Ahoj, počítač mi píše v MF jako první výsledek 1place.org a podtrhávají se mi odkazy.
Nevím, jak se toho zbavit. Zkoušel sem podle návodu, ale nějak to nešlo.
Také mi počítač hlásil, že jsem přepojen na nějaký proxy server, mám teda doma router kvůli VPN, chvilku vůbec nefungoval internet, po restartu začal fungovat.
Prosím o radu. Díky.
H.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2014-02-17 18:07:50
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 5 GB (11%) free of 50 GB
Total RAM: 2037 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:08:11, on 17.2.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\CTHELPER.EXE
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
C:\Program Files\PicPick\picpick.exe
C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Honza\AppData\Local\PirritSuggestor\PirritDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
F:\download\RSIT.exe
C:\Program Files\trend micro\Honza.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:9880
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PicPick Start] C:\Program Files\PicPick\picpick.exe /startup
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Google Update] "C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Default user')
O4 - Startup: PatchMix DSP Application.lnk = C:\Program Files\Creative Professional\Digital Audio System\E-MU PatchMix DSP\EmuPatchMixDSP.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: PirritDesktop - Unknown owner - C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe
O23 - Service: PirritUpdater - Unknown owner - C:\Program Files\Pirrit\AutoUpdater.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
--
End of file - 8996 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\mcev0iz3.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1, 6, 2, 44, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9, xmlfiller@software602.cz:3.16.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, ietab@ip.cn:1.98.20110322, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://www.google.cz"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\mcev0iz3.default\extensions\
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\mcev0iz3.default\searchplugins\
icqplugin-1.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2006-01-27 1143168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\Windows\system32\mscoree.dll [2009-11-08 297808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2006-01-27 1143168]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2006-01-27 3767096]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2006-01-27 3767096]
"CTHelper"=C:\Windows\system32\CTHELPER.EXE [2008-03-20 23040]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2008-03-20 23552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"PicPick Start"=C:\Program Files\PicPick\picpick.exe [2013-12-07 13255512]
"Spotify Web Helper"=C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-31 1171968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2012-01-13 527312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files\Common Files\Acronis\Plán2\schedhlp.exe [2009-11-26 361976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-11-26 5129128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ZyXEL G-202 Wireless Adapter Utility.lnk]
C:\PROGRA~1\ZyXEL\ZYXELG~1\ZYXELG~1.EXE [2006-11-28 10878976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PatchMix DSP Application.lnk - C:\Program Files\Creative Professional\Digital Audio System\E-MU PatchMix DSP\EmuPatchMixDSP.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.ffds"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\system32\tsccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-17 18:07:50 ----D---- C:\rsit
2014-02-17 18:07:50 ----D---- C:\Program Files\trend micro
2014-02-15 10:19:06 ----D---- C:\Program Files\Mozilla Firefox
2014-02-15 10:10:05 ----D---- C:\Users\Honza\AppData\Roaming\Ashampoo
2014-02-15 10:09:29 ----D---- C:\ProgramData\Ashampoo
2014-02-15 10:09:27 ----D---- C:\Program Files\Ashampoo
2014-02-14 18:30:26 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 18:30:26 ----A---- C:\Windows\system32\mshtmled.dll
2014-02-14 18:30:22 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 18:30:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 18:30:22 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 18:30:22 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 18:30:21 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 18:30:21 ----A---- C:\Windows\system32\jscript.dll
2014-02-14 18:30:20 ----A---- C:\Windows\system32\url.dll
2014-02-14 18:30:20 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 18:30:20 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 18:30:19 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 18:30:18 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 18:30:17 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 18:02:23 ----A---- C:\Windows\system32\msxml3.dll
2014-02-10 19:24:03 ----D---- C:\Program Files\PDF Architect
2014-02-10 19:23:34 ----D---- C:\Users\Honza\AppData\Roaming\pdfforge
2014-02-10 19:23:31 ----A---- C:\Windows\system32\pdfcmon.dll
2014-02-10 19:23:30 ----A---- C:\Windows\system32\MSMPIDE.DLL
2014-02-10 19:23:29 ----D---- C:\Program Files\PDFCreator
2014-02-01 19:12:58 ----A---- C:\Windows\system32\javaws.exe
2014-02-01 19:12:52 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-02-01 19:12:52 ----A---- C:\Windows\system32\javaw.exe
2014-02-01 19:12:52 ----A---- C:\Windows\system32\java.exe
2014-01-31 22:32:03 ----D---- C:\Users\Honza\AppData\Roaming\Spotify
2014-01-26 20:54:56 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-01-26 20:49:33 ----D---- C:\Program Files\gs
2014-01-26 20:49:13 ----D---- C:\Program Files\Neuratron PhotoScore Lite
2014-01-26 20:23:43 ----A---- C:\Windows\{C6CF8699-A2AD-401D-952B-713B713EC9AC}_WiseFW.ini
2014-01-26 20:20:48 ----D---- C:\Users\Honza\AppData\Roaming\Sibelius Software
2014-01-26 20:16:48 ----A---- C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
======List of files/folders modified in the last 1 month======
2014-02-17 18:08:09 ----D---- C:\Windows\Temp
2014-02-17 18:08:03 ----D---- C:\Windows\Prefetch
2014-02-17 18:07:50 ----RD---- C:\Program Files
2014-02-17 17:59:14 ----D---- C:\Windows\system32\WDI
2014-02-17 17:49:16 ----D---- C:\Windows\System32
2014-02-17 17:47:45 ----D---- C:\Windows\system32\drivers
2014-02-17 17:11:25 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2014-02-16 16:00:44 ----SHD---- C:\System Volume Information
2014-02-16 09:25:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-15 22:59:43 ----D---- C:\Windows\system32\LogFiles
2014-02-15 10:09:29 ----HD---- C:\ProgramData
2014-02-14 19:00:37 ----D---- C:\Windows\Microsoft.NET
2014-02-14 18:59:53 ----RSD---- C:\Windows\assembly
2014-02-14 18:48:32 ----D---- C:\Windows\system32\migration
2014-02-14 18:48:32 ----D---- C:\Program Files\Internet Explorer
2014-02-14 18:37:31 ----D---- C:\Windows\winsxs
2014-02-14 18:34:54 ----D---- C:\Windows\system32\MRT
2014-02-14 18:34:50 ----A---- C:\Windows\system32\mrt.exe
2014-02-14 18:34:43 ----SHD---- C:\Windows\Installer
2014-02-14 18:32:39 ----D---- C:\Windows\system32\catroot2
2014-02-14 18:32:39 ----D---- C:\Windows\system32\catroot
2014-02-14 18:31:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-14 18:31:40 ----D---- C:\Windows\inf
2014-02-12 20:15:44 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2014-02-11 00:44:52 ----D---- C:\Users\Honza\AppData\Roaming\AIMP3
2014-02-10 16:14:59 ----D---- C:\Windows
2014-02-10 16:12:06 ----A---- C:\Windows\system32\wrap_oal.dll
2014-02-10 16:12:06 ----A---- C:\Windows\system32\OpenAL32.dll
2014-02-08 14:36:45 ----D---- C:\Windows\Tasks
2014-02-08 14:36:45 ----D---- C:\Windows\system32\Tasks
2014-02-06 16:01:21 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-02-01 19:13:05 ----D---- C:\ProgramData\Oracle
2014-02-01 19:12:51 ----D---- C:\Program Files\Java
2014-01-28 22:22:12 ----D---- C:\Windows\system32\drivers\etc
2014-01-27 00:13:53 ----D---- C:\Program Files\OmegaT
2014-01-26 20:49:12 ----RSD---- C:\Windows\Fonts
2014-01-26 20:21:06 ----D---- C:\ProgramData\Sibelius Software
2014-01-26 20:16:51 ----D---- C:\Program Files\Sibelius Software
2014-01-22 17:10:40 ----D---- C:\Windows\pss
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-31 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-31 180248]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-31 158272]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2013-12-31 911680]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2013-12-31 581984]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2006-01-27 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2006-01-27 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2006-01-27 410784]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2006-01-27 57672]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-02-12 230736]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2006-01-27 67824]
R2 PfModNT;PfModNT; \??\C:\Windows\system32\drivers\PfModNT.sys [2008-03-20 15896]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-31 160288]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2008-03-20 98328]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2008-03-20 524824]
R3 CTEDSPIO.SYS;CTEDSPIO.SYS; C:\Windows\System32\drivers\CTEDSPIO.SYS [2008-03-20 134168]
R3 CTEDSPSY.SYS;CTEDSPSY.SYS; C:\Windows\System32\drivers\CTEDSPSY.SYS [2008-03-20 309784]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2008-03-20 14360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2008-03-20 159256]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2008-03-20 95768]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2008-03-20 802840]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2008-03-20 129560]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S1 SDManager;SDManager; \??\C:\Program Files\SpywareDetector\SDManager.sys []
S3 acsint;acsint; C:\Windows\system32\DRIVERS\acsint.sys [2012-01-13 38440]
S3 acsmux;acsmux; C:\Windows\system32\DRIVERS\acsmux.sys [2012-01-13 57000]
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2008-03-20 98328]
S3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2008-03-20 171032]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2008-03-20 171032]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2008-03-20 511000]
S3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2008-03-20 528920]
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2008-03-20 528920]
S3 CTEAPSFX.SYS;CTEAPSFX.SYS; C:\Windows\System32\drivers\CTEAPSFX.SYS [2008-03-20 163352]
S3 CTEAPSFX;CTEAPSFX; C:\Windows\system32\drivers\CTEAPSFX.SYS [2008-03-20 163352]
S3 CTEDSPFX.SYS;CTEDSPFX.SYS; C:\Windows\System32\drivers\CTEDSPFX.SYS [2008-03-20 259096]
S3 CTEDSPFX;CTEDSPFX; C:\Windows\system32\drivers\CTEDSPFX.SYS [2008-03-20 259096]
S3 CTEDSPIO;CTEDSPIO; C:\Windows\system32\drivers\CTEDSPIO.SYS [2008-03-20 134168]
S3 CTEDSPSY;CTEDSPSY; C:\Windows\system32\drivers\CTEDSPSY.SYS [2008-03-20 309784]
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2008-03-20 99352]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2008-03-20 99352]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2008-03-20 1324056]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2008-03-20 1324056]
S3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2008-03-20 72728]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2008-03-20 72728]
S3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2008-03-20 534040]
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2008-03-20 534040]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FreshIO;FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2008-02-21 15600]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-18 1841312]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows; C:\Windows\system32\DRIVERS\vpnva.sys [2012-01-13 23464]
S3 ZY202_XP;ZyXEL 802.11g XG202 1211 Driver; C:\Windows\system32\DRIVERS\WlanUZXP.sys [2006-11-27 437760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 661008]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-31 2480048]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2006-01-27 50344]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PirritDesktop;PirritDesktop; C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe [2014-02-14 52568]
R2 PirritUpdater;PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [2014-02-14 59904]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-01-13 476112]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-11-18 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06 257928]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-12-23 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-23 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2011-04-05 149352]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
1place vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 1place vir
Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: 1place vir
Udělal jsem podle postupu... zde je výsledek:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by Honza (administrator) on PC-HONZA on 18-02-2014 16:10:27
Running from C:\Users\Honza\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Creative Technology Ltd) C:\Windows\System32\CTHELPER.EXE
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NTeWORKS) C:\Program Files\PicPick\picpick.exe
(Spotify Ltd) C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Acronis) C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(E-MU Systems) C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe
() C:\Program Files\Pirrit\AutoUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Honza\AppData\Local\PirritSuggestor\PirritDesktop.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4669440 2007-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-06-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2006-01-27] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2006-01-27] (AVAST Software)
HKLM\...\Run: [CTHelper] - C:\Windows\system32\CTHELPER.EXE [23040 2008-03-20] (Creative Technology Ltd)
HKLM\...\Run: [CTxfiHlp] - C:\Windows\system32\CTXFIHLP.EXE [23552 2008-03-20] (Creative Technology Ltd)
HKU\.DEFAULT\...\Run: [Google Update] - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-08] (Google Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Run: [PicPick Start] - C:\Program Files\PicPick\picpick.exe [13255512 2013-12-07] (NTeWORKS)
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Run: [Spotify Web Helper] - C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-31] (Spotify Ltd)
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PatchMix DSP Application.lnk
ShortcutTarget: PatchMix DSP Application.lnk -> C:\Program Files\Creative Professional\Digital Audio System\E-MU PatchMix DSP\EmuPatchMixDSP.exe (No File)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - {BE9654C9-9D79-42ec-B55A-3CAEB12DBF58} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.cz/
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\ietab@ip.cn [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\isreaditlater@ideashower.com [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\xmlfiller@software602.cz [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-11]
FF Extension: FEBE - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596} [2011-03-11]
FF Extension: Web Developer - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011-03-11]
FF Extension: Pirrit Suggestor - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\suggestor@suggestor.pirrit.com.xpi [2013-12-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-03-11]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-02-10]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-21]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-21]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-21]
CHR Extension: (AdBlock) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-04]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-21]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-21]
========================== Services (Whitelisted) =================
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [661008 2009-11-26] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2480048 2013-12-31] (Acronis)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2006-01-27] (AVAST Software)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
U2 PirritDesktop; C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [476112 2012-01-13] (Cisco Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [38440 2012-01-13] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [57000 2012-01-13] (Cisco Systems, Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2006-01-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2006-01-27] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2006-01-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2006-01-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2006-01-27] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2013-12-31] ()
S3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [98328 2008-03-20] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [98328 2008-03-20] (Creative Technology Ltd)
S3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [528920 2008-03-20] (Creative Technology Ltd)
S3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [528920 2008-03-20] (Creative Technology Ltd)
S3 CTEAPSFX; C:\Windows\System32\drivers\CTEAPSFX.SYS [163352 2008-03-20] (Creative Technology Ltd)
S3 CTEAPSFX.SYS; C:\Windows\System32\drivers\CTEAPSFX.SYS [163352 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPFX; C:\Windows\System32\drivers\CTEDSPFX.SYS [259096 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPFX.SYS; C:\Windows\System32\drivers\CTEDSPFX.SYS [259096 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPIO; C:\Windows\System32\drivers\CTEDSPIO.SYS [134168 2008-03-20] (Creative Technology Ltd)
R3 CTEDSPIO.SYS; C:\Windows\System32\drivers\CTEDSPIO.SYS [134168 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPSY; C:\Windows\System32\drivers\CTEDSPSY.SYS [309784 2008-03-20] (Creative Technology Ltd)
R3 CTEDSPSY.SYS; C:\Windows\System32\drivers\CTEDSPSY.SYS [309784 2008-03-20] (Creative Technology Ltd)
S3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [99352 2008-03-20] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [99352 2008-03-20] (Creative Technology Ltd)
S3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [534040 2008-03-20] (Creative Technology Ltd)
S3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [534040 2008-03-20] (Creative Technology Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [15600 2008-02-21] (Windows (R) 2000 DDK provider)
R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [802840 2008-03-20] (Creative Technology Ltd)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 PfModNT; C:\Windows\system32\drivers\PfModNT.sys [15896 2008-03-20] (Creative Technology Ltd.)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [911680 2013-12-31] (Acronis)
S3 ZY202_XP; C:\Windows\System32\DRIVERS\WlanUZXP.sys [437760 2006-11-27] (ZyDAS Technology Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SDManager; \??\C:\Program Files\SpywareDetector\SDManager.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-18 16:10 - 2014-02-18 16:10 - 00019701 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-18 16:10 - 2014-02-18 16:10 - 00000000 ____D () C:\FRST
2014-02-18 16:05 - 2014-02-18 16:05 - 01141248 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2014-02-18 16:02 - 2014-02-18 16:02 - 01141248 _____ (Farbar) C:\Users\Honza\Downloads\FRST.exe
2014-02-17 18:07 - 2014-02-17 18:08 - 00000000 ____D () C:\rsit
2014-02-17 18:07 - 2014-02-17 18:08 - 00000000 ____D () C:\Program Files\trend micro
2014-02-17 17:48 - 2014-02-17 17:48 - 00003649 _____ () C:\Users\Honza\Desktop\RKreport[0]_H_02172014_174809.txt
2014-02-17 17:48 - 2014-02-17 17:48 - 00002922 _____ () C:\Users\Honza\Desktop\RKreport[0]_DN_02172014_174828.txt
2014-02-17 17:42 - 2014-02-17 17:49 - 00000000 ____D () C:\Users\Honza\Desktop\RK_Quarantine
2014-02-17 17:35 - 2014-02-17 17:35 - 00004124 _____ () C:\Users\Honza\Documents\cc_20140217_173526.reg
2014-02-15 10:22 - 2014-02-15 10:22 - 00000000 ____D () C:\Users\Honza\Documents\Ashampoo Burning Studio FREE
2014-02-15 10:19 - 2014-02-15 10:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 10:10 - 2014-02-15 10:10 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00001129 _____ () C:\Users\Honza\Desktop\Ashampoo Burning Studio FREE .lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00001105 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Users\Honza\AppData\Local\ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Program Files\Ashampoo
2014-02-14 18:30 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 18:30 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 18:30 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 18:30 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 18:30 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 18:30 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 18:30 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 18:30 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 18:30 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 18:30 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 18:30 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 18:30 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 18:02 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 17:55 - 2014-02-17 17:46 - 00000000 ____D () C:\Users\Honza\AppData\Local\PirritSuggestor
2014-02-10 19:24 - 2014-02-10 19:24 - 00000811 _____ () C:\Users\Honza\Desktop\PDF Architect.lnk
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Users\Honza\Documents\PDF Architect Files
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Program Files\PDF Architect
2014-02-10 19:23 - 2014-02-10 19:25 - 00000000 ____D () C:\Program Files\PDFCreator
2014-02-10 19:23 - 2014-02-10 19:23 - 00000837 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-02-10 19:23 - 2014-02-10 19:23 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\pdfforge
2014-02-10 19:23 - 2013-04-09 14:13 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-02-10 19:23 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\system32\MSMAPI32.OCX
2014-02-10 19:23 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\MSMPIDE.DLL
2014-02-10 16:14 - 2014-02-10 16:14 - 04958588 _____ () C:\Windows\{00000004-00000000-00000000-00001102-00000008-40021102}.CDF
2014-02-08 14:36 - 2014-02-18 01:41 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-02-08 14:36 - 2014-02-15 14:51 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-02-04 21:41 - 2014-02-04 21:41 - 00000540 _____ () C:\Users\Honza\Desktop\VPN Viritus – zástupce.lnk
2014-02-03 19:49 - 2014-02-03 19:49 - 00000553 _____ () C:\Users\Honza\Desktop\malá a velká.txt
2014-02-01 19:12 - 2014-02-01 19:12 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-01 19:12 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-01 19:12 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-01 19:12 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-01 19:12 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-31 22:32 - 2014-02-01 18:34 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Spotify
2014-01-31 22:32 - 2014-02-01 16:28 - 00000000 ____D () C:\Users\Honza\AppData\Local\Spotify
2014-01-31 22:32 - 2014-01-31 22:32 - 00001720 _____ () C:\Users\Honza\Desktop\Spotify.lnk
2014-01-31 22:32 - 2014-01-31 22:32 - 00001706 _____ () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-27 19:25 - 2014-01-27 19:25 - 00000074 _____ () C:\Users\Honza\Desktop\Překaldy tools.txt
2014-01-27 00:14 - 2014-01-27 00:14 - 00000000 ____D () C:\Users\Honza\AppData\Local\Microsoft Corporation
2014-01-26 20:54 - 2014-01-26 20:55 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-01-26 20:49 - 2014-02-10 16:49 - 00000906 _____ () C:\Users\Public\Desktop\PhotoScore Lite Music Scanning.lnk
2014-01-26 20:49 - 2014-02-10 16:49 - 00000000 ____D () C:\Program Files\Neuratron PhotoScore Lite
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Program Files\gs
2014-01-26 20:23 - 2014-01-26 20:24 - 00000309 _____ () C:\Windows\{C6CF8699-A2AD-401D-952B-713B713EC9AC}_WiseFW.ini
2014-01-26 20:21 - 2014-01-26 20:21 - 00000624 ____H () C:\Windows\system32\T4
2014-01-26 20:20 - 2014-01-26 20:21 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Sibelius Software
2014-01-26 20:18 - 2014-01-26 20:24 - 00001963 _____ () C:\Users\Public\Desktop\Sibelius 6.lnk
2014-01-26 20:16 - 2014-01-26 20:18 - 00000452 _____ () C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2014-01-23 21:25 - 2014-01-23 21:25 - 00000000 ____D () C:\Users\Honza\Documents\Signore delle cime (SATB)
2014-01-23 21:24 - 2014-01-23 21:24 - 00006520 _____ () C:\Users\Honza\Documents\Signore delle cime (SATB).zip
2014-01-20 23:05 - 2014-01-20 23:04 - 00055167 _____ () C:\Users\Honza\Documents\test_EN_CS_1.zip
2014-01-20 16:28 - 2014-01-20 16:28 - 00001597 _____ () C:\Users\Honza\Desktop\Remote Desktop Connection.lnk
2014-01-20 16:11 - 2014-01-25 20:33 - 00009395 _____ () C:\Users\Honza\Documents\lekce_prehled_00.xlsx
2014-01-19 20:40 - 2014-01-19 20:41 - 98633040 _____ (Apple Inc.) C:\Users\Honza\Downloads\iTunesSetup.exe
==================== One Month Modified Files and Folders =======
2014-02-18 16:10 - 2014-02-18 16:10 - 00019701 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-18 16:10 - 2014-02-18 16:10 - 00000000 ____D () C:\FRST
2014-02-18 16:05 - 2014-02-18 16:05 - 01141248 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2014-02-18 16:05 - 2006-11-02 13:52 - 01104517 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 16:02 - 2014-02-18 16:02 - 01141248 _____ (Farbar) C:\Users\Honza\Downloads\FRST.exe
2014-02-18 16:01 - 2013-01-17 21:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-18 15:54 - 2013-12-21 20:23 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-18 15:54 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 15:54 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-18 15:54 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-18 01:49 - 2006-11-02 14:01 - 00032518 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-18 01:41 - 2014-02-08 14:36 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-02-18 01:41 - 2013-12-21 20:23 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 18:08 - 2014-02-17 18:07 - 00000000 ____D () C:\rsit
2014-02-17 18:08 - 2014-02-17 18:07 - 00000000 ____D () C:\Program Files\trend micro
2014-02-17 17:49 - 2014-02-17 17:42 - 00000000 ____D () C:\Users\Honza\Desktop\RK_Quarantine
2014-02-17 17:48 - 2014-02-17 17:48 - 00003649 _____ () C:\Users\Honza\Desktop\RKreport[0]_H_02172014_174809.txt
2014-02-17 17:48 - 2014-02-17 17:48 - 00002922 _____ () C:\Users\Honza\Desktop\RKreport[0]_DN_02172014_174828.txt
2014-02-17 17:46 - 2014-02-14 17:55 - 00000000 ____D () C:\Users\Honza\AppData\Local\PirritSuggestor
2014-02-17 17:35 - 2014-02-17 17:35 - 00004124 _____ () C:\Users\Honza\Documents\cc_20140217_173526.reg
2014-02-17 17:11 - 2013-04-28 18:10 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\vlc
2014-02-17 17:06 - 2008-10-24 19:15 - 00015360 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-17 00:41 - 2014-01-16 18:51 - 00001758 ____H () C:\Users\Honza\Documents\Default.rdp
2014-02-16 09:25 - 2013-01-17 21:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-15 22:59 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-02-15 14:51 - 2014-02-08 14:36 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-02-15 10:22 - 2014-02-15 10:22 - 00000000 ____D () C:\Users\Honza\Documents\Ashampoo Burning Studio FREE
2014-02-15 10:19 - 2014-02-15 10:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 10:10 - 2014-02-15 10:10 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00001129 _____ () C:\Users\Honza\Desktop\Ashampoo Burning Studio FREE .lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00001105 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Users\Honza\AppData\Local\ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Program Files\Ashampoo
2014-02-14 19:00 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 18:37 - 2013-10-01 23:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 18:34 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-14 18:31 - 2006-11-02 11:33 - 01515246 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 20:15 - 2008-02-19 21:22 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Skype
2014-02-12 15:59 - 2008-02-19 20:52 - 00002395 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-11 00:44 - 2014-01-02 01:00 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\AIMP3
2014-02-10 21:18 - 2013-12-31 11:09 - 00223468 _____ () C:\Windows\PFRO.log
2014-02-10 19:25 - 2014-02-10 19:23 - 00000000 ____D () C:\Program Files\PDFCreator
2014-02-10 19:24 - 2014-02-10 19:24 - 00000811 _____ () C:\Users\Honza\Desktop\PDF Architect.lnk
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Users\Honza\Documents\PDF Architect Files
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Program Files\PDF Architect
2014-02-10 19:23 - 2014-02-10 19:23 - 00000837 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-02-10 19:23 - 2014-02-10 19:23 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\pdfforge
2014-02-10 16:49 - 2014-01-26 20:49 - 00000906 _____ () C:\Users\Public\Desktop\PhotoScore Lite Music Scanning.lnk
2014-02-10 16:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Program Files\Neuratron PhotoScore Lite
2014-02-10 16:14 - 2014-02-10 16:14 - 04958588 _____ () C:\Windows\{00000004-00000000-00000000-00001102-00000008-40021102}.CDF
2014-02-10 16:12 - 2008-02-19 21:25 - 00409600 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-02-10 16:12 - 2008-02-19 21:25 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-02-06 16:01 - 2013-01-17 21:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-06 16:01 - 2011-10-29 10:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 09:58 - 2014-02-14 18:30 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-14 18:30 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-14 18:30 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-14 18:30 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-14 18:30 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-14 18:30 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 18:30 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 18:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:47 - 2014-02-14 18:30 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 18:30 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 18:30 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-04 21:41 - 2014-02-04 21:41 - 00000540 _____ () C:\Users\Honza\Desktop\VPN Viritus – zástupce.lnk
2014-02-04 14:39 - 2013-12-21 20:24 - 00001980 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 19:49 - 2014-02-03 19:49 - 00000553 _____ () C:\Users\Honza\Desktop\malá a velká.txt
2014-02-01 19:12 - 2014-02-01 19:12 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-01 19:12 - 2013-07-14 09:02 - 00000000 ____D () C:\Program Files\Java
2014-02-01 18:34 - 2014-01-31 22:32 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Spotify
2014-02-01 16:28 - 2014-01-31 22:32 - 00000000 ____D () C:\Users\Honza\AppData\Local\Spotify
2014-01-31 22:32 - 2014-01-31 22:32 - 00001720 _____ () C:\Users\Honza\Desktop\Spotify.lnk
2014-01-31 22:32 - 2014-01-31 22:32 - 00001706 _____ () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-27 19:25 - 2014-01-27 19:25 - 00000074 _____ () C:\Users\Honza\Desktop\Překaldy tools.txt
2014-01-27 00:14 - 2014-01-27 00:14 - 00000000 ____D () C:\Users\Honza\AppData\Local\Microsoft Corporation
2014-01-27 00:14 - 2008-02-19 20:10 - 00134112 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 00:13 - 2014-01-13 17:04 - 00000000 ____D () C:\Program Files\OmegaT
2014-01-27 00:10 - 2013-01-17 21:47 - 00000000 ____D () C:\Users\Honza\Documents\Scores
2014-01-26 20:55 - 2014-01-26 20:54 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Program Files\gs
2014-01-26 20:24 - 2014-01-26 20:23 - 00000309 _____ () C:\Windows\{C6CF8699-A2AD-401D-952B-713B713EC9AC}_WiseFW.ini
2014-01-26 20:24 - 2014-01-26 20:18 - 00001963 _____ () C:\Users\Public\Desktop\Sibelius 6.lnk
2014-01-26 20:21 - 2014-01-26 20:21 - 00000624 ____H () C:\Windows\system32\T4
2014-01-26 20:21 - 2014-01-26 20:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Sibelius Software
2014-01-26 20:18 - 2014-01-26 20:16 - 00000452 _____ () C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2014-01-26 20:16 - 2013-01-17 21:46 - 00000000 ____D () C:\Program Files\Sibelius Software
2014-01-26 19:54 - 2013-12-31 22:15 - 00002367 _____ () C:\Windows\setupact.log
2014-01-26 11:58 - 2008-02-19 20:10 - 00000000 ____D () C:\Users\Honza
2014-01-26 11:06 - 2008-02-19 20:56 - 00000000 ____D () C:\Users\Honza\AppData\Local\Adobe
2014-01-25 20:33 - 2014-01-20 16:11 - 00009395 _____ () C:\Users\Honza\Documents\lekce_prehled_00.xlsx
2014-01-23 21:25 - 2014-01-23 21:25 - 00000000 ____D () C:\Users\Honza\Documents\Signore delle cime (SATB)
2014-01-23 21:24 - 2014-01-23 21:24 - 00006520 _____ () C:\Users\Honza\Documents\Signore delle cime (SATB).zip
2014-01-22 17:10 - 2011-03-17 20:26 - 00000000 ____D () C:\Windows\pss
2014-01-20 23:04 - 2014-01-20 23:05 - 00055167 _____ () C:\Users\Honza\Documents\test_EN_CS_1.zip
2014-01-20 16:28 - 2014-01-20 16:28 - 00001597 _____ () C:\Users\Honza\Desktop\Remote Desktop Connection.lnk
2014-01-19 20:41 - 2014-01-19 20:40 - 98633040 _____ (Apple Inc.) C:\Users\Honza\Downloads\iTunesSetup.exe
Some content of TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\bitool.dll
C:\Users\Honza\AppData\Local\Temp\install_flashplayer12x32au_mssd_aaa_aih.exe
C:\Users\Honza\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Honza\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Honza\AppData\Local\Temp\Update.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 16:07
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by Honza (administrator) on PC-HONZA on 18-02-2014 16:10:27
Running from C:\Users\Honza\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Creative Technology Ltd) C:\Windows\System32\CTHELPER.EXE
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NTeWORKS) C:\Program Files\PicPick\picpick.exe
(Spotify Ltd) C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Acronis) C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(E-MU Systems) C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe
() C:\Program Files\Pirrit\AutoUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Honza\AppData\Local\PirritSuggestor\PirritDesktop.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4669440 2007-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-06-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2006-01-27] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2006-01-27] (AVAST Software)
HKLM\...\Run: [CTHelper] - C:\Windows\system32\CTHELPER.EXE [23040 2008-03-20] (Creative Technology Ltd)
HKLM\...\Run: [CTxfiHlp] - C:\Windows\system32\CTXFIHLP.EXE [23552 2008-03-20] (Creative Technology Ltd)
HKU\.DEFAULT\...\Run: [Google Update] - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-08] (Google Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Run: [PicPick Start] - C:\Program Files\PicPick\picpick.exe [13255512 2013-12-07] (NTeWORKS)
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Run: [Spotify Web Helper] - C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-31] (Spotify Ltd)
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3962352817-3535899674-181712600-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PatchMix DSP Application.lnk
ShortcutTarget: PatchMix DSP Application.lnk -> C:\Program Files\Creative Professional\Digital Audio System\E-MU PatchMix DSP\EmuPatchMixDSP.exe (No File)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - {BE9654C9-9D79-42ec-B55A-3CAEB12DBF58} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.cz/
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\ietab@ip.cn [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\isreaditlater@ideashower.com [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\xmlfiller@software602.cz [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-11]
FF Extension: FEBE - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596} [2011-03-11]
FF Extension: Web Developer - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2011-03-11]
FF Extension: No Name - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011-03-11]
FF Extension: Pirrit Suggestor - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza\Extensions\suggestor@suggestor.pirrit.com.xpi [2013-12-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-03-11]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-02-10]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-21]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-21]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-21]
CHR Extension: (AdBlock) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-04]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-21]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-21]
========================== Services (Whitelisted) =================
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [661008 2009-11-26] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2480048 2013-12-31] (Acronis)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2006-01-27] (AVAST Software)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
U2 PirritDesktop; C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [476112 2012-01-13] (Cisco Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [38440 2012-01-13] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [57000 2012-01-13] (Cisco Systems, Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2006-01-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2006-01-27] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2006-01-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2006-01-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2006-01-27] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2013-12-31] ()
S3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [98328 2008-03-20] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [98328 2008-03-20] (Creative Technology Ltd)
S3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [528920 2008-03-20] (Creative Technology Ltd)
S3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [528920 2008-03-20] (Creative Technology Ltd)
S3 CTEAPSFX; C:\Windows\System32\drivers\CTEAPSFX.SYS [163352 2008-03-20] (Creative Technology Ltd)
S3 CTEAPSFX.SYS; C:\Windows\System32\drivers\CTEAPSFX.SYS [163352 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPFX; C:\Windows\System32\drivers\CTEDSPFX.SYS [259096 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPFX.SYS; C:\Windows\System32\drivers\CTEDSPFX.SYS [259096 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPIO; C:\Windows\System32\drivers\CTEDSPIO.SYS [134168 2008-03-20] (Creative Technology Ltd)
R3 CTEDSPIO.SYS; C:\Windows\System32\drivers\CTEDSPIO.SYS [134168 2008-03-20] (Creative Technology Ltd)
S3 CTEDSPSY; C:\Windows\System32\drivers\CTEDSPSY.SYS [309784 2008-03-20] (Creative Technology Ltd)
R3 CTEDSPSY.SYS; C:\Windows\System32\drivers\CTEDSPSY.SYS [309784 2008-03-20] (Creative Technology Ltd)
S3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [99352 2008-03-20] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [99352 2008-03-20] (Creative Technology Ltd)
S3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [534040 2008-03-20] (Creative Technology Ltd)
S3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [534040 2008-03-20] (Creative Technology Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [15600 2008-02-21] (Windows (R) 2000 DDK provider)
R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [802840 2008-03-20] (Creative Technology Ltd)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 PfModNT; C:\Windows\system32\drivers\PfModNT.sys [15896 2008-03-20] (Creative Technology Ltd.)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [911680 2013-12-31] (Acronis)
S3 ZY202_XP; C:\Windows\System32\DRIVERS\WlanUZXP.sys [437760 2006-11-27] (ZyDAS Technology Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SDManager; \??\C:\Program Files\SpywareDetector\SDManager.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-18 16:10 - 2014-02-18 16:10 - 00019701 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-18 16:10 - 2014-02-18 16:10 - 00000000 ____D () C:\FRST
2014-02-18 16:05 - 2014-02-18 16:05 - 01141248 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2014-02-18 16:02 - 2014-02-18 16:02 - 01141248 _____ (Farbar) C:\Users\Honza\Downloads\FRST.exe
2014-02-17 18:07 - 2014-02-17 18:08 - 00000000 ____D () C:\rsit
2014-02-17 18:07 - 2014-02-17 18:08 - 00000000 ____D () C:\Program Files\trend micro
2014-02-17 17:48 - 2014-02-17 17:48 - 00003649 _____ () C:\Users\Honza\Desktop\RKreport[0]_H_02172014_174809.txt
2014-02-17 17:48 - 2014-02-17 17:48 - 00002922 _____ () C:\Users\Honza\Desktop\RKreport[0]_DN_02172014_174828.txt
2014-02-17 17:42 - 2014-02-17 17:49 - 00000000 ____D () C:\Users\Honza\Desktop\RK_Quarantine
2014-02-17 17:35 - 2014-02-17 17:35 - 00004124 _____ () C:\Users\Honza\Documents\cc_20140217_173526.reg
2014-02-15 10:22 - 2014-02-15 10:22 - 00000000 ____D () C:\Users\Honza\Documents\Ashampoo Burning Studio FREE
2014-02-15 10:19 - 2014-02-15 10:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 10:10 - 2014-02-15 10:10 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00001129 _____ () C:\Users\Honza\Desktop\Ashampoo Burning Studio FREE .lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00001105 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Users\Honza\AppData\Local\ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Program Files\Ashampoo
2014-02-14 18:30 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 18:30 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 18:30 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 18:30 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 18:30 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 18:30 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 18:30 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 18:30 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 18:30 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 18:30 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 18:30 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 18:30 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 18:30 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 18:02 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 17:55 - 2014-02-17 17:46 - 00000000 ____D () C:\Users\Honza\AppData\Local\PirritSuggestor
2014-02-10 19:24 - 2014-02-10 19:24 - 00000811 _____ () C:\Users\Honza\Desktop\PDF Architect.lnk
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Users\Honza\Documents\PDF Architect Files
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Program Files\PDF Architect
2014-02-10 19:23 - 2014-02-10 19:25 - 00000000 ____D () C:\Program Files\PDFCreator
2014-02-10 19:23 - 2014-02-10 19:23 - 00000837 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-02-10 19:23 - 2014-02-10 19:23 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\pdfforge
2014-02-10 19:23 - 2013-04-09 14:13 - 00095416 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-02-10 19:23 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\system32\MSMAPI32.OCX
2014-02-10 19:23 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\MSMPIDE.DLL
2014-02-10 16:14 - 2014-02-10 16:14 - 04958588 _____ () C:\Windows\{00000004-00000000-00000000-00001102-00000008-40021102}.CDF
2014-02-08 14:36 - 2014-02-18 01:41 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-02-08 14:36 - 2014-02-15 14:51 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-02-04 21:41 - 2014-02-04 21:41 - 00000540 _____ () C:\Users\Honza\Desktop\VPN Viritus – zástupce.lnk
2014-02-03 19:49 - 2014-02-03 19:49 - 00000553 _____ () C:\Users\Honza\Desktop\malá a velká.txt
2014-02-01 19:12 - 2014-02-01 19:12 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-01 19:12 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-01 19:12 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-01 19:12 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-01 19:12 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-31 22:32 - 2014-02-01 18:34 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Spotify
2014-01-31 22:32 - 2014-02-01 16:28 - 00000000 ____D () C:\Users\Honza\AppData\Local\Spotify
2014-01-31 22:32 - 2014-01-31 22:32 - 00001720 _____ () C:\Users\Honza\Desktop\Spotify.lnk
2014-01-31 22:32 - 2014-01-31 22:32 - 00001706 _____ () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-27 19:25 - 2014-01-27 19:25 - 00000074 _____ () C:\Users\Honza\Desktop\Překaldy tools.txt
2014-01-27 00:14 - 2014-01-27 00:14 - 00000000 ____D () C:\Users\Honza\AppData\Local\Microsoft Corporation
2014-01-26 20:54 - 2014-01-26 20:55 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-01-26 20:49 - 2014-02-10 16:49 - 00000906 _____ () C:\Users\Public\Desktop\PhotoScore Lite Music Scanning.lnk
2014-01-26 20:49 - 2014-02-10 16:49 - 00000000 ____D () C:\Program Files\Neuratron PhotoScore Lite
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Program Files\gs
2014-01-26 20:23 - 2014-01-26 20:24 - 00000309 _____ () C:\Windows\{C6CF8699-A2AD-401D-952B-713B713EC9AC}_WiseFW.ini
2014-01-26 20:21 - 2014-01-26 20:21 - 00000624 ____H () C:\Windows\system32\T4
2014-01-26 20:20 - 2014-01-26 20:21 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Sibelius Software
2014-01-26 20:18 - 2014-01-26 20:24 - 00001963 _____ () C:\Users\Public\Desktop\Sibelius 6.lnk
2014-01-26 20:16 - 2014-01-26 20:18 - 00000452 _____ () C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2014-01-23 21:25 - 2014-01-23 21:25 - 00000000 ____D () C:\Users\Honza\Documents\Signore delle cime (SATB)
2014-01-23 21:24 - 2014-01-23 21:24 - 00006520 _____ () C:\Users\Honza\Documents\Signore delle cime (SATB).zip
2014-01-20 23:05 - 2014-01-20 23:04 - 00055167 _____ () C:\Users\Honza\Documents\test_EN_CS_1.zip
2014-01-20 16:28 - 2014-01-20 16:28 - 00001597 _____ () C:\Users\Honza\Desktop\Remote Desktop Connection.lnk
2014-01-20 16:11 - 2014-01-25 20:33 - 00009395 _____ () C:\Users\Honza\Documents\lekce_prehled_00.xlsx
2014-01-19 20:40 - 2014-01-19 20:41 - 98633040 _____ (Apple Inc.) C:\Users\Honza\Downloads\iTunesSetup.exe
==================== One Month Modified Files and Folders =======
2014-02-18 16:10 - 2014-02-18 16:10 - 00019701 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-18 16:10 - 2014-02-18 16:10 - 00000000 ____D () C:\FRST
2014-02-18 16:05 - 2014-02-18 16:05 - 01141248 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2014-02-18 16:05 - 2006-11-02 13:52 - 01104517 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 16:02 - 2014-02-18 16:02 - 01141248 _____ (Farbar) C:\Users\Honza\Downloads\FRST.exe
2014-02-18 16:01 - 2013-01-17 21:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-18 15:54 - 2013-12-21 20:23 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-18 15:54 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 15:54 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-18 15:54 - 2006-11-02 13:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-18 01:49 - 2006-11-02 14:01 - 00032518 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-18 01:41 - 2014-02-08 14:36 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-02-18 01:41 - 2013-12-21 20:23 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 18:08 - 2014-02-17 18:07 - 00000000 ____D () C:\rsit
2014-02-17 18:08 - 2014-02-17 18:07 - 00000000 ____D () C:\Program Files\trend micro
2014-02-17 17:49 - 2014-02-17 17:42 - 00000000 ____D () C:\Users\Honza\Desktop\RK_Quarantine
2014-02-17 17:48 - 2014-02-17 17:48 - 00003649 _____ () C:\Users\Honza\Desktop\RKreport[0]_H_02172014_174809.txt
2014-02-17 17:48 - 2014-02-17 17:48 - 00002922 _____ () C:\Users\Honza\Desktop\RKreport[0]_DN_02172014_174828.txt
2014-02-17 17:46 - 2014-02-14 17:55 - 00000000 ____D () C:\Users\Honza\AppData\Local\PirritSuggestor
2014-02-17 17:35 - 2014-02-17 17:35 - 00004124 _____ () C:\Users\Honza\Documents\cc_20140217_173526.reg
2014-02-17 17:11 - 2013-04-28 18:10 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\vlc
2014-02-17 17:06 - 2008-10-24 19:15 - 00015360 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-17 00:41 - 2014-01-16 18:51 - 00001758 ____H () C:\Users\Honza\Documents\Default.rdp
2014-02-16 09:25 - 2013-01-17 21:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-15 22:59 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-02-15 14:51 - 2014-02-08 14:36 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-02-15 10:22 - 2014-02-15 10:22 - 00000000 ____D () C:\Users\Honza\Documents\Ashampoo Burning Studio FREE
2014-02-15 10:19 - 2014-02-15 10:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 10:10 - 2014-02-15 10:10 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00001129 _____ () C:\Users\Honza\Desktop\Ashampoo Burning Studio FREE .lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00001105 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2014-02-15 10:09 - 2014-02-15 10:09 - 00000214 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Users\Honza\AppData\Local\ashampoo
2014-02-15 10:09 - 2014-02-15 10:09 - 00000000 ____D () C:\Program Files\Ashampoo
2014-02-14 19:00 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 18:37 - 2013-10-01 23:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 18:34 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-14 18:31 - 2006-11-02 11:33 - 01515246 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 20:15 - 2008-02-19 21:22 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Skype
2014-02-12 15:59 - 2008-02-19 20:52 - 00002395 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-11 00:44 - 2014-01-02 01:00 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\AIMP3
2014-02-10 21:18 - 2013-12-31 11:09 - 00223468 _____ () C:\Windows\PFRO.log
2014-02-10 19:25 - 2014-02-10 19:23 - 00000000 ____D () C:\Program Files\PDFCreator
2014-02-10 19:24 - 2014-02-10 19:24 - 00000811 _____ () C:\Users\Honza\Desktop\PDF Architect.lnk
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Users\Honza\Documents\PDF Architect Files
2014-02-10 19:24 - 2014-02-10 19:24 - 00000000 ____D () C:\Program Files\PDF Architect
2014-02-10 19:23 - 2014-02-10 19:23 - 00000837 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-02-10 19:23 - 2014-02-10 19:23 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\pdfforge
2014-02-10 16:49 - 2014-01-26 20:49 - 00000906 _____ () C:\Users\Public\Desktop\PhotoScore Lite Music Scanning.lnk
2014-02-10 16:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Program Files\Neuratron PhotoScore Lite
2014-02-10 16:14 - 2014-02-10 16:14 - 04958588 _____ () C:\Windows\{00000004-00000000-00000000-00001102-00000008-40021102}.CDF
2014-02-10 16:12 - 2008-02-19 21:25 - 00409600 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-02-10 16:12 - 2008-02-19 21:25 - 00114688 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-02-06 16:01 - 2013-01-17 21:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-06 16:01 - 2011-10-29 10:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 09:58 - 2014-02-14 18:30 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-14 18:30 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-14 18:30 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-14 18:30 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-14 18:30 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-14 18:30 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 18:30 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-14 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 18:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:47 - 2014-02-14 18:30 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 18:30 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 18:30 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-04 21:41 - 2014-02-04 21:41 - 00000540 _____ () C:\Users\Honza\Desktop\VPN Viritus – zástupce.lnk
2014-02-04 14:39 - 2013-12-21 20:24 - 00001980 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 19:49 - 2014-02-03 19:49 - 00000553 _____ () C:\Users\Honza\Desktop\malá a velká.txt
2014-02-01 19:12 - 2014-02-01 19:12 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-01 19:12 - 2013-07-14 09:02 - 00000000 ____D () C:\Program Files\Java
2014-02-01 18:34 - 2014-01-31 22:32 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Spotify
2014-02-01 16:28 - 2014-01-31 22:32 - 00000000 ____D () C:\Users\Honza\AppData\Local\Spotify
2014-01-31 22:32 - 2014-01-31 22:32 - 00001720 _____ () C:\Users\Honza\Desktop\Spotify.lnk
2014-01-31 22:32 - 2014-01-31 22:32 - 00001706 _____ () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-27 19:25 - 2014-01-27 19:25 - 00000074 _____ () C:\Users\Honza\Desktop\Překaldy tools.txt
2014-01-27 00:14 - 2014-01-27 00:14 - 00000000 ____D () C:\Users\Honza\AppData\Local\Microsoft Corporation
2014-01-27 00:14 - 2008-02-19 20:10 - 00134112 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 00:13 - 2014-01-13 17:04 - 00000000 ____D () C:\Program Files\OmegaT
2014-01-27 00:10 - 2013-01-17 21:47 - 00000000 ____D () C:\Users\Honza\Documents\Scores
2014-01-26 20:55 - 2014-01-26 20:54 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-01-26 20:49 - 2014-01-26 20:49 - 00000000 ____D () C:\Program Files\gs
2014-01-26 20:24 - 2014-01-26 20:23 - 00000309 _____ () C:\Windows\{C6CF8699-A2AD-401D-952B-713B713EC9AC}_WiseFW.ini
2014-01-26 20:24 - 2014-01-26 20:18 - 00001963 _____ () C:\Users\Public\Desktop\Sibelius 6.lnk
2014-01-26 20:21 - 2014-01-26 20:21 - 00000624 ____H () C:\Windows\system32\T4
2014-01-26 20:21 - 2014-01-26 20:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Sibelius Software
2014-01-26 20:18 - 2014-01-26 20:16 - 00000452 _____ () C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2014-01-26 20:16 - 2013-01-17 21:46 - 00000000 ____D () C:\Program Files\Sibelius Software
2014-01-26 19:54 - 2013-12-31 22:15 - 00002367 _____ () C:\Windows\setupact.log
2014-01-26 11:58 - 2008-02-19 20:10 - 00000000 ____D () C:\Users\Honza
2014-01-26 11:06 - 2008-02-19 20:56 - 00000000 ____D () C:\Users\Honza\AppData\Local\Adobe
2014-01-25 20:33 - 2014-01-20 16:11 - 00009395 _____ () C:\Users\Honza\Documents\lekce_prehled_00.xlsx
2014-01-23 21:25 - 2014-01-23 21:25 - 00000000 ____D () C:\Users\Honza\Documents\Signore delle cime (SATB)
2014-01-23 21:24 - 2014-01-23 21:24 - 00006520 _____ () C:\Users\Honza\Documents\Signore delle cime (SATB).zip
2014-01-22 17:10 - 2011-03-17 20:26 - 00000000 ____D () C:\Windows\pss
2014-01-20 23:04 - 2014-01-20 23:05 - 00055167 _____ () C:\Users\Honza\Documents\test_EN_CS_1.zip
2014-01-20 16:28 - 2014-01-20 16:28 - 00001597 _____ () C:\Users\Honza\Desktop\Remote Desktop Connection.lnk
2014-01-19 20:41 - 2014-01-19 20:40 - 98633040 _____ (Apple Inc.) C:\Users\Honza\Downloads\iTunesSetup.exe
Some content of TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\bitool.dll
C:\Users\Honza\AppData\Local\Temp\install_flashplayer12x32au_mssd_aaa_aih.exe
C:\Users\Honza\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Honza\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Honza\AppData\Local\Temp\Update.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 16:07
==================== End Of Log ============================
- Přílohy
-
- Addition.zip
- (7.31 KiB) Staženo 44 x
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 1place vir
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza
FF DefaultSearchEngine: ICQ Search
FF Keyword.URL: hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
C:\Program Files\Pirrit
C:\Users\Honza\AppData\Roaming\pdfforge
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Honza\AppData\Local\Temp
Task: {360D596D-20D3-4083-98FA-18534AA8E8EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {49C69D59-E3D0-47F6-AD56-50A2B4882D0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-18Core => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08] (Google Inc.)
Task: {6C16F0B8-1F84-4B18-B93C-FA4162DC6E90} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: 1place vir
Zde je odpověď:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-02-2014
Ran by Honza at 2014-02-19 19:19:35 Run:1
Running from F:\install\FRTS
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza
FF DefaultSearchEngine: ICQ Search
FF Keyword.URL: hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
C:\Program Files\Pirrit
C:\Users\Honza\AppData\Roaming\pdfforge
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Honza\AppData\Local\Temp
Task: {360D596D-20D3-4083-98FA-18534AA8E8EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {49C69D59-E3D0-47F6-AD56-50A2B4882D0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-18Core => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08] (Google Inc.)
Task: {6C16F0B8-1F84-4B18-B93C-FA4162DC6E90} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
=> Should not be moved.
Firefox DefaultSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
PirritUpdater => Service deleted successfully.
C:\Program Files\Pirrit => Moved successfully.
C:\Users\Honza\AppData\Roaming\pdfforge => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => Moved successfully.
"C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\Honza\AppData\Local\Temp => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{360D596D-20D3-4083-98FA-18534AA8E8EB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{360D596D-20D3-4083-98FA-18534AA8E8EB} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49C69D59-E3D0-47F6-AD56-50A2B4882D0B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49C69D59-E3D0-47F6-AD56-50A2B4882D0B} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-18Core => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-18Core => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C16F0B8-1F84-4B18-B93C-FA4162DC6E90} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C16F0B8-1F84-4B18-B93C-FA4162DC6E90} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
The system needs a manual reboot.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-02-2014
Ran by Honza at 2014-02-19 19:19:35 Run:1
Running from F:\install\FRTS
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.honza
FF DefaultSearchEngine: ICQ Search
FF Keyword.URL: hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
C:\Program Files\Pirrit
C:\Users\Honza\AppData\Roaming\pdfforge
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Honza\AppData\Local\Temp
Task: {360D596D-20D3-4083-98FA-18534AA8E8EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {49C69D59-E3D0-47F6-AD56-50A2B4882D0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-18Core => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08] (Google Inc.)
Task: {6C16F0B8-1F84-4B18-B93C-FA4162DC6E90} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-21] (Google Inc.)
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
=> Should not be moved.
Firefox DefaultSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
PirritUpdater => Service deleted successfully.
C:\Program Files\Pirrit => Moved successfully.
C:\Users\Honza\AppData\Roaming\pdfforge => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => Moved successfully.
"C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\Honza\AppData\Local\Temp => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{360D596D-20D3-4083-98FA-18534AA8E8EB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{360D596D-20D3-4083-98FA-18534AA8E8EB} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49C69D59-E3D0-47F6-AD56-50A2B4882D0B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49C69D59-E3D0-47F6-AD56-50A2B4882D0B} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-18Core => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-18Core => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C16F0B8-1F84-4B18-B93C-FA4162DC6E90} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C16F0B8-1F84-4B18-B93C-FA4162DC6E90} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
The system needs a manual reboot.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 1place vir
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: 1place vir
Super funguje to! -)
Jste šikovní, díky moc!
HOnza
Jste šikovní, díky moc!
HOnza
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 1place vir
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?