\.thinkorswim
2013-12-13 14:55 - 2013-06-26 16:55 - 00151584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 16:20 - 2013-12-12 16:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:19 - 2013-12-12 16:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:19 - 2013-08-19 15:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-12 16:19 - 2013-06-26 17:46 - 00019306 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:15 - 2013-12-12 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 16:15 - 2013-06-26 17:27 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-06 17:38 - 2013-10-05 13:34 - 00000000 ____D C:\Program Files\thinkTDA
Some content of TEMP:
====================
C:\Documents and Settings\adlo\Local Settings\Temp\DotNetFx20Client_Package_x86.exe
C:\Documents and Settings\adlo\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\adlo\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\adlo\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\bezp\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\bezp\Local Settings\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2001-10-25 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2001-10-25 13:00] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2001-10-25 13:00] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2001-10-25 13:00] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:29.3 GB) (Free:12.93 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:82.48 GB) (Free:65.53 GB) NTFS
Available physical RAM: 552.32 MB
Total physical RAM: 1023.48 MB
Percentage of memory in use: 46%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 112 GB) (Disk ID: 0003D581)
Partition 1: (Active) - (Size=29 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=82 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\adlo\Plocha" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SA1.tmp" /EF "HKLM" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.7z
- (4.94 KiB) Staženo 51 x
Re: kontrola - pro vyosek
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKU\bezp\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [ 2013-05-01] (Apple Inc.) SearchScopes: HKLM - DefaultScope value is missing. Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [x] S4 hpt3xx; No ImagePath S4 IntelIde; No ImagePath S3 MSICPL; \??\E:\install4\MSICPL.sys [x] S3 NTACCESS; \??\E:\NTACCESS.sys [x] S3 SetupNTGLM7X; \??\E:\NTGLM7X.sys [x] 2014-01-02 17:43 - 2014-01-02 17:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe 2014-01-02 17:18 - 2014-01-02 17:18 - 01233962 _____ C:\Documents and Settings\adlo\Plocha\adwcleaner.exe C:\Documents and Settings\adlo\Local Settings\Temp\DotNetFx20Client_Package_x86.exe C:\Documents and Settings\adlo\Local Settings\Temp\i4jdel0.exe C:\Documents and Settings\adlo\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\adlo\Local Settings\Temp\SkypeSetup.exe C:\Documents and Settings\bezp\Local Settings\Temp\i4jdel0.exe C:\Documents and Settings\bezp\Local Settings\Temp\SkypeSetup.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola - pro vyosek
Díky za rychlou reakci a dávám fixlog:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-01-2014 01
Ran by adlo at 2014-01-02 20:28:19 Run:1
Running from C:\Documents and Settings\adlo\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\bezp\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [ 2013-05-01] (Apple Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [x]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 MSICPL; \??\E:\install4\MSICPL.sys [x]
S3 NTACCESS; \??\E:\NTACCESS.sys [x]
S3 SetupNTGLM7X; \??\E:\NTGLM7X.sys [x]
2014-01-02 17:43 - 2014-01-02 17:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
2014-01-02 17:18 - 2014-01-02 17:18 - 01233962 _____ C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
C:\Documents and Settings\adlo\Local Settings\Temp\DotNetFx20Client_Package_x86.exe
C:\Documents and Settings\adlo\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\adlo\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\adlo\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\bezp\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\bezp\Local Settings\Temp\SkypeSetup.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKU\bezp\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Value deleted successfully.
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
GMSIPCI => Service deleted successfully.
hpt3xx => Service deleted successfully.
IntelIde => Service deleted successfully.
MSICPL => Service deleted successfully.
NTACCESS => Service deleted successfully.
SetupNTGLM7X => Service deleted successfully.
C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe => Moved successfully.
C:\Documents and Settings\adlo\Plocha\adwcleaner.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\DotNetFx20Client_Package_x86.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\i4jdel0.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\SkypeSetup.exe => Moved successfully.
C:\Documents and Settings\bezp\Local Settings\Temp\i4jdel0.exe => Moved successfully.
C:\Documents and Settings\bezp\Local Settings\Temp\SkypeSetup.exe => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-01-2014 01
Ran by adlo at 2014-01-02 20:28:19 Run:1
Running from C:\Documents and Settings\adlo\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\bezp\...\Run: [QuickTime Task] - C:\Program Files\QuickTime Alternative\QTTask.exe [ 2013-05-01] (Apple Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [x]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 MSICPL; \??\E:\install4\MSICPL.sys [x]
S3 NTACCESS; \??\E:\NTACCESS.sys [x]
S3 SetupNTGLM7X; \??\E:\NTGLM7X.sys [x]
2014-01-02 17:43 - 2014-01-02 17:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe
2014-01-02 17:18 - 2014-01-02 17:18 - 01233962 _____ C:\Documents and Settings\adlo\Plocha\adwcleaner.exe
C:\Documents and Settings\adlo\Local Settings\Temp\DotNetFx20Client_Package_x86.exe
C:\Documents and Settings\adlo\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\adlo\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\adlo\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\bezp\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\bezp\Local Settings\Temp\SkypeSetup.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKU\bezp\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Value deleted successfully.
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
GMSIPCI => Service deleted successfully.
hpt3xx => Service deleted successfully.
IntelIde => Service deleted successfully.
MSICPL => Service deleted successfully.
NTACCESS => Service deleted successfully.
SetupNTGLM7X => Service deleted successfully.
C:\Documents and Settings\adlo\Plocha\FRSTLauncher.exe => Moved successfully.
C:\Documents and Settings\adlo\Plocha\adwcleaner.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\DotNetFx20Client_Package_x86.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\i4jdel0.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\adlo\Local Settings\Temp\SkypeSetup.exe => Moved successfully.
C:\Documents and Settings\bezp\Local Settings\Temp\i4jdel0.exe => Moved successfully.
C:\Documents and Settings\bezp\Local Settings\Temp\SkypeSetup.exe => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========
Operace byla dokončena úspěšně.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: kontrola - pro vyosek
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola - pro vyosek
Úklid jsem provedl podle návodu. Zdá se, že všechno funguje.
Moc děkuji za pomoc.
Moc děkuji za pomoc.
Re: kontrola - pro vyosek
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?