Zdravím. Mám problém s PC a to takový: Pomalé načítání WinXP, při uplném načtení lze pracovat s minimálním spomalením zhruba 5 minut. Po těhle 5 min. začne system postupně spomalovat a nabírá vysokou odezvu, až s PC nelze pracovat, ani jej vypnout. Přitom ale procesor pracuje na 1-5% a paměti také těměř nepracují.
Při spuštění správce uloh -> výkon pomalu stoupá strankovací pamět od cca 500 MB -> 820-850 MB poté se zastaví na hodnotě 850 MB.
Přikládám log z HijakkThis.
Předem děkuji za odpověď.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:10:58, on 11.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SiteRanker] "C:\Program Files\SiteRanker\SiteRankTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://buttons.videodownloadconverter.c ... 11009&cv=3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Přizpůsobit Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Uložit formuláře - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3372114873
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=722
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Dicter Service (DicterUpdateService) - Zeyfman Genady - C:\Program Files\Dicter\DicterService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files\Overwolf\OverwolfUpdater.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
--
End of file - 12580 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Postupné spomalování PC při malém vytížení CPU/RAM
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Přikládám scan FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-01-2014 02
Ran by Tonda (administrator) on HAL3000 on 11-01-2014 18:23:43
Running from C:\Documents and Settings\Tonda\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16062464 2006-12-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\Alcmtr.exe [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SiteRanker] - C:\Program Files\SiteRanker\SiteRankTray.exe [1059328 2013-09-29] (Crawler, LLC)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-09-03] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [VideoDownloadConverter Search Scope Monitor] - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe [44784 2013-12-04] (MindSpark)
HKLM\...\Run: [VideoDownloadConverter_4z Browser Plugin Loader] - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe [30096 2013-12-04] (VER_COMPANY_NAME)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [802136 2013-05-02] (BitTorrent Inc.)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-06-01] (Google Inc.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKCU\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
MountPoints2: {10ba435c-a1bd-11df-8099-00179a7c520a} - M:\Axesstel_Setup.exe
MountPoints2: {a000572f-02e5-11e1-82b5-00179a7c520a} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {a51d69a5-b414-11e2-8752-00179a7c520a} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKCU - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {16739F36-09BF-406E-A3BF-C37B78D51DD4} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://safesearchr.lavasoft.com/?source ... earchTerms}
SearchScopes: HKCU - {7B1BAE25-CACB-447D-899C-845B4C598268} URL = http://websearch.ask.com/redirect?clien ... 1B42517190
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - VideoDownloadConverter - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=722
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default
FF user.js: detected! => C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\user.js
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @IObit.com/np_Asc_Plugin - C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Documents and Settings\Tonda\Data aplikací\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=8 - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npfiller.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: VideoDownloadConverter - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2013-12-08]
FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\ascsurfingprotection@iobit.com [2014-01-09]
FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\DTToolbar@toolbarnet.com [2011-04-24]
FF Extension: Conduit Engine - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\engine@conduit.com [2011-03-22]
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-18]
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\LogMeInClient@logmein.com [2013-06-22]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-08-26]
FF Extension: ST-Eng7 - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} [2013-12-13]
FF Extension: uTorrentBar Community Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09]
FF Extension: Seznam lištička - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-03-29]
FF Extension: ImTranslator - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-04-08]
FF Extension: 602XML Filler - C:\Program Files\Mozilla Firefox\extensions\xmlfiller@software602.cz [2013-12-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-22]
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files\SiteRanker\firefox\ []
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-02-16]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-03]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR RestoreOnStartup: "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F020B6AEAAABAE77EC50F950F922A64F"
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Facebook Plugin) - C:\Documents and Settings\Tonda\Data aplikac\u00ED\Facebook\npfbplugin_1_0_3.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Google Update) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll No File
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Extension: (SiteRanker) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dgldkplledicnbnnliodeffobaiaodaf\1.0.0.0_0
CHR Extension: (AdBlock) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (RealDownloader) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\Tonda\LOCALS~1\Temp\crx5F.tmp
CHR HKLM\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files\SiteRanker\Chrome\siterank_c.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\Documents and Settings\All Users\Data aplikací\adawaretb\shortcuts\chrome\adawaretb.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePluginFor6.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
S2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.)
S2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
S2 DicterUpdateService; C:\Program Files\Dicter\DicterService.exe [938496 2011-11-30] (Zeyfman Genady)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] ()
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S2 VideoDownloadConverter_4zService; C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [44752 2013-12-04] (COMPANYVERS_NAME)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S3 ServiceLayer; "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 A3AB; C:\Windows\System32\DRIVERS\A3AB.sys [450400 2005-06-16] (D-Link Corporation)
S1 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] ()
S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel)
S3 brfilt; C:\Windows\System32\Drivers\Brfilt.sys [2944 2001-08-17] (Brother Industries Ltd.)
S3 BrUsbScn; C:\Windows\System32\Drivers\BrUsbScn.sys [10368 2001-08-17] (Brother Industries Ltd.)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-02-16] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-01-18] (GFI Software)
S3 mf; C:\Windows\System32\DRIVERS\mf.sys [63744 2008-04-14] (Microsoft Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NSNDIS5; C:\WINDOWS\system32\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-12-06] ()
S1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [12344 2009-09-17] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [18232 2009-09-17] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [14392 2009-09-17] (NETGATE Technologies s.r.o.)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
U3 a5lzo463; C:\Windows\System32\Drivers\a5lzo463.sys [0 ] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-11 14:04 - 2014-01-11 14:04 - 00015327 _____ C:\Documents and Settings\Tonda\Plocha\LM.bat
2014-01-11 14:03 - 2014-01-11 18:24 - 00033031 _____ C:\Documents and Settings\Tonda\Plocha\FRST.txt
2014-01-11 14:03 - 2014-01-11 14:05 - 00051193 _____ C:\Documents and Settings\Tonda\Plocha\FRSTsss.txt
2014-01-11 14:02 - 2014-01-11 14:02 - 00000000 ____D C:\FRST
2014-01-11 13:09 - 2014-01-11 13:09 - 01220096 _____ (Farbar) C:\Documents and Settings\Tonda\Plocha\FRST.exe
2014-01-11 13:09 - 2014-01-11 13:09 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Tonda\Plocha\FRSTLauncher.exe
2014-01-11 11:09 - 2014-01-11 11:18 - 00000000 ____D C:\Program Files\HijackThis
2014-01-09 17:01 - 2014-01-09 17:01 - 00000872 _____ C:\Documents and Settings\All Users\Plocha\IObit Uninstaller.lnk
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 17:00 - 2014-01-09 17:13 - 00001852 _____ C:\Documents and Settings\All Users\Plocha\Advanced SystemCare 7.lnk
2014-01-09 16:59 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\IObit
2014-01-09 16:59 - 2014-01-09 17:00 - 00000000 ____D C:\Program Files\IObit
2014-01-09 16:59 - 2014-01-09 16:59 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\IObit
2014-01-09 16:47 - 2014-01-09 16:47 - 02377536 _____ (IObit) C:\Documents and Settings\Tonda\Dokumenty\advanced-system-care-installer.exe
2014-01-09 16:37 - 2014-01-10 18:19 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-09 16:29 - 2014-01-09 16:29 - 00000060 _____ C:\WINDOWS\setupact.log
2014-01-09 16:29 - 2014-01-09 16:29 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní síť
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Oblíbené položky
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft Help
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty
2014-01-09 16:02 - 2014-01-09 16:02 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2014-01-09 16:01 - 2014-01-09 16:27 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2014-01-09 16:01 - 2014-01-09 16:27 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2014-01-09 16:01 - 2014-01-09 16:06 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2014-01-09 16:01 - 2014-01-09 16:06 - 00000000 ___HD C:\Documents and Settings\Administrator\Šablony
2014-01-09 16:01 - 2014-01-09 16:06 - 00000000 ____D C:\Documents and Settings\Administrator
2014-01-09 16:01 - 2010-12-03 02:12 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2014-01-09 16:01 - 2008-10-07 15:45 - 00001599 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2014-01-06 19:21 - 2014-01-06 22:05 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\.minecraft
2014-01-03 15:28 - 2014-01-03 15:28 - 00177152 _____ C:\Documents and Settings\Tonda\Plocha\DzNEM13_z.xls
2013-12-26 16:10 - 2013-12-26 16:11 - 30992256 _____ C:\Documents and Settings\Tonda\Plocha\TomTomHOME2winlatest.exe
2013-12-25 14:18 - 2013-12-25 14:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-12-23 17:35 - 2013-12-23 17:35 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\Games for Windows - LIVE Demos
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\WINDOWS\system32\xlive
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\Program Files\Microsoft Games for Windows - LIVE
2013-12-22 21:12 - 2013-12-22 21:12 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\My Games
2013-12-22 21:11 - 2013-12-22 21:11 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\CDWLauncher
2013-12-20 16:45 - 2013-12-20 16:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-15 22:23 - 2013-12-26 20:14 - 00000000 ____D C:\Documents and Settings\Tonda\Plocha\Skodni udalost
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
==================== One Month Modified Files and Folders =======
2014-01-11 18:24 - 2014-01-11 14:03 - 00033031 _____ C:\Documents and Settings\Tonda\Plocha\FRST.txt
2014-01-11 18:23 - 2009-10-27 18:43 - 00000000 ____D C:\Documents and Settings\Tonda\Plocha
2014-01-11 18:21 - 2008-04-14 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-11 18:04 - 2009-10-27 18:43 - 00000178 ___SH C:\Documents and Settings\Tonda\ntuser.ini
2014-01-11 18:04 - 2008-10-07 15:44 - 01573913 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-11 14:06 - 2009-10-27 18:43 - 00000000 ___HD C:\Documents and Settings\Tonda\Local Settings\Data aplikací
2014-01-11 14:05 - 2014-01-11 14:03 - 00051193 _____ C:\Documents and Settings\Tonda\Plocha\FRSTsss.txt
2014-01-11 14:04 - 2014-01-11 14:04 - 00015327 _____ C:\Documents and Settings\Tonda\Plocha\LM.bat
2014-01-11 14:02 - 2014-01-11 14:02 - 00000000 ____D C:\FRST
2014-01-11 13:09 - 2014-01-11 13:09 - 01220096 _____ (Farbar) C:\Documents and Settings\Tonda\Plocha\FRST.exe
2014-01-11 13:09 - 2014-01-11 13:09 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Tonda\Plocha\FRSTLauncher.exe
2014-01-11 11:18 - 2014-01-11 11:09 - 00000000 ____D C:\Program Files\HijackThis
2014-01-11 00:07 - 2011-03-17 14:26 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-10 18:19 - 2014-01-09 16:37 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-10 18:16 - 2009-11-13 20:10 - 00003227 _____ C:\WINDOWS\wincmd.ini
2014-01-10 18:06 - 2011-11-06 12:56 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\uTorrent
2014-01-10 18:04 - 2012-10-29 12:31 - 00000000 ____D C:\Program Files\SiteRanker
2014-01-10 18:03 - 2008-10-07 17:29 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-10 18:03 - 2008-10-07 17:29 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-10 18:02 - 2013-11-20 14:26 - 00000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-10 18:02 - 2012-07-06 00:29 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-10 18:02 - 2012-05-19 16:27 - 00000278 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-10 18:02 - 2009-12-08 14:30 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 18:02 - 2008-10-07 15:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-09 17:42 - 2012-04-28 09:22 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-09 17:18 - 2008-10-07 17:19 - 01135606 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-09 17:13 - 2014-01-09 17:00 - 00001852 _____ C:\Documents and Settings\All Users\Plocha\Advanced SystemCare 7.lnk
2014-01-09 17:01 - 2014-01-09 17:01 - 00000872 _____ C:\Documents and Settings\All Users\Plocha\IObit Uninstaller.lnk
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 17:01 - 2014-01-09 16:59 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\IObit
2014-01-09 17:01 - 2009-10-27 18:43 - 00000000 ___HD C:\Documents and Settings\Tonda\Šablony
2014-01-09 17:01 - 2009-10-27 18:43 - 00000000 ____D C:\Documents and Settings\Tonda
2014-01-09 17:01 - 2008-10-07 17:19 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-01-09 17:01 - 2008-10-07 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2014-01-09 17:00 - 2014-01-09 16:59 - 00000000 ____D C:\Program Files\IObit
2014-01-09 16:59 - 2014-01-09 16:59 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\IObit
2014-01-09 16:59 - 2009-10-27 18:43 - 00000000 __RHD C:\Documents and Settings\Tonda\Data aplikací
2014-01-09 16:59 - 2008-10-07 17:17 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2014-01-09 16:48 - 2013-11-12 18:40 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\Kuba
2014-01-09 16:47 - 2014-01-09 16:47 - 02377536 _____ (IObit) C:\Documents and Settings\Tonda\Dokumenty\advanced-system-care-installer.exe
2014-01-09 16:47 - 2009-10-27 18:43 - 00000000 ___RD C:\Documents and Settings\Tonda\Dokumenty
2014-01-09 16:29 - 2014-01-09 16:29 - 00000060 _____ C:\WINDOWS\setupact.log
2014-01-09 16:29 - 2014-01-09 16:29 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-09 16:27 - 2014-01-09 16:01 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2014-01-09 16:27 - 2014-01-09 16:01 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2014-01-09 16:13 - 2009-12-08 14:30 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní síť
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Oblíbené položky
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft Help
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty
2014-01-09 16:07 - 2011-09-30 06:54 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\Opera
2014-01-09 16:06 - 2014-01-09 16:01 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2014-01-09 16:06 - 2014-01-09 16:01 - 00000000 ___HD C:\Documents and Settings\Administrator\Šablony
2014-01-09 16:06 - 2014-01-09 16:01 - 00000000 ____D C:\Documents and Settings\Administrator
2014-01-09 16:06 - 2011-09-30 06:54 - 00000000 ____D C:\Program Files\Opera
2014-01-09 16:02 - 2014-01-09 16:02 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2014-01-09 14:59 - 2010-08-12 16:18 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job
2014-01-09 14:59 - 2008-10-07 15:55 - 00032266 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-08 23:12 - 2010-10-11 17:03 - 00000000 ____D C:\Program Files\Steam
2014-01-08 23:11 - 2009-11-13 21:29 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\Skype
2014-01-08 22:41 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
2014-01-08 22:35 - 2012-02-07 13:25 - 00001046 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job
2014-01-08 16:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
2014-01-08 15:49 - 2013-03-30 18:12 - 00000286 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-08 15:05 - 2013-09-30 13:46 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\PMB Files
2014-01-07 22:10 - 2013-09-30 13:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\PMB Files
2014-01-06 22:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-01-06 22:05 - 2014-01-06 19:21 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\.minecraft
2014-01-06 15:46 - 2012-10-29 12:31 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\SiteRanker
2014-01-06 05:59 - 2010-08-12 16:18 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
2014-01-06 04:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
2014-01-06 01:35 - 2012-02-07 13:25 - 00001024 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
2014-01-05 10:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
2014-01-04 17:27 - 2012-05-19 16:27 - 00000286 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-03 15:28 - 2014-01-03 15:28 - 00177152 _____ C:\Documents and Settings\Tonda\Plocha\DzNEM13_z.xls
2013-12-26 20:14 - 2013-12-15 22:23 - 00000000 ____D C:\Documents and Settings\Tonda\Plocha\Skodni udalost
2013-12-26 16:11 - 2013-12-26 16:10 - 30992256 _____ C:\Documents and Settings\Tonda\Plocha\TomTomHOME2winlatest.exe
2013-12-26 15:43 - 2011-07-31 17:11 - 00000000 ____D C:\tomtom
2013-12-26 15:00 - 2013-09-20 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\TomTom
2013-12-26 15:00 - 2009-11-23 18:06 - 00000000 ____D C:\Program Files\TomTom HOME 2
2013-12-26 14:55 - 2012-04-28 09:27 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Downloaded Installations
2013-12-25 14:18 - 2013-12-25 14:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-12-25 09:55 - 2012-05-09 19:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-23 17:35 - 2013-12-23 17:35 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\Games for Windows - LIVE Demos
2013-12-23 17:35 - 2009-11-20 16:33 - 00000000 ___RD C:\Documents and Settings\Tonda\Dokumenty\Filmy
2013-12-23 17:32 - 2008-10-07 15:43 - 00000000 ____D C:\WINDOWS\system32\DirectX
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\WINDOWS\system32\xlive
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\Program Files\Microsoft Games for Windows - LIVE
2013-12-23 17:17 - 2008-10-07 17:19 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-23 03:41 - 2009-12-09 14:45 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-22 21:12 - 2013-12-22 21:12 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\My Games
2013-12-22 21:11 - 2013-12-22 21:11 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\CDWLauncher
2013-12-20 16:46 - 2013-12-20 16:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:30 - 2008-04-14 13:00 - 00000654 _____ C:\WINDOWS\win.ini
2013-12-17 08:47 - 2009-11-13 20:22 - 00002563 _____ C:\Documents and Settings\Tonda\Plocha\Microsoft Office Word 2007.lnk
2013-12-15 13:14 - 2009-10-30 07:14 - 00000423 _____ C:\WINDOWS\brwmark.ini
2013-12-12 15:52 - 2008-10-07 15:56 - 00000178 ___SH C:\Documents and Settings\tester\ntuser.ini
2013-12-12 15:52 - 2008-10-07 15:56 - 00000000 ____D C:\Documents and Settings\tester
2013-12-12 03:23 - 2008-10-07 17:17 - 00366504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 03:07 - 2008-10-07 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 03:06 - 2009-10-27 19:59 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-12 03:06 - 2008-10-07 10:50 - 00265508 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 03:05 - 2013-08-15 02:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 03:02 - 2008-10-07 10:47 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
Some content of TEMP:
====================
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-715705c5.exe
C:\Documents and Settings\tester\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\Tonda\Local Settings\Temp\Resource_AcceptRate.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\Resource_Toolbar.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2008-04-14 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2008-04-14 13:00] - [2008-04-14 13:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 13:00] - [2008-04-14 13:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-01-2014 02
Ran by Tonda (administrator) on HAL3000 on 11-01-2014 18:23:43
Running from C:\Documents and Settings\Tonda\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16062464 2006-12-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\Alcmtr.exe [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SiteRanker] - C:\Program Files\SiteRanker\SiteRankTray.exe [1059328 2013-09-29] (Crawler, LLC)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-09-03] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [VideoDownloadConverter Search Scope Monitor] - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe [44784 2013-12-04] (MindSpark)
HKLM\...\Run: [VideoDownloadConverter_4z Browser Plugin Loader] - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe [30096 2013-12-04] (VER_COMPANY_NAME)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [802136 2013-05-02] (BitTorrent Inc.)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-06-01] (Google Inc.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKCU\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
MountPoints2: {10ba435c-a1bd-11df-8099-00179a7c520a} - M:\Axesstel_Setup.exe
MountPoints2: {a000572f-02e5-11e1-82b5-00179a7c520a} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {a51d69a5-b414-11e2-8752-00179a7c520a} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKCU - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {16739F36-09BF-406E-A3BF-C37B78D51DD4} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://safesearchr.lavasoft.com/?source ... earchTerms}
SearchScopes: HKCU - {7B1BAE25-CACB-447D-899C-845B4C598268} URL = http://websearch.ask.com/redirect?clien ... 1B42517190
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - VideoDownloadConverter - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=722
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default
FF user.js: detected! => C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\user.js
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @IObit.com/np_Asc_Plugin - C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Documents and Settings\Tonda\Data aplikací\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=8 - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npfiller.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: VideoDownloadConverter - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2013-12-08]
FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\ascsurfingprotection@iobit.com [2014-01-09]
FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\DTToolbar@toolbarnet.com [2011-04-24]
FF Extension: Conduit Engine - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\engine@conduit.com [2011-03-22]
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-18]
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\LogMeInClient@logmein.com [2013-06-22]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-08-26]
FF Extension: ST-Eng7 - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} [2013-12-13]
FF Extension: uTorrentBar Community Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09]
FF Extension: Seznam lištička - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-03-29]
FF Extension: ImTranslator - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-04-08]
FF Extension: 602XML Filler - C:\Program Files\Mozilla Firefox\extensions\xmlfiller@software602.cz [2013-12-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-22]
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files\SiteRanker\firefox\ []
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-02-16]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-03]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR RestoreOnStartup: "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F020B6AEAAABAE77EC50F950F922A64F"
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\Documents and Settings\All Users\Data aplikac\u00ED\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Facebook Plugin) - C:\Documents and Settings\Tonda\Data aplikac\u00ED\Facebook\npfbplugin_1_0_3.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Google Update) - C:\Documents and Settings\Tonda\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll No File
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Extension: (SiteRanker) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dgldkplledicnbnnliodeffobaiaodaf\1.0.0.0_0
CHR Extension: (AdBlock) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (RealDownloader) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\Tonda\LOCALS~1\Temp\crx5F.tmp
CHR HKLM\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files\SiteRanker\Chrome\siterank_c.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\Documents and Settings\All Users\Data aplikací\adawaretb\shortcuts\chrome\adawaretb.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePluginFor6.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
S2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.)
S2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
S2 DicterUpdateService; C:\Program Files\Dicter\DicterService.exe [938496 2011-11-30] (Zeyfman Genady)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] ()
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S2 VideoDownloadConverter_4zService; C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [44752 2013-12-04] (COMPANYVERS_NAME)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S3 ServiceLayer; "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 A3AB; C:\Windows\System32\DRIVERS\A3AB.sys [450400 2005-06-16] (D-Link Corporation)
S1 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] ()
S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel)
S3 brfilt; C:\Windows\System32\Drivers\Brfilt.sys [2944 2001-08-17] (Brother Industries Ltd.)
S3 BrUsbScn; C:\Windows\System32\Drivers\BrUsbScn.sys [10368 2001-08-17] (Brother Industries Ltd.)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-02-16] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-01-18] (GFI Software)
S3 mf; C:\Windows\System32\DRIVERS\mf.sys [63744 2008-04-14] (Microsoft Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NSNDIS5; C:\WINDOWS\system32\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-12-06] ()
S1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [12344 2009-09-17] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [18232 2009-09-17] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [14392 2009-09-17] (NETGATE Technologies s.r.o.)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
U3 a5lzo463; C:\Windows\System32\Drivers\a5lzo463.sys [0 ] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-11 14:04 - 2014-01-11 14:04 - 00015327 _____ C:\Documents and Settings\Tonda\Plocha\LM.bat
2014-01-11 14:03 - 2014-01-11 18:24 - 00033031 _____ C:\Documents and Settings\Tonda\Plocha\FRST.txt
2014-01-11 14:03 - 2014-01-11 14:05 - 00051193 _____ C:\Documents and Settings\Tonda\Plocha\FRSTsss.txt
2014-01-11 14:02 - 2014-01-11 14:02 - 00000000 ____D C:\FRST
2014-01-11 13:09 - 2014-01-11 13:09 - 01220096 _____ (Farbar) C:\Documents and Settings\Tonda\Plocha\FRST.exe
2014-01-11 13:09 - 2014-01-11 13:09 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Tonda\Plocha\FRSTLauncher.exe
2014-01-11 11:09 - 2014-01-11 11:18 - 00000000 ____D C:\Program Files\HijackThis
2014-01-09 17:01 - 2014-01-09 17:01 - 00000872 _____ C:\Documents and Settings\All Users\Plocha\IObit Uninstaller.lnk
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 17:00 - 2014-01-09 17:13 - 00001852 _____ C:\Documents and Settings\All Users\Plocha\Advanced SystemCare 7.lnk
2014-01-09 16:59 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\IObit
2014-01-09 16:59 - 2014-01-09 17:00 - 00000000 ____D C:\Program Files\IObit
2014-01-09 16:59 - 2014-01-09 16:59 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\IObit
2014-01-09 16:47 - 2014-01-09 16:47 - 02377536 _____ (IObit) C:\Documents and Settings\Tonda\Dokumenty\advanced-system-care-installer.exe
2014-01-09 16:37 - 2014-01-10 18:19 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-09 16:29 - 2014-01-09 16:29 - 00000060 _____ C:\WINDOWS\setupact.log
2014-01-09 16:29 - 2014-01-09 16:29 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní síť
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Oblíbené položky
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft Help
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty
2014-01-09 16:02 - 2014-01-09 16:02 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2014-01-09 16:01 - 2014-01-09 16:27 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2014-01-09 16:01 - 2014-01-09 16:27 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2014-01-09 16:01 - 2014-01-09 16:06 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2014-01-09 16:01 - 2014-01-09 16:06 - 00000000 ___HD C:\Documents and Settings\Administrator\Šablony
2014-01-09 16:01 - 2014-01-09 16:06 - 00000000 ____D C:\Documents and Settings\Administrator
2014-01-09 16:01 - 2010-12-03 02:12 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2014-01-09 16:01 - 2008-10-07 15:45 - 00001599 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2014-01-06 19:21 - 2014-01-06 22:05 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\.minecraft
2014-01-03 15:28 - 2014-01-03 15:28 - 00177152 _____ C:\Documents and Settings\Tonda\Plocha\DzNEM13_z.xls
2013-12-26 16:10 - 2013-12-26 16:11 - 30992256 _____ C:\Documents and Settings\Tonda\Plocha\TomTomHOME2winlatest.exe
2013-12-25 14:18 - 2013-12-25 14:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-12-23 17:35 - 2013-12-23 17:35 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\Games for Windows - LIVE Demos
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\WINDOWS\system32\xlive
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\Program Files\Microsoft Games for Windows - LIVE
2013-12-22 21:12 - 2013-12-22 21:12 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\My Games
2013-12-22 21:11 - 2013-12-22 21:11 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\CDWLauncher
2013-12-20 16:45 - 2013-12-20 16:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-15 22:23 - 2013-12-26 20:14 - 00000000 ____D C:\Documents and Settings\Tonda\Plocha\Skodni udalost
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
==================== One Month Modified Files and Folders =======
2014-01-11 18:24 - 2014-01-11 14:03 - 00033031 _____ C:\Documents and Settings\Tonda\Plocha\FRST.txt
2014-01-11 18:23 - 2009-10-27 18:43 - 00000000 ____D C:\Documents and Settings\Tonda\Plocha
2014-01-11 18:21 - 2008-04-14 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-11 18:04 - 2009-10-27 18:43 - 00000178 ___SH C:\Documents and Settings\Tonda\ntuser.ini
2014-01-11 18:04 - 2008-10-07 15:44 - 01573913 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-11 14:06 - 2009-10-27 18:43 - 00000000 ___HD C:\Documents and Settings\Tonda\Local Settings\Data aplikací
2014-01-11 14:05 - 2014-01-11 14:03 - 00051193 _____ C:\Documents and Settings\Tonda\Plocha\FRSTsss.txt
2014-01-11 14:04 - 2014-01-11 14:04 - 00015327 _____ C:\Documents and Settings\Tonda\Plocha\LM.bat
2014-01-11 14:02 - 2014-01-11 14:02 - 00000000 ____D C:\FRST
2014-01-11 13:09 - 2014-01-11 13:09 - 01220096 _____ (Farbar) C:\Documents and Settings\Tonda\Plocha\FRST.exe
2014-01-11 13:09 - 2014-01-11 13:09 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Tonda\Plocha\FRSTLauncher.exe
2014-01-11 11:18 - 2014-01-11 11:09 - 00000000 ____D C:\Program Files\HijackThis
2014-01-11 00:07 - 2011-03-17 14:26 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-10 18:19 - 2014-01-09 16:37 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-10 18:16 - 2009-11-13 20:10 - 00003227 _____ C:\WINDOWS\wincmd.ini
2014-01-10 18:06 - 2011-11-06 12:56 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\uTorrent
2014-01-10 18:04 - 2012-10-29 12:31 - 00000000 ____D C:\Program Files\SiteRanker
2014-01-10 18:03 - 2008-10-07 17:29 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-10 18:03 - 2008-10-07 17:29 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-10 18:02 - 2013-11-20 14:26 - 00000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-10 18:02 - 2012-07-06 00:29 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-10 18:02 - 2012-05-19 16:27 - 00000278 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-10 18:02 - 2009-12-08 14:30 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 18:02 - 2008-10-07 15:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-09 17:42 - 2012-04-28 09:22 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-09 17:18 - 2008-10-07 17:19 - 01135606 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-09 17:13 - 2014-01-09 17:00 - 00001852 _____ C:\Documents and Settings\All Users\Plocha\Advanced SystemCare 7.lnk
2014-01-09 17:01 - 2014-01-09 17:01 - 00000872 _____ C:\Documents and Settings\All Users\Plocha\IObit Uninstaller.lnk
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-01-09 17:01 - 2014-01-09 17:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 17:01 - 2014-01-09 16:59 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\IObit
2014-01-09 17:01 - 2009-10-27 18:43 - 00000000 ___HD C:\Documents and Settings\Tonda\Šablony
2014-01-09 17:01 - 2009-10-27 18:43 - 00000000 ____D C:\Documents and Settings\Tonda
2014-01-09 17:01 - 2008-10-07 17:19 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-01-09 17:01 - 2008-10-07 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2014-01-09 17:00 - 2014-01-09 16:59 - 00000000 ____D C:\Program Files\IObit
2014-01-09 16:59 - 2014-01-09 16:59 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\IObit
2014-01-09 16:59 - 2009-10-27 18:43 - 00000000 __RHD C:\Documents and Settings\Tonda\Data aplikací
2014-01-09 16:59 - 2008-10-07 17:17 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2014-01-09 16:48 - 2013-11-12 18:40 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\Kuba
2014-01-09 16:47 - 2014-01-09 16:47 - 02377536 _____ (IObit) C:\Documents and Settings\Tonda\Dokumenty\advanced-system-care-installer.exe
2014-01-09 16:47 - 2009-10-27 18:43 - 00000000 ___RD C:\Documents and Settings\Tonda\Dokumenty
2014-01-09 16:29 - 2014-01-09 16:29 - 00000060 _____ C:\WINDOWS\setupact.log
2014-01-09 16:29 - 2014-01-09 16:29 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-09 16:27 - 2014-01-09 16:01 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2014-01-09 16:27 - 2014-01-09 16:01 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2014-01-09 16:13 - 2009-12-08 14:30 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní síť
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Oblíbené položky
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft Help
2014-01-09 16:07 - 2014-01-09 16:07 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty
2014-01-09 16:07 - 2011-09-30 06:54 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\Opera
2014-01-09 16:06 - 2014-01-09 16:01 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2014-01-09 16:06 - 2014-01-09 16:01 - 00000000 ___HD C:\Documents and Settings\Administrator\Šablony
2014-01-09 16:06 - 2014-01-09 16:01 - 00000000 ____D C:\Documents and Settings\Administrator
2014-01-09 16:06 - 2011-09-30 06:54 - 00000000 ____D C:\Program Files\Opera
2014-01-09 16:02 - 2014-01-09 16:02 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2014-01-09 14:59 - 2010-08-12 16:18 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job
2014-01-09 14:59 - 2008-10-07 15:55 - 00032266 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-08 23:12 - 2010-10-11 17:03 - 00000000 ____D C:\Program Files\Steam
2014-01-08 23:11 - 2009-11-13 21:29 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\Skype
2014-01-08 22:41 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
2014-01-08 22:35 - 2012-02-07 13:25 - 00001046 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job
2014-01-08 16:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
2014-01-08 15:49 - 2013-03-30 18:12 - 00000286 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-08 15:05 - 2013-09-30 13:46 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\PMB Files
2014-01-07 22:10 - 2013-09-30 13:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\PMB Files
2014-01-06 22:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-01-06 22:05 - 2014-01-06 19:21 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\.minecraft
2014-01-06 15:46 - 2012-10-29 12:31 - 00000000 ____D C:\Documents and Settings\Tonda\Data aplikací\SiteRanker
2014-01-06 05:59 - 2010-08-12 16:18 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
2014-01-06 04:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
2014-01-06 01:35 - 2012-02-07 13:25 - 00001024 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
2014-01-05 10:37 - 2010-01-22 22:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
2014-01-04 17:27 - 2012-05-19 16:27 - 00000286 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
2014-01-03 15:28 - 2014-01-03 15:28 - 00177152 _____ C:\Documents and Settings\Tonda\Plocha\DzNEM13_z.xls
2013-12-26 20:14 - 2013-12-15 22:23 - 00000000 ____D C:\Documents and Settings\Tonda\Plocha\Skodni udalost
2013-12-26 16:11 - 2013-12-26 16:10 - 30992256 _____ C:\Documents and Settings\Tonda\Plocha\TomTomHOME2winlatest.exe
2013-12-26 15:43 - 2011-07-31 17:11 - 00000000 ____D C:\tomtom
2013-12-26 15:00 - 2013-09-20 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\TomTom
2013-12-26 15:00 - 2009-11-23 18:06 - 00000000 ____D C:\Program Files\TomTom HOME 2
2013-12-26 14:55 - 2012-04-28 09:27 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Downloaded Installations
2013-12-25 14:18 - 2013-12-25 14:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-12-25 09:55 - 2012-05-09 19:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-23 17:35 - 2013-12-23 17:35 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\Games for Windows - LIVE Demos
2013-12-23 17:35 - 2009-11-20 16:33 - 00000000 ___RD C:\Documents and Settings\Tonda\Dokumenty\Filmy
2013-12-23 17:32 - 2008-10-07 15:43 - 00000000 ____D C:\WINDOWS\system32\DirectX
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\WINDOWS\system32\xlive
2013-12-23 17:17 - 2013-12-23 17:17 - 00000000 ____D C:\Program Files\Microsoft Games for Windows - LIVE
2013-12-23 17:17 - 2008-10-07 17:19 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-23 03:41 - 2009-12-09 14:45 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-22 21:12 - 2013-12-22 21:12 - 00000000 ____D C:\Documents and Settings\Tonda\Dokumenty\My Games
2013-12-22 21:11 - 2013-12-22 21:11 - 00000000 ____D C:\Documents and Settings\Tonda\Local Settings\Data aplikací\CDWLauncher
2013-12-20 16:46 - 2013-12-20 16:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:30 - 2008-04-14 13:00 - 00000654 _____ C:\WINDOWS\win.ini
2013-12-17 08:47 - 2009-11-13 20:22 - 00002563 _____ C:\Documents and Settings\Tonda\Plocha\Microsoft Office Word 2007.lnk
2013-12-15 13:14 - 2009-10-30 07:14 - 00000423 _____ C:\WINDOWS\brwmark.ini
2013-12-12 15:52 - 2008-10-07 15:56 - 00000178 ___SH C:\Documents and Settings\tester\ntuser.ini
2013-12-12 15:52 - 2008-10-07 15:56 - 00000000 ____D C:\Documents and Settings\tester
2013-12-12 03:23 - 2008-10-07 17:17 - 00366504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 03:07 - 2008-10-07 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 03:06 - 2013-12-12 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 03:06 - 2009-10-27 19:59 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-12 03:06 - 2008-10-07 10:50 - 00265508 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 03:05 - 2013-08-15 02:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 03:02 - 2008-10-07 10:47 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
Some content of TEMP:
====================
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-715705c5.exe
C:\Documents and Settings\tester\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\Tonda\Local Settings\Temp\Resource_AcceptRate.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\Resource_Toolbar.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2008-04-14 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2008-04-14 13:00] - [2008-04-14 13:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 13:00] - [2008-04-14 13:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (8.12 KiB) Staženo 37 x
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update
MountPoints2: {10ba435c-a1bd-11df-8099-00179a7c520a} - M:\Axesstel_Setup.exe
MountPoints2: {a000572f-02e5-11e1-82b5-00179a7c520a} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {a51d69a5-b414-11e2-8752-00179a7c520a} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
RLSearchHook: HKCU - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://safesearchr.lavasoft.com/?source ... 922A64F&q={searchTerms}
SearchScopes: HKCU - {7B1BAE25-CACB-447D-899C-845B4C598268} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8E&apn_dtid=YYYYYYM4CZ&apn_uid=FCCAB4DF-9BA5-4472-A082-8AB81E7DD626&apn_sauid=9274C778-A85D-423B-BF47-1D1B42517190
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
C:\Program Files\SiteRanker
BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - VideoDownloadConverter - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
FF ProfilePath: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default
FF user.js: detected! => C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\user.js
FF SearchEngineOrder.1: Ask.com
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\DTToolbar@toolbarnet.com [2011-04-24]
FF Extension: Conduit Engine - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\engine@conduit.com [2011-03-22]
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-18]
FF Extension: uTorrentBar Community Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09]
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files\SiteRanker\firefox\ []
CHR RestoreOnStartup: "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F020B6AEAAABAE77EC50F950F922A64F"
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
C:\Documents and Settings\NetworkService\Local Settings\Temp
C:\Documents and Settings\tester\Local Settings\Temp
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-01-2014
Ran by Tonda at 2014-01-12 13:35:32 Run:1
Running from C:\Documents and Settings\Tonda\Plocha
Boot Mode: Safe Mode (with Networking)
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update
MountPoints2: {10ba435c-a1bd-11df-8099-00179a7c520a} - M:\Axesstel_Setup.exe
MountPoints2: {a000572f-02e5-11e1-82b5-00179a7c520a} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {a51d69a5-b414-11e2-8752-00179a7c520a} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
RLSearchHook: HKCU - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://safesearchr.lavasoft.com/?source ... 922A64F&q={searchTerms}
SearchScopes: HKCU - {7B1BAE25-CACB-447D-899C-845B4C598268} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8E&apn_dtid=YYYYYYM4CZ&apn_uid=FCCAB4DF-9BA5-4472-A082-8AB81E7DD626&apn_sauid=9274C778-A85D-423B-BF47-1D1B42517190
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
C:\Program Files\SiteRanker
BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - VideoDownloadConverter - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
FF ProfilePath: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default
FF user.js: detected! => C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\user.js
FF SearchEngineOrder.1: Ask.com
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\DTToolbar@toolbarnet.com [2011-04-24]
FF Extension: Conduit Engine - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\engine@conduit.com [2011-03-22]
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-18]
FF Extension: uTorrentBar Community Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09]
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files\SiteRanker\firefox\ []
CHR RestoreOnStartup: "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F020B6AEAAABAE77EC50F950F922A64F"
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
C:\Documents and Settings\NetworkService\Local Settings\Temp
C:\Documents and Settings\tester\Local Settings\Temp
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update => Moved successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10ba435c-a1bd-11df-8099-00179a7c520a} => Key deleted successfully.
HKCR\CLSID\{10ba435c-a1bd-11df-8099-00179a7c520a} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a000572f-02e5-11e1-82b5-00179a7c520a} => Key deleted successfully.
HKCR\CLSID\{a000572f-02e5-11e1-82b5-00179a7c520a} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a51d69a5-b414-11e2-8752-00179a7c520a} => Key deleted successfully.
HKCR\CLSID\{a51d69a5-b414-11e2-8752-00179a7c520a} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B1BAE25-CACB-447D-899C-845B4C598268} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7B1BAE25-CACB-447D-899C-845B4C598268} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} => Key deleted successfully.
HKCR\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} => Key deleted successfully.
C:\Program Files\SiteRanker => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9} => Key deleted successfully.
HKCR\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b} => Key deleted successfully.
HKCR\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Value deleted successfully.
HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{724d43a0-0d85-11d4-9908-00400523e39a} => Value deleted successfully.
HKCR\CLSID\{724d43a0-0d85-11d4-9908-00400523e39a} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} => Value deleted successfully.
HKCR\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{10921475-03CE-4E04-90CE-E2E7EF20C814} => Value deleted successfully.
HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} => Value deleted successfully.
HKCR\CLSID\{724D43A0-0D85-11D4-9908-00400523E39A} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} => Value deleted successfully.
HKCR\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} => Key not found.
C:\Program Files\SiteRanker => Should not be moved.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\user.js => Moved successfully.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => Key deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin => Key deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll => Moved successfully.
HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin => Key deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\askcom.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\conduit.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\daemon-search.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin-1.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-hledn.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-search.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\searchplugins-backup => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\web-search.xml => Moved successfully.
C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\DTToolbar@toolbarnet.com => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\engine@conduit.com => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com => Value deleted successfully.
C:\Program Files\SiteRanker\firefox\ => not found.
CHR RestoreOnStartup: "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F020B6AEAAABAE77EC50F950F922A64F" ==> The Chrome "Settings" can be used to fix the entry.
Skype C2C Service => Service deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => Moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp => Moved successfully.
C:\Documents and Settings\tester\Local Settings\Temp => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job not found.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => Moved successfully.
==== End of Fixlog ====
Ran by Tonda at 2014-01-12 13:35:32 Run:1
Running from C:\Documents and Settings\Tonda\Plocha
Boot Mode: Safe Mode (with Networking)
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update
MountPoints2: {10ba435c-a1bd-11df-8099-00179a7c520a} - M:\Axesstel_Setup.exe
MountPoints2: {a000572f-02e5-11e1-82b5-00179a7c520a} - F:\NokiaPCIA_Autorun.exe
MountPoints2: {a51d69a5-b414-11e2-8752-00179a7c520a} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
RLSearchHook: HKCU - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://safesearchr.lavasoft.com/?source ... 922A64F&q={searchTerms}
SearchScopes: HKCU - {7B1BAE25-CACB-447D-899C-845B4C598268} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8E&apn_dtid=YYYYYYM4CZ&apn_uid=FCCAB4DF-9BA5-4472-A082-8AB81E7DD626&apn_sauid=9274C778-A85D-423B-BF47-1D1B42517190
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
C:\Program Files\SiteRanker
BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - VideoDownloadConverter - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
FF ProfilePath: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default
FF user.js: detected! => C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\user.js
FF SearchEngineOrder.1: Ask.com
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-search.xml
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
FF Extension: DAEMON Tools Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\DTToolbar@toolbarnet.com [2011-04-24]
FF Extension: Conduit Engine - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\engine@conduit.com [2011-03-22]
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-18]
FF Extension: uTorrentBar Community Toolbar - C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09]
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files\SiteRanker\firefox\ []
CHR RestoreOnStartup: "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F020B6AEAAABAE77EC50F950F922A64F"
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job
C:\Documents and Settings\NetworkService\Local Settings\Temp
C:\Documents and Settings\tester\Local Settings\Temp
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
C:\Documents and Settings\Tonda\Local Settings\Data aplikací\Facebook\Update => Moved successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10ba435c-a1bd-11df-8099-00179a7c520a} => Key deleted successfully.
HKCR\CLSID\{10ba435c-a1bd-11df-8099-00179a7c520a} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a000572f-02e5-11e1-82b5-00179a7c520a} => Key deleted successfully.
HKCR\CLSID\{a000572f-02e5-11e1-82b5-00179a7c520a} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a51d69a5-b414-11e2-8752-00179a7c520a} => Key deleted successfully.
HKCR\CLSID\{a51d69a5-b414-11e2-8752-00179a7c520a} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B1BAE25-CACB-447D-899C-845B4C598268} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7B1BAE25-CACB-447D-899C-845B4C598268} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} => Key deleted successfully.
HKCR\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} => Key deleted successfully.
C:\Program Files\SiteRanker => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9} => Key deleted successfully.
HKCR\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b} => Key deleted successfully.
HKCR\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Value deleted successfully.
HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{724d43a0-0d85-11d4-9908-00400523e39a} => Value deleted successfully.
HKCR\CLSID\{724d43a0-0d85-11d4-9908-00400523e39a} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} => Value deleted successfully.
HKCR\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{10921475-03CE-4E04-90CE-E2E7EF20C814} => Value deleted successfully.
HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{724D43A0-0D85-11D4-9908-00400523E39A} => Value deleted successfully.
HKCR\CLSID\{724D43A0-0D85-11D4-9908-00400523E39A} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} => Value deleted successfully.
HKCR\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} => Key not found.
C:\Program Files\SiteRanker => Should not be moved.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\user.js => Moved successfully.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => Key deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin => Key deleted successfully.
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll => Moved successfully.
HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin => Key deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\askcom.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\conduit.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\daemon-search.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin-1.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\icqplugin.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-hledn.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\inbox-search.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\searchplugins-backup => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\searchplugins\web-search.xml => Moved successfully.
C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\DTToolbar@toolbarnet.com => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\engine@conduit.com => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack => Moved successfully.
C:\Documents and Settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com => Value deleted successfully.
C:\Program Files\SiteRanker\firefox\ => not found.
CHR RestoreOnStartup: "hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F020B6AEAAABAE77EC50F950F922A64F" ==> The Chrome "Settings" can be used to fix the entry.
Skype C2C Service => Service deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job => Moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp => Moved successfully.
C:\Documents and Settings\tester\Local Settings\Temp => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job not found.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006Core.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3066500919-764675632-2399540546-1006UA.job => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Stale stejné. Pracovat lze jen v nouzovem režimu. Stránkovací soubor stále postupně stoupal tentokrát do 1,15 GB. Osobně mě napadá že by to bylo nejakým HW ale to já nemohu zjístit, nemám nahradní GPU,CPU,HDD a ani Zdroj (RAM jako jediné ověřeny). Mám podezření na CPU nebo HDD. Světílko práce HDD stále svitilo naplno.
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Postupné spomalování PC při malém vytížení CPU/RAM
ComboFix 14-01-12.01 - Tonda 12.01.2014 20:14:51.1.4 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2349 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonda\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7094}
SP: Windows Defender *Disabled/Outdated* {FDFE477F-8FE7-4B17-A05C-9D1F9EB603CB}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Tonda\Local Settings\Data aplikací\MSGBOX.EXE
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 18:27 . 2014-01-12 18:27 62576 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\offreg.dll
2014-01-12 18:17 . 2014-01-12 18:17 51852 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-01-12 18:17 . 2014-01-12 18:17 20719 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-01-12 18:16 . 2014-01-12 18:16 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-01-12 18:15 . 2014-01-12 18:15 63115 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-01-12 18:15 . 2014-01-12 18:15 8646 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 6429 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-01-12 18:15 . 2014-01-12 18:15 4599 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-01-12 18:15 . 2014-01-12 18:15 9310 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 5927 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-01-12 18:15 . 2014-01-12 18:15 8613 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-01-12 18:15 . 2014-01-12 18:15 1651 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-01-12 18:15 . 2014-01-12 18:15 6910 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-01-12 18:15 . 2014-01-12 18:15 18541 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-01-12 18:15 . 2014-01-12 18:15 8288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-01-12 18:15 . 2014-01-12 18:15 6208 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-01-11 13:02 . 2014-01-12 12:35 -------- d-----w- C:\FRST
2014-01-09 16:01 . 2014-01-12 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ProductData
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\AppData
2014-01-09 15:59 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\IObit
2014-01-09 15:59 . 2014-01-09 16:00 -------- d-----w- c:\program files\IObit
2014-01-09 15:59 . 2014-01-09 15:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2014-01-09 15:01 . 2014-01-09 15:06 -------- d-----w- c:\documents and settings\Administrator
2014-01-07 14:29 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\mpengine.dll
2014-01-06 18:21 . 2014-01-06 21:05 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\.minecraft
2014-01-06 12:57 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\windows\system32\xlive
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2013-12-22 20:11 . 2013-12-22 20:11 -------- d-----w- c:\documents and settings\Tonda\Local Settings\Data aplikací\CDWLauncher
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-23 16:29 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2013-12-23 16:28 . 2009-08-18 10:24 22240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-12-11 17:42 . 2012-04-28 08:22 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 17:42 . 2011-05-21 07:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-29 23:08 . 2013-11-29 23:08 49940480 ----a-w- c:\program files\GUT6957.tmp
2013-11-19 10:21 . 2009-11-14 01:53 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-15 18:56 . 2013-11-15 18:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-11-15 18:56 . 2013-11-15 18:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-11-13 03:00 . 2008-04-14 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2008-04-14 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2008-04-14 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:45 . 2008-04-14 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:45 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
2008-06-17 09:35 . 2010-08-07 00:46 212992 ----a-r- c:\program files\MSP_Uninstall.exe
2007-04-04 07:24 . 2010-08-07 00:46 90112 ----a-r- c:\program files\axesstel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2013-05-02 802136]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-09-03 295512]
"VideoDownloadConverter Search Scope Monitor"="c:\progra~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" [2013-12-04 44784]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\VIDEOD~2\bar\1.bin\4zbrmon.exe" [2013-12-04 30096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Údržba databáze BUILDpower.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Údržba databáze BUILDpower.lnk
backup=c:\windows\pss\Údržba databáze BUILDpower.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 18:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-01 11:56 136176 ----atw- c:\documents and settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 21:17 52256 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 21:26 68640 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-12-11 19:40 1823656 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2013-08-27 14:57 248208 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-05-02 15:47 802136 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Documents and Settings\\Tonda\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Games\\World_of_Warplanes\\WOWpLauncher.exe"=
"c:\\Games\\World_of_Warplanes\\WorldOfWarplanes.exe"=
"c:\\Program Files\\Steam\\steamapps\\k0k1ain\\counter-strike\\hl.exe"=
"c:\\Games\\World_of_Tanks\\WOTLauncher.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.954\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2328\\Agent.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\hammerwatch\\Hammerwatch\\Hammerwatch.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\PotPlayer\\PotPlayerMini.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Might & Magic - Duel of Champions\\Game.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\ChivLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\Binaries\\Win32\\UDK.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DARKSOULS.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DATA.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"56931:TCP"= 56931:TCP:Pando Media Booster
"56931:UDP"= 56931:UDP:Pando Media Booster
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [4.3.2012 20:39 21576]
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [18.1.2013 11:24 13560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.12.2009 4:28 691696]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [27.10.2009 18:52 450400]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [4.3.2011 0:17 12344]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 10:28 73728]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [9.1.2014 17:00 881440]
S2 DicterUpdateService;Dicter Service;c:\program files\Dicter\DicterService.exe [19.4.2011 11:19 938496]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [9.1.2014 17:00 2151200]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [14.8.2013 14:19 39056]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27.8.2013 15:57 93072]
S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [4.12.2013 20:43 44752]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\axtmvflt.sys [7.8.2010 1:46 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\axtmvmdm.sys [7.8.2010 1:46 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\axtmvprt.sys [7.8.2010 1:46 38784]
S3 brfilt;Ovladač filtru Brother MFC;c:\windows\system32\drivers\BrFilt.sys [30.10.2009 9:03 2944]
S3 BrSerWDM;Seriový ovladač Brother WDM;c:\windows\system32\drivers\BrSerWdm.sys [30.10.2009 9:02 61952]
S3 BrUsbMdm;Pouze faxový modem Brother MFC USB;c:\windows\system32\drivers\BrUsbMdm.sys [30.10.2009 9:03 11008]
S3 BrUsbScn;Ovladač skeneru Brother MFC USB;c:\windows\system32\drivers\BrUsbScn.sys [30.10.2009 9:03 10368]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [12.3.2010 13:08 36608]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [13.2.2011 19:52 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 18:01 21248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12.2.2011 12:56 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12.2.2011 12:56 8576]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\Overwolf\OverwolfUpdater.exe [20.9.2013 7:55 18360]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\drivers\spyemrg_access.sys [4.3.2011 0:17 18232]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [4.3.2011 0:17 14392]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 17:42]
.
2014-01-12 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 14:01]
.
2014-01-12 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-08 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-09-20 c:\windows\Tasks\RunOW.job
- c:\program files\Overwolf\Overwolf.exe [2013-08-22 13:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
FF - ProfilePath - c:\documents and settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - ExtSQL: 2013-12-04 20:43; 4zffxtbr@VideoDownloadConverter_4z.com; c:\documents and settings\Tonda\Data aplikacĂÂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
FF - ExtSQL: 2014-01-09 18:01; ascsurfingprotection@iobit.com; c:\documents and settings\Tonda\Data aplikacĂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2009-12-28 22:33; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
HKLM-Run-SiteRanker - c:\program files\SiteRanker\SiteRankTray.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-AutoStartNPSAgent - c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSConfigStartUp-avast - c:\program files\Alwil Software\Avast5\avastUI.exe
MSConfigStartUp-GameXN - c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe
MSConfigStartUp-GameXN (news) - c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe
MSConfigStartUp-GameXN (update) - c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
AddRemove-HijackThis - c:\documents and settings\Tonda\Plocha\HijackThis.exe
AddRemove-{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1 - c:\program files\SiteRanker\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-12 20:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD5000AAKS-00V1A0 rev.05.01D05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-14
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 976773166 (+255): user != kernel
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3066500919-764675632-2399540546-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(672)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2014-01-12 20:19:39
ComboFix-quarantined-files.txt 2014-01-12 19:19
.
Před spuštěním: Volných bajtů: 276 275 589 120
Po spuštění: Volných bajtů: 276 818 173 952
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 5C888A72DE486A3524022BC0B352E779
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2349 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonda\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7094}
SP: Windows Defender *Disabled/Outdated* {FDFE477F-8FE7-4B17-A05C-9D1F9EB603CB}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Tonda\Local Settings\Data aplikací\MSGBOX.EXE
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 18:27 . 2014-01-12 18:27 62576 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\offreg.dll
2014-01-12 18:17 . 2014-01-12 18:17 51852 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-01-12 18:17 . 2014-01-12 18:17 20719 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-01-12 18:16 . 2014-01-12 18:16 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-01-12 18:15 . 2014-01-12 18:15 63115 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-01-12 18:15 . 2014-01-12 18:15 8646 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 6429 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-01-12 18:15 . 2014-01-12 18:15 4599 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-01-12 18:15 . 2014-01-12 18:15 9310 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 5927 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-01-12 18:15 . 2014-01-12 18:15 8613 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-01-12 18:15 . 2014-01-12 18:15 1651 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-01-12 18:15 . 2014-01-12 18:15 6910 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-01-12 18:15 . 2014-01-12 18:15 18541 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-01-12 18:15 . 2014-01-12 18:15 8288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-01-12 18:15 . 2014-01-12 18:15 6208 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-01-11 13:02 . 2014-01-12 12:35 -------- d-----w- C:\FRST
2014-01-09 16:01 . 2014-01-12 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ProductData
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\AppData
2014-01-09 15:59 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\IObit
2014-01-09 15:59 . 2014-01-09 16:00 -------- d-----w- c:\program files\IObit
2014-01-09 15:59 . 2014-01-09 15:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2014-01-09 15:01 . 2014-01-09 15:06 -------- d-----w- c:\documents and settings\Administrator
2014-01-07 14:29 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\mpengine.dll
2014-01-06 18:21 . 2014-01-06 21:05 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\.minecraft
2014-01-06 12:57 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\windows\system32\xlive
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2013-12-22 20:11 . 2013-12-22 20:11 -------- d-----w- c:\documents and settings\Tonda\Local Settings\Data aplikací\CDWLauncher
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-23 16:29 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2013-12-23 16:28 . 2009-08-18 10:24 22240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-12-11 17:42 . 2012-04-28 08:22 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 17:42 . 2011-05-21 07:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-29 23:08 . 2013-11-29 23:08 49940480 ----a-w- c:\program files\GUT6957.tmp
2013-11-19 10:21 . 2009-11-14 01:53 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-15 18:56 . 2013-11-15 18:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-11-15 18:56 . 2013-11-15 18:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-11-13 03:00 . 2008-04-14 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2008-04-14 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2008-04-14 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:45 . 2008-04-14 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:45 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
2008-06-17 09:35 . 2010-08-07 00:46 212992 ----a-r- c:\program files\MSP_Uninstall.exe
2007-04-04 07:24 . 2010-08-07 00:46 90112 ----a-r- c:\program files\axesstel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2013-05-02 802136]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-09-03 295512]
"VideoDownloadConverter Search Scope Monitor"="c:\progra~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" [2013-12-04 44784]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\VIDEOD~2\bar\1.bin\4zbrmon.exe" [2013-12-04 30096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Údržba databáze BUILDpower.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Údržba databáze BUILDpower.lnk
backup=c:\windows\pss\Údržba databáze BUILDpower.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 18:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-01 11:56 136176 ----atw- c:\documents and settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 21:17 52256 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 21:26 68640 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-12-11 19:40 1823656 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2013-08-27 14:57 248208 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-05-02 15:47 802136 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Documents and Settings\\Tonda\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Games\\World_of_Warplanes\\WOWpLauncher.exe"=
"c:\\Games\\World_of_Warplanes\\WorldOfWarplanes.exe"=
"c:\\Program Files\\Steam\\steamapps\\k0k1ain\\counter-strike\\hl.exe"=
"c:\\Games\\World_of_Tanks\\WOTLauncher.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.954\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2328\\Agent.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\hammerwatch\\Hammerwatch\\Hammerwatch.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\PotPlayer\\PotPlayerMini.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Might & Magic - Duel of Champions\\Game.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\ChivLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\Binaries\\Win32\\UDK.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DARKSOULS.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DATA.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"56931:TCP"= 56931:TCP:Pando Media Booster
"56931:UDP"= 56931:UDP:Pando Media Booster
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [4.3.2012 20:39 21576]
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [18.1.2013 11:24 13560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.12.2009 4:28 691696]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [27.10.2009 18:52 450400]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [4.3.2011 0:17 12344]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 10:28 73728]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [9.1.2014 17:00 881440]
S2 DicterUpdateService;Dicter Service;c:\program files\Dicter\DicterService.exe [19.4.2011 11:19 938496]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [9.1.2014 17:00 2151200]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [14.8.2013 14:19 39056]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27.8.2013 15:57 93072]
S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [4.12.2013 20:43 44752]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\axtmvflt.sys [7.8.2010 1:46 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\axtmvmdm.sys [7.8.2010 1:46 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\axtmvprt.sys [7.8.2010 1:46 38784]
S3 brfilt;Ovladač filtru Brother MFC;c:\windows\system32\drivers\BrFilt.sys [30.10.2009 9:03 2944]
S3 BrSerWDM;Seriový ovladač Brother WDM;c:\windows\system32\drivers\BrSerWdm.sys [30.10.2009 9:02 61952]
S3 BrUsbMdm;Pouze faxový modem Brother MFC USB;c:\windows\system32\drivers\BrUsbMdm.sys [30.10.2009 9:03 11008]
S3 BrUsbScn;Ovladač skeneru Brother MFC USB;c:\windows\system32\drivers\BrUsbScn.sys [30.10.2009 9:03 10368]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [12.3.2010 13:08 36608]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [13.2.2011 19:52 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 18:01 21248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12.2.2011 12:56 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12.2.2011 12:56 8576]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\Overwolf\OverwolfUpdater.exe [20.9.2013 7:55 18360]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\drivers\spyemrg_access.sys [4.3.2011 0:17 18232]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [4.3.2011 0:17 14392]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 17:42]
.
2014-01-12 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 14:01]
.
2014-01-12 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-08 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-09-20 c:\windows\Tasks\RunOW.job
- c:\program files\Overwolf\Overwolf.exe [2013-08-22 13:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
FF - ProfilePath - c:\documents and settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - ExtSQL: 2013-12-04 20:43; 4zffxtbr@VideoDownloadConverter_4z.com; c:\documents and settings\Tonda\Data aplikacĂÂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
FF - ExtSQL: 2014-01-09 18:01; ascsurfingprotection@iobit.com; c:\documents and settings\Tonda\Data aplikacĂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2009-12-28 22:33; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
HKLM-Run-SiteRanker - c:\program files\SiteRanker\SiteRankTray.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-AutoStartNPSAgent - c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSConfigStartUp-avast - c:\program files\Alwil Software\Avast5\avastUI.exe
MSConfigStartUp-GameXN - c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe
MSConfigStartUp-GameXN (news) - c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe
MSConfigStartUp-GameXN (update) - c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
AddRemove-HijackThis - c:\documents and settings\Tonda\Plocha\HijackThis.exe
AddRemove-{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1 - c:\program files\SiteRanker\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-12 20:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD5000AAKS-00V1A0 rev.05.01D05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-14
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 976773166 (+255): user != kernel
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3066500919-764675632-2399540546-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(672)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2014-01-12 20:19:39
ComboFix-quarantined-files.txt 2014-01-12 19:19
.
Před spuštěním: Volných bajtů: 276 275 589 120
Po spuštění: Volných bajtů: 276 818 173 952
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 5C888A72DE486A3524022BC0B352E779
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Otevřte poznámkový blok a zkopírujte do něj:
uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\program files\GUT6957.tmp
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VideoDownloadConverter Search Scope Monitor"=-
"VideoDownloadConverter_4z Browser Plugin Loader"=-
Firefox::
FF - ProfilePath - c:\documents and settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
Regnull::
[HKEY_USERS\S-1-5-21-3066500919-764675632-2399540546-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Postupné spomalování PC při malém vytížení CPU/RAM
ComboFix 14-01-12.01 - Tonda 12.01.2014 21:38:37.2.4 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2545 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonda\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tonda\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
SP: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7094}
SP: Windows Defender *Disabled/Outdated* {FDFE477F-8FE7-4B17-A05C-9D1F9EB603CB}
.
FILE ::
"c:\program files\GUT6957.tmp"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 18:27 . 2014-01-12 18:27 62576 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\offreg.dll
2014-01-12 18:17 . 2014-01-12 18:17 51852 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-01-12 18:17 . 2014-01-12 18:17 20719 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-01-12 18:16 . 2014-01-12 18:16 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-01-12 18:15 . 2014-01-12 18:15 63115 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-01-12 18:15 . 2014-01-12 18:15 8646 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 6429 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-01-12 18:15 . 2014-01-12 18:15 4599 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-01-12 18:15 . 2014-01-12 18:15 9310 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 5927 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-01-12 18:15 . 2014-01-12 18:15 8613 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-01-12 18:15 . 2014-01-12 18:15 1651 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-01-12 18:15 . 2014-01-12 18:15 6910 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-01-12 18:15 . 2014-01-12 18:15 18541 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-01-12 18:15 . 2014-01-12 18:15 8288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-01-12 18:15 . 2014-01-12 18:15 6208 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-01-11 13:02 . 2014-01-12 12:35 -------- d-----w- C:\FRST
2014-01-09 16:01 . 2014-01-12 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ProductData
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\AppData
2014-01-09 15:59 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\IObit
2014-01-09 15:59 . 2014-01-09 16:00 -------- d-----w- c:\program files\IObit
2014-01-09 15:59 . 2014-01-09 15:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2014-01-09 15:01 . 2014-01-09 15:06 -------- d-----w- c:\documents and settings\Administrator
2014-01-07 14:29 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\mpengine.dll
2014-01-06 18:21 . 2014-01-06 21:05 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\.minecraft
2014-01-06 12:57 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\windows\system32\xlive
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2013-12-22 20:11 . 2013-12-22 20:11 -------- d-----w- c:\documents and settings\Tonda\Local Settings\Data aplikací\CDWLauncher
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 20:45 . 2014-01-12 20:45 40392 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\MpKsl4c6264b8.sys
2013-12-23 16:29 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2013-12-23 16:28 . 2009-08-18 10:24 22240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-12-11 17:42 . 2012-04-28 08:22 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 17:42 . 2011-05-21 07:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-29 23:08 . 2013-11-29 23:08 49940480 ----a-w- c:\program files\GUT6957.tmp
2013-11-19 10:21 . 2009-11-14 01:53 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-15 18:56 . 2013-11-15 18:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-11-15 18:56 . 2013-11-15 18:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-11-13 03:00 . 2008-04-14 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2008-04-14 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2008-04-14 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:45 . 2008-04-14 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:45 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
2008-06-17 09:35 . 2010-08-07 00:46 212992 ----a-r- c:\program files\MSP_Uninstall.exe
2007-04-04 07:24 . 2010-08-07 00:46 90112 ----a-r- c:\program files\axesstel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2013-05-02 802136]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-09-03 295512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Údržba databáze BUILDpower.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Údržba databáze BUILDpower.lnk
backup=c:\windows\pss\Údržba databáze BUILDpower.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 18:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-01 11:56 136176 ----atw- c:\documents and settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 21:17 52256 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 21:26 68640 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-12-11 19:40 1823656 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2013-08-27 14:57 248208 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-05-02 15:47 802136 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Documents and Settings\\Tonda\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Games\\World_of_Warplanes\\WOWpLauncher.exe"=
"c:\\Games\\World_of_Warplanes\\WorldOfWarplanes.exe"=
"c:\\Program Files\\Steam\\steamapps\\k0k1ain\\counter-strike\\hl.exe"=
"c:\\Games\\World_of_Tanks\\WOTLauncher.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.954\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2328\\Agent.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\hammerwatch\\Hammerwatch\\Hammerwatch.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\PotPlayer\\PotPlayerMini.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Might & Magic - Duel of Champions\\Game.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\ChivLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\Binaries\\Win32\\UDK.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DARKSOULS.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DATA.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"56931:TCP"= 56931:TCP:Pando Media Booster
"56931:UDP"= 56931:UDP:Pando Media Booster
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [4.3.2012 20:39 21576]
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [18.1.2013 11:24 13560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.12.2009 4:28 691696]
R1 MpKsl4c6264b8;MpKsl4c6264b8;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\MpKsl4c6264b8.sys [12.1.2014 21:45 40392]
R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [4.3.2011 0:17 12344]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 10:28 73728]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [9.1.2014 17:00 881440]
R2 DicterUpdateService;Dicter Service;c:\program files\Dicter\DicterService.exe [19.4.2011 11:19 938496]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [14.8.2013 14:19 39056]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27.8.2013 15:57 93072]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [27.10.2009 18:52 450400]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [9.1.2014 17:00 2151200]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [4.12.2013 20:43 44752]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\axtmvflt.sys [7.8.2010 1:46 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\axtmvmdm.sys [7.8.2010 1:46 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\axtmvprt.sys [7.8.2010 1:46 38784]
S3 brfilt;Ovladač filtru Brother MFC;c:\windows\system32\drivers\BrFilt.sys [30.10.2009 9:03 2944]
S3 BrSerWDM;Seriový ovladač Brother WDM;c:\windows\system32\drivers\BrSerWdm.sys [30.10.2009 9:02 61952]
S3 BrUsbMdm;Pouze faxový modem Brother MFC USB;c:\windows\system32\drivers\BrUsbMdm.sys [30.10.2009 9:03 11008]
S3 BrUsbScn;Ovladač skeneru Brother MFC USB;c:\windows\system32\drivers\BrUsbScn.sys [30.10.2009 9:03 10368]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [12.3.2010 13:08 36608]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [13.2.2011 19:52 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 18:01 21248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12.2.2011 12:56 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12.2.2011 12:56 8576]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\Overwolf\OverwolfUpdater.exe [20.9.2013 7:55 18360]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\drivers\spyemrg_access.sys [4.3.2011 0:17 18232]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [4.3.2011 0:17 14392]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL4C6264B8
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 17:42]
.
2014-01-12 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 14:01]
.
2014-01-12 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-08 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-09-20 c:\windows\Tasks\RunOW.job
- c:\program files\Overwolf\Overwolf.exe [2013-08-22 13:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
FF - ProfilePath - c:\documents and settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - ExtSQL: 2013-12-04 20:43; 4zffxtbr@VideoDownloadConverter_4z.com; c:\documents and settings\Tonda\Data aplikacĂÂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
FF - ExtSQL: 2014-01-09 18:01; ascsurfingprotection@iobit.com; c:\documents and settings\Tonda\Data aplikacĂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2009-12-28 22:33; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-12 21:45
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD5000AAKS-00V1A0 rev.05.01D05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-14
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 976773166 (+255): user != kernel
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(132)
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\brss01a.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\SearchProtocolHost.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\real\realplayer\RealPlay.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2014-01-12 21:51:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-12 20:51
ComboFix2.txt 2014-01-12 19:19
.
Před spuštěním: Volných bajtů: 276 825 866 240
Po spuštění: Volných bajtů: 276 815 040 512
.
- - End Of File - - FD5B5C998489BD2E007E64E3EB71BCEC
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2545 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonda\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tonda\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
SP: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7094}
SP: Windows Defender *Disabled/Outdated* {FDFE477F-8FE7-4B17-A05C-9D1F9EB603CB}
.
FILE ::
"c:\program files\GUT6957.tmp"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 18:27 . 2014-01-12 18:27 62576 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\offreg.dll
2014-01-12 18:17 . 2014-01-12 18:17 51852 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-01-12 18:17 . 2014-01-12 18:17 20719 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-01-12 18:16 . 2014-01-12 18:16 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-01-12 18:16 . 2014-01-12 18:16 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-01-12 18:15 . 2014-01-12 18:15 63115 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-01-12 18:15 . 2014-01-12 18:15 8646 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 6429 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-01-12 18:15 . 2014-01-12 18:15 4599 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-01-12 18:15 . 2014-01-12 18:15 9310 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-01-12 18:15 . 2014-01-12 18:15 5927 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-01-12 18:15 . 2014-01-12 18:15 8613 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-01-12 18:15 . 2014-01-12 18:15 1651 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-01-12 18:15 . 2014-01-12 18:15 6910 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-01-12 18:15 . 2014-01-12 18:15 18541 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-01-12 18:15 . 2014-01-12 18:15 8288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-01-12 18:15 . 2014-01-12 18:15 6208 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-01-11 13:02 . 2014-01-12 12:35 -------- d-----w- C:\FRST
2014-01-09 16:01 . 2014-01-12 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ProductData
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-09 16:01 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\AppData
2014-01-09 15:59 . 2014-01-09 16:01 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\IObit
2014-01-09 15:59 . 2014-01-09 16:00 -------- d-----w- c:\program files\IObit
2014-01-09 15:59 . 2014-01-09 15:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2014-01-09 15:01 . 2014-01-09 15:06 -------- d-----w- c:\documents and settings\Administrator
2014-01-07 14:29 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\mpengine.dll
2014-01-06 18:21 . 2014-01-06 21:05 -------- d-----w- c:\documents and settings\Tonda\Data aplikací\.minecraft
2014-01-06 12:57 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\windows\system32\xlive
2013-12-23 16:17 . 2013-12-23 16:17 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2013-12-22 20:11 . 2013-12-22 20:11 -------- d-----w- c:\documents and settings\Tonda\Local Settings\Data aplikací\CDWLauncher
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 20:45 . 2014-01-12 20:45 40392 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\MpKsl4c6264b8.sys
2013-12-23 16:29 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2013-12-23 16:28 . 2009-08-18 10:24 22240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-12-11 17:42 . 2012-04-28 08:22 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 17:42 . 2011-05-21 07:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-29 23:08 . 2013-11-29 23:08 49940480 ----a-w- c:\program files\GUT6957.tmp
2013-11-19 10:21 . 2009-11-14 01:53 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-15 18:56 . 2013-11-15 18:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-11-15 18:56 . 2013-11-15 18:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-11-13 03:00 . 2008-04-14 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2008-04-14 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2008-04-14 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:45 . 2008-04-14 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:45 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
2008-06-17 09:35 . 2010-08-07 00:46 212992 ----a-r- c:\program files\MSP_Uninstall.exe
2007-04-04 07:24 . 2010-08-07 00:46 90112 ----a-r- c:\program files\axesstel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2013-05-02 802136]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-09-03 295512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Údržba databáze BUILDpower.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Údržba databáze BUILDpower.lnk
backup=c:\windows\pss\Údržba databáze BUILDpower.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 18:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-01 11:56 136176 ----atw- c:\documents and settings\Tonda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 21:17 52256 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 21:26 68640 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-12-11 19:40 1823656 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2013-08-27 14:57 248208 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-05-02 15:47 802136 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Documents and Settings\\Tonda\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Games\\World_of_Warplanes\\WOWpLauncher.exe"=
"c:\\Games\\World_of_Warplanes\\WorldOfWarplanes.exe"=
"c:\\Program Files\\Steam\\steamapps\\k0k1ain\\counter-strike\\hl.exe"=
"c:\\Games\\World_of_Tanks\\WOTLauncher.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.954\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2328\\Agent.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\hammerwatch\\Hammerwatch\\Hammerwatch.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe"=
"c:\\Documents and Settings\\Tonda\\Dokumenty\\Kuba\\PotPlayer\\PotPlayerMini.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Might & Magic - Duel of Champions\\Game.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\ChivLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\chivalrymedievalwarfare\\Binaries\\Win32\\UDK.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DARKSOULS.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DATA.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"56931:TCP"= 56931:TCP:Pando Media Booster
"56931:UDP"= 56931:UDP:Pando Media Booster
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [4.3.2012 20:39 21576]
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [18.1.2013 11:24 13560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.12.2009 4:28 691696]
R1 MpKsl4c6264b8;MpKsl4c6264b8;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EAFD83C-CC09-47D6-B211-475C67F863DB}\MpKsl4c6264b8.sys [12.1.2014 21:45 40392]
R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [4.3.2011 0:17 12344]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 10:28 73728]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [9.1.2014 17:00 881440]
R2 DicterUpdateService;Dicter Service;c:\program files\Dicter\DicterService.exe [19.4.2011 11:19 938496]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [14.8.2013 14:19 39056]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27.8.2013 15:57 93072]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [27.10.2009 18:52 450400]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [9.1.2014 17:00 2151200]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [4.12.2013 20:43 44752]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\axtmvflt.sys [7.8.2010 1:46 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\axtmvmdm.sys [7.8.2010 1:46 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\axtmvprt.sys [7.8.2010 1:46 38784]
S3 brfilt;Ovladač filtru Brother MFC;c:\windows\system32\drivers\BrFilt.sys [30.10.2009 9:03 2944]
S3 BrSerWDM;Seriový ovladač Brother WDM;c:\windows\system32\drivers\BrSerWdm.sys [30.10.2009 9:02 61952]
S3 BrUsbMdm;Pouze faxový modem Brother MFC USB;c:\windows\system32\drivers\BrUsbMdm.sys [30.10.2009 9:03 11008]
S3 BrUsbScn;Ovladač skeneru Brother MFC USB;c:\windows\system32\drivers\BrUsbScn.sys [30.10.2009 9:03 10368]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [12.3.2010 13:08 36608]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [13.2.2011 19:52 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 18:01 21248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12.2.2011 12:56 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12.2.2011 12:56 8576]
S3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files\Overwolf\OverwolfUpdater.exe [20.9.2013 7:55 18360]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\drivers\spyemrg_access.sys [4.3.2011 0:17 18232]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [4.3.2011 0:17 14392]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL4C6264B8
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 17:42]
.
2014-01-12 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 14:01]
.
2014-01-12 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-08 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2014-01-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3066500919-764675632-2399540546-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-09-20 c:\windows\Tasks\RunOW.job
- c:\program files\Overwolf\Overwolf.exe [2013-08-22 13:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
FF - ProfilePath - c:\documents and settings\Tonda\Data aplikací\Mozilla\Firefox\Profiles\znm5vazz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - ExtSQL: 2013-12-04 20:43; 4zffxtbr@VideoDownloadConverter_4z.com; c:\documents and settings\Tonda\Data aplikacĂÂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
FF - ExtSQL: 2014-01-09 18:01; ascsurfingprotection@iobit.com; c:\documents and settings\Tonda\Data aplikacĂ\Mozilla\Firefox\Profiles\znm5vazz.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2009-12-28 22:33; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-12 21:45
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD5000AAKS-00V1A0 rev.05.01D05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-14
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 976773166 (+255): user != kernel
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(132)
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\brss01a.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\SearchProtocolHost.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\real\realplayer\RealPlay.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2014-01-12 21:51:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-12 20:51
ComboFix2.txt 2014-01-12 19:19
.
Před spuštěním: Volných bajtů: 276 825 866 240
Po spuštění: Volných bajtů: 276 815 040 512
.
- - End Of File - - FD5B5C998489BD2E007E64E3EB71BCEC
A36C5E4F47E84449FF07ED3517B43A31
Re: Postupné spomalování PC při malém vytížení CPU/RAM
PC momentálně běží v normálním, klidném stavu cca půl hodiny. Žádné známky zaseknutí, stránkovací pamět nestoupá, HDD také pracuje v normálu.
Mnohokrát díky za pomoc.
Kdyby se něco v nadcházejících hodinách stalo napiši sem.
Mnohokrát díky za pomoc.
Kdyby se něco v nadcházejících hodinách stalo napiši sem.
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Postupné spomalování PC při malém vytížení CPU/RAM
Ještě bych udělal tento sken:
V logu jsem narazil na jeden detail, který je třeba prověřit.Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
Kliknete na volbu Change parametrs
V okne Additional Option zakliknete vsechny moznosti
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?