Prosím o kontrolu - díky

Zpráva

joj · #1 Příspěvek od **joj** » 05 led 2014 14:14

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:12, on 5.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\MediaKey\MediaKey.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Philips Display\SmartControl\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DefaultTab\DefaultTabSearch.exe
C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\dtupdate.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Portrait Displays\Pivot Pro Plugin\floater.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\Program Files\AVAST Software\Avast\Setup\New\instup.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\lenka\Local Settings\Temporary Internet Files\Content.IE5\S433MJYL\HiJackThis[1].exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\DefaultTabBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\MediaKey\MediaKey.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
O4 - HKLM\..\Run: [DT PLP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PLP
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [emsisoft anti-malware] "C:\Program Files\Emsisoft Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\lenka\Data aplikací\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít obrázek v aplikaci &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1029\phdintl.dll/phdContext.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\dtupdate.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe

--
End of file - 10423 bytes

#2 Příspěvek od **Rudy** » 05 led 2014 16:07

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

joj · #3 Příspěvek od **joj** » 05 led 2014 17:27

Provedeno. Log FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-01-2014
Ran by lenka (administrator) on FERDA on 05-01-2014 17:22:20
Running from C:\Documents and Settings\lenka\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lavasoft) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Dritek System Inc.) C:\Program Files\MediaKey\MEDIAKEY.EXE
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
(ScanSoft, Inc) C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
(Portrait Displays, Inc) C:\Program Files\Philips Display\SmartControl\dthtml.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\DefaultTab\DefaultTabSearch.exe
() C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\dtupdate.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
() C:\Program Files\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
(Lavasoft) C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\lenka\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [17567744 2009-03-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MediaKey] - C:\Program Files\MediaKey\MEDIAKEY.EXE [135168 2001-01-15] (Dritek System Inc.)
HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [172032 2003-03-11] (HP)
HKLM\...\Run: [DeviceDiscovery] - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [40960 2002-12-02] (Hewlett-Packard)
HKLM\...\Run: [PivotSoftware] - C:\Program Files\Portrait Displays\Pivot Pro Plugin\pivot_Startup.exe [110192 2010-05-13] ()
HKLM\...\Run: [DT PLP] - C:\Program Files\Common Files\Portrait Displays\Shared\DT_Startup.exe [121456 2010-05-17] ()
HKLM\...\Run: [Omnipage] - C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [49152 2002-06-03] (ScanSoft, Inc)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-05] (AVAST Software)
HKLM\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\96741a70-e87b-4f41-a41a-3f0318b695ad.exe /check [181136 2014-01-05] (AVAST Software)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\lenka\Data aplikací\newnext.me\nengine.dll",EntryPoint -m l
BootExecute: autocheck autochk * lsdelete

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
SearchScopes: HKCU - {9D86B43F-3BBB-46F6-9AAD-C1440A275C9C} URL = http://www.mysearchresults.com/search?c ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.75.0.254 10.0.0.3 10.0.0.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF Extension: No Name - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\staged
FF Extension: Youtube Video Center - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{34878998-c8be-40bc-bc13-9243a2844976}(2)
FF Extension: Ad-Aware Security Add-on - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF Extension: DownloadHelper - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Youtube MP3 Converter - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\2conv@hotger.com.xpi
FF Extension: Default Tab - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\addon@defaulttab.com.xpi
FF Extension: Flash Video Downloader - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\artur.dubovoy@gmail.com.xpi
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\

Chrome:
=======
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchKeyword: search here
CHR DefaultSearchProvider: Search Here
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DefaultTab) - C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx
CHR HKLM\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\DOCUME~1\lenka\LOCALS~1\Temp\ccex.crx

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-05] (AVAST Software)
R2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [574464 2013-12-20] ()
R2 DefaultTabUpdate; C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\dtupdate.exe [107520 2014-01-03] ()
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-05-17] ()
R2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1029456 2009-07-03] (Lavasoft)
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [109168 2010-04-16] (Portrait Displays, Inc.)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-05] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-05] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-05] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-05] ()
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-07-21] (Elaborate Bytes AG)
S1 hola_net; C:\Windows\System32\DRIVERS\hola_net.sys [72688 2013-03-29] (Hola Networks Ltd.)
R3 KBFiltr; C:\Windows\System32\Drivers\KBFiltr.sys [13620 2000-04-07] ()
R3 L1e; C:\Windows\System32\DRIVERS\l1e51x86.sys [38400 2008-09-23] (Atheros Communications, Inc.)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64160 2009-07-03] (Lavasoft AB)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [17136 2010-04-16] (Portrait Displays, Inc.)
S1 Pivot; C:\Windows\System32\drivers\pivot.sys [17465 2010-05-13] (Portrait Displays, Inc.)
S3 pivotmou; C:\WINDOWS\System32\drivers\pivotmou.sys [11323 2010-05-13] (Portrait Displays, Inc.)
S4 IntelIde; No ImagePath
S3 NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [x]
S3 NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S1 SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS [x]
S1 SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-05 17:22 - 2014-01-05 17:22 - 00017425 _____ C:\Documents and Settings\lenka\Plocha\FRST.txt
2014-01-05 17:22 - 2014-01-05 17:22 - 00000000 ____D C:\FRST
2014-01-05 17:21 - 2014-01-05 17:21 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\lenka\Plocha\FRSTLauncher.exe
2014-01-05 17:12 - 2014-01-05 17:12 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\AVAST Software
2014-01-05 17:04 - 2014-01-05 17:04 - 01064761 _____ (Farbar) C:\Documents and Settings\lenka\Plocha\FRST.exe
2014-01-05 14:15 - 2014-01-05 14:15 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\lenka\Plocha\HiJackThis.exe
2014-01-05 14:12 - 2014-01-05 14:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-01-05 14:06 - 2014-01-05 17:20 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-05 14:01 - 2014-01-05 17:15 - 00001134 _____ C:\aaw7boot.log
2014-01-05 14:00 - 2009-07-03 15:49 - 00015688 _____ C:\WINDOWS\system32\lsdelete.exe
2014-01-05 13:34 - 2014-01-05 13:34 - 00000000 ____D C:\Documents and Settings\LocalService\Plocha
2014-01-05 13:31 - 2014-01-05 13:31 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-01-05 13:29 - 2009-07-03 15:49 - 00064160 _____ (Lavasoft AB) C:\WINDOWS\system32\Drivers\Lbd.sys
2014-01-05 13:28 - 2014-01-05 13:28 - 00000876 _____ C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
2014-01-05 13:28 - 2014-01-05 13:28 - 00000000 __HDC C:\Documents and Settings\All Users\Data aplikací\{EF63305C-BAD7-4144-9208-D65528260864}
2014-01-05 13:28 - 2014-01-05 13:28 - 00000000 ____D C:\Program Files\Lavasoft
2014-01-05 13:28 - 2014-01-05 13:28 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Lavasoft
2014-01-05 13:14 - 2014-01-05 13:16 - 00001734 _____ C:\rapport.txt
2014-01-05 13:14 - 2014-01-05 13:16 - 00000000 ____D C:\Documents and Settings\lenka\Plocha\SmitfraudFix
2014-01-05 13:14 - 2014-01-05 13:14 - 00003408 _____ C:\WINDOWS\system32\tmp.reg
2014-01-05 13:14 - 2008-08-09 15:37 - 00082432 _____ (S!Ri.URZ) C:\WINDOWS\system32\404Fix.exe
2014-01-05 13:14 - 2008-05-29 09:35 - 00086528 _____ (S!Ri.URZ) C:\WINDOWS\system32\VACFix.exe
2014-01-05 13:14 - 2008-05-18 21:40 - 00082944 _____ (S!Ri.URZ) C:\WINDOWS\system32\IEDFix.exe
2014-01-05 13:14 - 2007-10-04 00:36 - 00025600 _____ C:\WINDOWS\system32\WS2Fix.exe
2014-01-05 13:14 - 2007-09-06 00:22 - 00289144 _____ (S!Ri) C:\WINDOWS\system32\VCCLSID.exe
2014-01-05 13:14 - 2006-12-01 06:20 - 00079360 _____ (SteelWerX) C:\WINDOWS\system32\swxcacls.exe
2014-01-05 13:14 - 2006-08-29 19:43 - 00135168 _____ (SteelWerX) C:\WINDOWS\system32\swreg.exe
2014-01-05 13:14 - 2006-01-09 10:36 - 00040960 _____ C:\WINDOWS\system32\swsc.exe
2014-01-05 13:14 - 2004-07-31 18:50 - 00051200 _____ C:\WINDOWS\system32\dumphive.exe
2014-01-05 10:24 - 2014-01-05 10:24 - 16409960 _____ (Safer Networking Limited ) C:\Documents and Settings\lenka\Plocha\setup-spybotsd162.exe
2014-01-05 10:19 - 2014-01-05 13:29 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-05 09:24 - 2014-01-05 09:24 - 00000000 _____ C:\autoexec.bat
2014-01-05 09:22 - 2014-01-05 09:22 - 00001976 _____ C:\Documents and Settings\lenka\Plocha\SpyHunter.lnk
2014-01-05 09:22 - 2014-01-05 09:22 - 00000000 ____D C:\sh4ldr
2014-01-05 09:22 - 2014-01-05 09:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-05 09:22 - 2014-01-05 09:22 - 00000000 ____D C:\Documents and Settings\lenka\Nabídka Start\Programy\SpyHunter
2014-01-03 19:01 - 2014-01-03 19:01 - 00000000 ____D C:\Program Files\DefaultTab
2014-01-03 19:01 - 2014-01-03 19:01 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2014-01-03 19:00 - 2014-01-05 17:16 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\newnext.me
2014-01-03 19:00 - 2014-01-04 21:51 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\Mobogenie
2014-01-03 19:00 - 2014-01-04 19:15 - 00043130 _____ C:\Documents and Settings\lenka\daemonprocess.txt
2014-01-03 19:00 - 2014-01-04 19:01 - 00001120 __RSH C:\Documents and Settings\lenka\ntuser.pol
2014-01-03 19:00 - 2014-01-03 19:05 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\cache
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\genienext
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Dokumenty\Mobogenie
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\defaulttab
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\.android
2014-01-03 18:59 - 2014-01-03 18:59 - 03246852 _____ C:\Documents and Settings\lenka\Plocha\iTools1115E.zip
2013-12-26 21:58 - 2013-12-26 21:58 - 00081920 _____ C:\WINDOWS\Minidump\Mini122613-01.dmp
2013-12-20 21:32 - 2013-12-20 21:32 - 00041735 _____ C:\Aberdeen_(2000).srt
2013-12-20 17:05 - 2013-12-20 21:14 - 733964288 ____R C:\Aberdeen_(2000).avi
2013-12-20 14:18 - 2013-12-20 14:18 - 00001822 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-12-20 14:18 - 2013-12-20 14:18 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
2013-12-20 14:17 - 2014-01-05 17:15 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-20 14:17 - 2014-01-05 16:27 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-20 14:17 - 2013-12-20 14:18 - 00000000 ____D C:\Program Files\Google
2013-12-20 14:17 - 2013-12-20 14:18 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google
2013-12-20 14:17 - 2013-12-20 14:17 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\Deployment
2013-12-16 14:31 - 2013-12-16 14:31 - 00001551 _____ C:\Documents and Settings\All Users\Plocha\iTunes.lnk
2013-12-16 14:31 - 2013-12-16 14:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\iTunes
2013-12-16 12:17 - 2013-12-16 12:18 - 02208150 _____ C:\Documents and Settings\lenka\Plocha\v.bmp
2013-12-13 19:27 - 2013-12-13 19:27 - 02107470 _____ C:\Documents and Settings\lenka\Plocha\cc.bmp
2013-12-13 19:15 - 2013-12-13 19:15 - 00000305 _____ C:\Documents and Settings\lenka\Plocha\CSOB_1020462040_13.12.2013.txt
2013-12-11 15:39 - 2014-01-05 17:12 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-10 19:56 - 2013-12-10 19:56 - 00272384 _____ C:\Documents and Settings\lenka\Plocha\pf2014.mix

==================== One Month Modified Files and Folders =======

2014-01-05 17:22 - 2014-01-05 17:22 - 00017425 _____ C:\Documents and Settings\lenka\Plocha\FRST.txt
2014-01-05 17:22 - 2014-01-05 17:22 - 00000000 ____D C:\FRST
2014-01-05 17:22 - 2012-01-14 14:10 - 00000000 ____D C:\Documents and Settings\lenka\Plocha
2014-01-05 17:21 - 2014-01-05 17:21 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\lenka\Plocha\FRSTLauncher.exe
2014-01-05 17:21 - 2012-01-14 14:10 - 00000000 ___HD C:\Documents and Settings\lenka\Local Settings\Data aplikací
2014-01-05 17:20 - 2014-01-05 14:06 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-05 17:17 - 2012-01-14 14:04 - 01876213 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-05 17:16 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\newnext.me
2014-01-05 17:16 - 2012-02-22 16:07 - 00001505 _____ C:\Documents and Settings\lenka\Plocha\SmartControl.lnk
2014-01-05 17:15 - 2014-01-05 14:01 - 00001134 _____ C:\aaw7boot.log
2014-01-05 17:15 - 2013-12-20 14:17 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 17:15 - 2013-03-02 12:12 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2014-01-05 17:15 - 2012-01-14 14:59 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-05 17:15 - 2012-01-14 14:59 - 00000048 _____ C:\WINDOWS\wiaservc.log
2014-01-05 17:15 - 2012-01-14 14:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-05 17:14 - 2013-04-07 14:06 - 00032538 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-05 17:14 - 2013-03-02 12:12 - 00000000 ____D C:\Documents and Settings\lenka\Dokumenty\Anti-Malware
2014-01-05 17:14 - 2012-01-14 14:56 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-01-05 17:14 - 2012-01-14 14:56 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2014-01-05 17:14 - 2012-01-14 14:10 - 00000178 ___SH C:\Documents and Settings\lenka\ntuser.ini
2014-01-05 17:12 - 2014-01-05 17:12 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\AVAST Software
2014-01-05 17:12 - 2013-12-11 15:39 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-05 17:12 - 2012-01-14 14:10 - 00000000 __RHD C:\Documents and Settings\lenka\Data aplikací
2014-01-05 17:04 - 2014-01-05 17:04 - 01064761 _____ (Farbar) C:\Documents and Settings\lenka\Plocha\FRST.exe
2014-01-05 16:33 - 2012-01-14 14:10 - 00000000 ___RD C:\Documents and Settings\lenka\Oblíbené položky
2014-01-05 16:27 - 2013-12-20 14:17 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-05 14:15 - 2014-01-05 14:15 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\lenka\Plocha\HiJackThis.exe
2014-01-05 14:12 - 2014-01-05 14:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-01-05 14:12 - 2012-01-14 16:01 - 00001742 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-01-05 14:10 - 2013-04-10 20:34 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-05 14:10 - 2013-04-10 20:34 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-05 14:10 - 2013-04-10 20:34 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-05 14:10 - 2012-01-14 16:01 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-05 14:10 - 2012-01-14 16:01 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-05 14:10 - 2012-01-14 16:01 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-05 14:10 - 2012-01-14 16:01 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-05 14:10 - 2012-01-14 16:01 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-05 14:10 - 2012-01-14 16:01 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-05 14:07 - 2012-01-14 14:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2014-01-05 14:06 - 2012-01-14 14:04 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2014-01-05 13:34 - 2014-01-05 13:34 - 00000000 ____D C:\Documents and Settings\LocalService\Plocha
2014-01-05 13:34 - 2012-01-14 14:09 - 00000000 __SHD C:\Documents and Settings\LocalService
2014-01-05 13:31 - 2014-01-05 13:31 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-01-05 13:29 - 2014-01-05 10:19 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-05 13:29 - 2013-10-15 20:34 - 00044454 _____ C:\WINDOWS\setupapi.log
2014-01-05 13:29 - 2013-04-07 12:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-01-05 13:29 - 2012-12-04 21:44 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2014-01-05 13:28 - 2014-01-05 13:28 - 00000876 _____ C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
2014-01-05 13:28 - 2014-01-05 13:28 - 00000000 __HDC C:\Documents and Settings\All Users\Data aplikací\{EF63305C-BAD7-4144-9208-D65528260864}
2014-01-05 13:28 - 2014-01-05 13:28 - 00000000 ____D C:\Program Files\Lavasoft
2014-01-05 13:28 - 2014-01-05 13:28 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Lavasoft
2014-01-05 13:28 - 2012-01-14 14:56 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2014-01-05 13:16 - 2014-01-05 13:14 - 00001734 _____ C:\rapport.txt
2014-01-05 13:16 - 2014-01-05 13:14 - 00000000 ____D C:\Documents and Settings\lenka\Plocha\SmitfraudFix
2014-01-05 13:15 - 2013-10-15 20:27 - 00000360 _____ C:\WINDOWS\setupact.log
2014-01-05 13:14 - 2014-01-05 13:14 - 00003408 _____ C:\WINDOWS\system32\tmp.reg
2014-01-05 13:14 - 2012-12-26 19:29 - 00000000 _____ C:\WINDOWS\system32\tmp.txt
2014-01-05 10:24 - 2014-01-05 10:24 - 16409960 _____ (Safer Networking Limited ) C:\Documents and Settings\lenka\Plocha\setup-spybotsd162.exe
2014-01-05 09:33 - 2012-01-14 14:10 - 00001608 _____ C:\Documents and Settings\lenka\Nabídka Start\Programy\Vzdálená pomoc.lnk
2014-01-05 09:29 - 2012-01-14 14:04 - 00001608 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2014-01-05 09:29 - 2012-01-14 14:04 - 00001572 _____ C:\Documents and Settings\All Users\Nabídka Start\Přístup a výchozí nastavení programů.lnk
2014-01-05 09:29 - 2012-01-14 14:04 - 00001516 _____ C:\Documents and Settings\All Users\Nabídka Start\Windows Update.lnk
2014-01-05 09:24 - 2014-01-05 09:24 - 00000000 _____ C:\autoexec.bat
2014-01-05 09:22 - 2014-01-05 09:22 - 00001976 _____ C:\Documents and Settings\lenka\Plocha\SpyHunter.lnk
2014-01-05 09:22 - 2014-01-05 09:22 - 00000000 ____D C:\sh4ldr
2014-01-05 09:22 - 2014-01-05 09:22 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-05 09:22 - 2014-01-05 09:22 - 00000000 ____D C:\Documents and Settings\lenka\Nabídka Start\Programy\SpyHunter
2014-01-05 09:22 - 2013-01-22 16:36 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2014-01-05 09:22 - 2012-01-14 14:10 - 00000000 ___RD C:\Documents and Settings\lenka\Nabídka Start\Programy
2014-01-04 22:02 - 2012-01-14 14:10 - 00000000 ____D C:\Documents and Settings\lenka
2014-01-04 21:51 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\Mobogenie
2014-01-04 19:15 - 2014-01-03 19:00 - 00043130 _____ C:\Documents and Settings\lenka\daemonprocess.txt
2014-01-04 19:01 - 2014-01-03 19:00 - 00001120 __RSH C:\Documents and Settings\lenka\ntuser.pol
2014-01-03 19:20 - 2013-04-10 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Apple
2014-01-03 19:05 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\cache
2014-01-03 19:01 - 2014-01-03 19:01 - 00000000 ____D C:\Program Files\DefaultTab
2014-01-03 19:01 - 2014-01-03 19:01 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2014-01-03 19:01 - 2012-01-14 14:09 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\genienext
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Dokumenty\Mobogenie
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\defaulttab
2014-01-03 19:00 - 2014-01-03 19:00 - 00000000 ____D C:\Documents and Settings\lenka\.android
2014-01-03 19:00 - 2012-01-14 14:10 - 00000000 ___RD C:\Documents and Settings\lenka\Dokumenty
2014-01-03 18:59 - 2014-01-03 18:59 - 03246852 _____ C:\Documents and Settings\lenka\Plocha\iTools1115E.zip
2014-01-01 18:49 - 2012-01-20 19:31 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\BitTorrent
2013-12-31 16:40 - 2013-05-14 16:47 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\vlc
2013-12-30 16:54 - 2013-11-24 17:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-30 08:58 - 2006-03-02 13:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-29 11:03 - 2012-01-15 13:56 - 00002404 _____ C:\WINDOWS\WINTRAN.INI
2013-12-27 18:43 - 2012-01-14 18:35 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\Skype
2013-12-27 17:46 - 2012-01-14 18:35 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-12-26 21:58 - 2013-12-26 21:58 - 00081920 _____ C:\WINDOWS\Minidump\Mini122613-01.dmp
2013-12-26 21:58 - 2012-03-27 18:04 - 00000000 ____D C:\WINDOWS\Minidump
2013-12-26 09:45 - 2013-10-15 20:35 - 00004460 _____ C:\WINDOWS\wmsetup.log
2013-12-24 09:33 - 2012-02-27 17:28 - 00000155 _____ C:\WINDOWS\NeroDigital.ini
2013-12-21 16:42 - 2013-02-21 17:14 - 00312832 ___SH C:\Documents and Settings\lenka\Plocha\Thumbs.db
2013-12-20 21:32 - 2013-12-20 21:32 - 00041735 _____ C:\Aberdeen_(2000).srt
2013-12-20 21:14 - 2013-12-20 17:05 - 733964288 ____R C:\Aberdeen_(2000).avi
2013-12-20 14:18 - 2013-12-20 14:18 - 00001822 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-12-20 14:18 - 2013-12-20 14:18 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
2013-12-20 14:18 - 2013-12-20 14:17 - 00000000 ____D C:\Program Files\Google
2013-12-20 14:18 - 2013-12-20 14:17 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\Google
2013-12-20 14:17 - 2013-12-20 14:17 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\Deployment
2013-12-16 14:31 - 2013-12-16 14:31 - 00001551 _____ C:\Documents and Settings\All Users\Plocha\iTunes.lnk
2013-12-16 14:31 - 2013-12-16 14:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\iTunes
2013-12-16 14:31 - 2013-04-10 15:48 - 00000000 ____D C:\Program Files\iTunes
2013-12-16 14:31 - 2013-04-10 15:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-16 14:30 - 2013-04-10 15:48 - 00000000 ____D C:\Program Files\iPod
2013-12-16 12:18 - 2013-12-16 12:17 - 02208150 _____ C:\Documents and Settings\lenka\Plocha\v.bmp
2013-12-13 19:27 - 2013-12-13 19:27 - 02107470 _____ C:\Documents and Settings\lenka\Plocha\cc.bmp
2013-12-13 19:15 - 2013-12-13 19:15 - 00000305 _____ C:\Documents and Settings\lenka\Plocha\CSOB_1020462040_13.12.2013.txt
2013-12-11 16:12 - 2012-04-10 16:56 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 16:12 - 2012-01-14 18:23 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-10 19:56 - 2013-12-10 19:56 - 00272384 _____ C:\Documents and Settings\lenka\Plocha\pf2014.mix

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-03-02 13:00] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2006-03-02 13:00] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2006-03-02 13:00] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2006-03-02 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2006-03-02 13:00] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2006-03-02 13:00] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\rpcss.dll
[2006-03-02 13:00] - [2009-02-09 11:56] - 0401408 ____A (Microsoft Corporation) be27674d1cbc3214aec84b4336a38bbf

C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 13:00] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (SYSTEM XP) (Fixed) (Total:97.65 GB) (Free:31.22 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (SKLAD XP) (Fixed) (Total:368.1 GB) (Free:4.85 GB) NTFS
Drive f: (SYSTEM 7) (Fixed) (Total:244.14 GB) (Free:227.47 GB) NTFS
Drive g: () (Removable) (Total:1.88 GB) (Free:1.36 GB) FAT
Drive h: (STORE) (Fixed) (Total:454.49 GB) (Free:453.58 GB) NTFS

Available physical RAM: 1056 MB
Total physical RAM: 2013.04 MB
Percentage of memory in use: 47%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 466 GB) (Disk ID: 0D7649D2)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 03FE03FD)
Partition 1: (Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
Disk: 2 (Size: 2 GB) (Disk ID: 9F206B73)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\lenka\Plocha" je 4277 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\TRANSLAT\\WEBTRANS.EXE"="C:\\TRANSLAT\\WEBTRANS.EXE:*:Enabled:WebTrans"
"C:\\Program Files\\BitTorrent\\BitTorrent.exe"="C:\\Program Files\\BitTorrent\\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe"="C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"C:\\Program Files\\Common Files\\soft602\\langserv.exe"="C:\\Program Files\\Common Files\\soft602\\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\\Program Files\\DC++\\DCPlusPlus.exe"="C:\\Program Files\\DC++\\DCPlusPlus.exe:*:Enabled:DC++"
"C:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"="C:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4662:TCP"="4662:TCP:*:Enabled:emule1"
"4672:TCP"="4672:TCP:*:Enabled:emule2"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **Rudy** » 05 led 2014 18:28

Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKCU - {9D86B43F-3BBB-46F6-9AAD-C1440A275C9C} URL = http://www.mysearchresults.com/search?c ... earchTerms}
Toolbar: HKLM - Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
CHR DefaultNewTabURL:
U1 WS2IFSL;
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

joj · #5 Příspěvek od **joj** » 05 led 2014 18:37

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-01-2014
Ran by lenka at 2014-01-05 18:37:10 Run:1
Running from C:\Documents and Settings\lenka\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
SearchScopes: HKCU - {9D86B43F-3BBB-46F6-9AAD-C1440A275C9C} URL = http://www.mysearchresults.com/search?c ... earchTerms}
Toolbar: HKLM - Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\lenka\Data aplikací\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
CHR DefaultNewTabURL:
U1 WS2IFSL;
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End

*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D86B43F-3BBB-46F6-9AAD-C1440A275C9C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9D86B43F-3BBB-46F6-9AAD-C1440A275C9C} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} => Value deleted successfully.
HKCR\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01 ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms} ==> The Chrome "Settings" can be used to fix the entry.
WS2IFSL => Service deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

==== End of Fixlog ====

#6 Příspěvek od **Rudy** » 05 led 2014 18:38

Smazáno, log je již OK.

joj · #7 Příspěvek od **joj** » 05 led 2014 21:33

Díky moc. Prosím ještě o radu. Místo domovské stránky www.seznam.cz se mi tam pořád cpe http://www.mysearchresults.com/?c=3523&t=01.

#8 Příspěvek od **Rudy** » 05 led 2014 21:55

Zkuste spustit Junkware removal tool:

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

joj · #9 Příspěvek od **joj** » 05 led 2014 22:12

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Microsoft Windows XP x86
Ran by lenka on ne 05.01.2014 at 22:03:07,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] defaulttabsearch
Successfully deleted: [Service] defaulttabsearch
Successfully stopped: [Service] defaulttabupdate
Successfully deleted: [Service] defaulttabupdate

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1957994488-764733703-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1957994488-764733703-839522115-1003\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\lenka\Data aplikacˇ\defaulttab"
Successfully deleted: [Folder] "C:\Documents and Settings\lenka\Data aplikacˇ\systweak"
Successfully deleted: [Folder] "C:\Program Files\defaulttab"
Successfully deleted: [Folder] "C:\Program Files\ytd"

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\lenka\Data aplikacˇ\mozilla\firefox\profiles\2eoj0vf2.default\extensions\addon@defaulttab.com.xpi
Successfully deleted: [Folder] C:\Documents and Settings\lenka\Data aplikacˇ\mozilla\firefox\profiles\2eoj0vf2.default\extensions\staged
Successfully deleted: [Folder] C:\Documents and Settings\lenka\Data aplikacˇ\mozilla\firefox\profiles\2eoj0vf2.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 05.01.2014 at 22:11:11,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 Příspěvek od **Rudy** » 05 led 2014 22:13

Něco smazal. Nastala nějaká změna?

joj · #11 Příspěvek od **joj** » 05 led 2014 22:24

Vypadá to OK.

Díky moc, máte můj obdiv.

#12 Příspěvek od **Rudy** » 05 led 2014 22:44

Nemáte zač!

VIRY.CZ

Prosím o kontrolu - díky

Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky

Re: Prosím o kontrolu - díky