Prosím o kontrolu, FRST log

[ras099]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-05-2014 1
Ran by Owner (administrator) on MARTINEC on 24-05-2014 18:44:08
Running from C:\Documents and Settings\Owner\Plocha
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\charmap.exe
(Syntrillium Software Corporation) C:\Program Files\coolpro2\coolpro2.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [7307264 2005-10-17] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [86016 2005-10-17] (NVIDIA Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] => C:\WINDOWS\system32\HDAShCut.exe [61952 2005-01-07] (Windows (R) Server 2003 DDK provider)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [15473664 2005-11-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-02] (AVAST Software)
HKLM\...\Run: [Family Tree Builder Update] => C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-11-12] (MyHeritage)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []

Chrome:
=======
CHR StartupUrls: "hxxp://www.novinky.cz/"
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-24]
CHR Extension: (Freemake Video Downloader) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-02-26]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-24]
CHR Extension: (Color Changer for Facebook) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dheljpcbhldkdiabdemaflamgfnbpnkd [2014-02-24]
CHR Extension: (Facebook news) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb [2014-02-24]
CHR Extension: (Freemake Youtube Download Button) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-02-26]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-24]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-24]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-02-26]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-02-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-24]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-24] (AVAST Software)

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2014-02-24] (Cisco Systems, Inc.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [42496 2005-03-09] (Advanced Micro Devices)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-02-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-02-24] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-02-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-02-24] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-02-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-02-24] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [98432 2005-08-12] (NVIDIA Corporation)
S3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [70912 2010-03-04] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-09] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2010-03-04] (NVIDIA Corporation)
R3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [904680 2011-05-09] (Realtek Semiconductor Corporation )
R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] ()
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-24 18:44 - 2014-05-24 18:44 - 00010477 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-05-24 18:43 - 2014-05-24 18:44 - 00000000 ____D () C:\FRST
2014-05-24 18:43 - 2014-05-24 18:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-05-24 18:34 - 2014-05-24 18:34 - 01055232 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-05-15 22:07 - 2014-05-15 22:07 - 00000000 ____D () C:\Documents and Settings\Owner\Photos
2014-05-10 15:39 - 2014-05-10 15:39 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google
2014-05-10 14:56 - 2014-05-10 14:56 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Data aplikací\Thunderbird
2014-05-10 14:56 - 2014-05-10 14:56 - 00000000 ____D () C:\Documents and Settings\Guest\Data aplikací\Thunderbird
2014-05-10 14:56 - 2014-05-10 14:56 - 00000000 ____D () C:\Documents and Settings\Guest\Data aplikací\Mozilla
2014-05-03 20:30 - 2014-05-21 19:47 - 00000000 ____D () C:\Program Files\rajce
2014-05-03 20:30 - 2014-05-03 20:30 - 00000638 _____ () C:\Documents and Settings\All Users\Plocha\Rajče průvodce.lnk
2014-05-03 20:30 - 2014-05-03 20:30 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Rajče
2014-05-03 16:44 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\WINDOWS\system32\HexUniRTFBox.ocx
2014-05-03 16:44 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\WINDOWS\system32\PDFDocScout.DLL
2014-05-03 16:44 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\unicows.dll
2014-05-03 11:04 - 2014-05-03 16:43 - 00001129 _____ () C:\WINDOWS\MyHeritage.INI
2014-05-03 11:03 - 2014-05-06 19:31 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\MyHeritage
2014-05-03 11:03 - 2014-05-03 16:44 - 00000774 _____ () C:\Documents and Settings\Owner\Plocha\MyHeritage Family Tree Builder.lnk
2014-05-03 11:03 - 2014-05-03 11:09 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\MyHeritage
2014-05-03 11:03 - 2014-05-03 11:04 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\MyHeritage
2014-05-03 11:03 - 2014-05-03 11:03 - 00000000 ____D () C:\Documents and Settings\Owner\Nabídka Start\Programy\MyHeritage.com
2014-05-03 11:03 - 2014-05-03 11:03 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\The Complete Genealogy Reporter - FTB
2014-05-03 11:03 - 2003-07-06 13:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\system32\ijl15.dll
2014-05-03 11:03 - 2002-03-07 00:19 - 00454656 _____ () C:\WINDOWS\system32\PaintX.dll
2014-05-03 11:03 - 2000-05-22 16:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.ocx
2014-05-03 11:03 - 2000-03-13 23:00 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSSTDFMT.DLL
2014-05-03 11:03 - 1998-06-24 00:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmapi32.ocx
2014-05-03 11:02 - 2014-05-03 11:08 - 00000000 ____D () C:\Program Files\MyHeritage
2014-05-03 10:57 - 2014-05-03 10:57 - 00000000 ____D () C:\Documents and Settings\Owner\.ancestry2html
2014-05-01 16:01 - 2014-05-01 16:01 - 00000784 _____ () C:\Documents and Settings\Owner\Plocha\Zástupce - Ancestry.lnk
2014-05-01 15:59 - 2014-05-03 11:59 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Ancestry
2014-05-01 09:20 - 2014-05-01 10:37 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-04-30 18:50 - 2014-04-30 18:50 - 00000348 _____ () C:\Documents and Settings\Owner\Dokumenty\MARTIN.lnk
2014-04-30 17:48 - 2014-04-30 17:48 - 00000557 _____ () C:\Documents and Settings\Owner\Plocha\Zástupce - Mzda.lnk

==================== One Month Modified Files and Folders =======

2014-05-24 18:44 - 2014-05-24 18:44 - 00010477 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-05-24 18:44 - 2014-05-24 18:43 - 00000000 ____D () C:\FRST
2014-05-24 18:44 - 2014-02-24 11:46 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha
2014-05-24 18:43 - 2014-05-24 18:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-05-24 18:43 - 2014-02-24 11:46 - 00000000 ___HD () C:\Documents and Settings\Owner\Local Settings\Data aplikací
2014-05-24 18:34 - 2014-05-24 18:34 - 01055232 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-05-24 18:26 - 2014-02-24 12:24 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-05-24 18:26 - 2014-02-24 11:42 - 00358852 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-24 18:21 - 2014-02-24 12:01 - 00000000 _____ () C:\WINDOWS\RTacDbg.txt
2014-05-24 18:21 - 2014-02-24 11:54 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-05-24 18:20 - 2014-02-24 12:35 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-24 18:20 - 2014-02-24 12:35 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-05-24 18:20 - 2014-02-24 11:50 - 00039472 _____ () C:\WINDOWS\system32\nvapps.xml
2014-05-24 18:20 - 2014-02-24 11:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-24 15:11 - 2014-02-24 11:46 - 00032530 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-24 15:11 - 2014-02-24 11:46 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-05-23 23:26 - 2014-04-11 17:21 - 00012786 _____ () C:\WINDOWS\setupapi.log
2014-05-23 20:04 - 2006-03-02 14:00 - 00000576 _____ () C:\WINDOWS\win.ini
2014-05-23 20:04 - 2006-03-02 14:00 - 00000253 _____ () C:\WINDOWS\system.ini
2014-05-22 23:16 - 2014-02-24 12:12 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\AIMP3
2014-05-21 22:12 - 2014-02-24 12:56 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Skype
2014-05-21 21:07 - 2014-02-28 01:11 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\vlc
2014-05-21 20:17 - 2014-03-23 14:52 - 00053760 ___SH () C:\Documents and Settings\Owner\Plocha\Thumbs.db
2014-05-21 20:08 - 2014-02-24 11:46 - 00000000 ___RD () C:\Documents and Settings\Owner\Dokumenty\Obrázky
2014-05-21 20:08 - 2014-02-24 11:46 - 00000000 ___RD () C:\Documents and Settings\Owner\Dokumenty
2014-05-21 20:08 - 2014-02-24 11:46 - 00000000 ____D () C:\Documents and Settings\Owner
2014-05-21 20:06 - 2014-03-05 16:43 - 00000000 _____ () C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
2014-05-21 19:47 - 2014-05-03 20:30 - 00000000 ____D () C:\Program Files\rajce
2014-05-21 18:48 - 2006-03-02 14:00 - 00012984 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-15 22:07 - 2014-05-15 22:07 - 00000000 ____D () C:\Documents and Settings\Owner\Photos
2014-05-13 20:56 - 2014-03-05 18:43 - 00010240 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-13 19:23 - 2014-02-24 12:16 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Canon
2014-05-10 15:39 - 2014-05-10 15:39 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Data aplikací\Google
2014-05-10 15:39 - 2014-02-26 01:19 - 00000000 ___HD () C:\Documents and Settings\Guest\Local Settings\Data aplikací
2014-05-10 15:32 - 2014-02-26 01:19 - 00000000 ____D () C:\Documents and Settings\Guest\Plocha
2014-05-10 15:30 - 2014-02-26 01:20 - 00000553 _____ () C:\Documents and Settings\Guest\debug.log
2014-05-10 14:56 - 2014-05-10 14:56 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Data aplikací\Thunderbird
2014-05-10 14:56 - 2014-05-10 14:56 - 00000000 ____D () C:\Documents and Settings\Guest\Data aplikací\Thunderbird
2014-05-10 14:56 - 2014-05-10 14:56 - 00000000 ____D () C:\Documents and Settings\Guest\Data aplikací\Mozilla
2014-05-10 14:56 - 2014-02-26 01:19 - 00000000 __RHD () C:\Documents and Settings\Guest\Data aplikací
2014-05-06 19:31 - 2014-05-03 11:03 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\MyHeritage
2014-05-03 20:30 - 2014-05-03 20:30 - 00000638 _____ () C:\Documents and Settings\All Users\Plocha\Rajče průvodce.lnk
2014-05-03 20:30 - 2014-05-03 20:30 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Rajče
2014-05-03 20:30 - 2014-02-24 12:32 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-05-03 20:30 - 2014-02-24 12:32 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-05-03 16:44 - 2014-05-03 11:03 - 00000774 _____ () C:\Documents and Settings\Owner\Plocha\MyHeritage Family Tree Builder.lnk
2014-05-03 16:44 - 2014-02-24 11:59 - 00019520 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-05-03 16:43 - 2014-05-03 11:04 - 00001129 _____ () C:\WINDOWS\MyHeritage.INI
2014-05-03 11:59 - 2014-05-01 15:59 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Ancestry
2014-05-03 11:09 - 2014-05-03 11:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\MyHeritage
2014-05-03 11:08 - 2014-05-03 11:02 - 00000000 ____D () C:\Program Files\MyHeritage
2014-05-03 11:04 - 2014-05-03 11:03 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\MyHeritage
2014-05-03 11:03 - 2014-05-03 11:03 - 00000000 ____D () C:\Documents and Settings\Owner\Nabídka Start\Programy\MyHeritage.com
2014-05-03 11:03 - 2014-05-03 11:03 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\The Complete Genealogy Reporter - FTB
2014-05-03 11:03 - 2014-02-24 12:31 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-05-03 11:03 - 2014-02-24 11:46 - 00000000 __RHD () C:\Documents and Settings\Owner\Data aplikací
2014-05-03 11:03 - 2014-02-24 11:46 - 00000000 ___RD () C:\Documents and Settings\Owner\Nabídka Start\Programy
2014-05-03 10:57 - 2014-05-03 10:57 - 00000000 ____D () C:\Documents and Settings\Owner\.ancestry2html
2014-05-01 19:52 - 2014-02-26 01:08 - 00905248 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1547161642-515967899-682003330-1003-0.dat
2014-05-01 19:52 - 2014-02-26 01:08 - 00142890 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2014-05-01 16:01 - 2014-05-01 16:01 - 00000784 _____ () C:\Documents and Settings\Owner\Plocha\Zástupce - Ancestry.lnk
2014-05-01 15:37 - 2014-02-24 12:07 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-01 10:37 - 2014-05-01 09:20 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-04-30 18:50 - 2014-04-30 18:50 - 00000348 _____ () C:\Documents and Settings\Owner\Dokumenty\MARTIN.lnk
2014-04-30 17:48 - 2014-04-30 17:48 - 00000557 _____ () C:\Documents and Settings\Owner\Plocha\Zástupce - Mzda.lnk

Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Documents and Settings\Owner\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 0108544 ____A (Microsoft Corporation) f0d2ae69035092bf22dad6b50fab85c2

C:\WINDOWS\system32\User32.dll
[2006-03-02 14:00] - [2008-04-14 09:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll
[2006-03-02 14:00] - [2008-04-14 09:51] - 0399360 ____A (Microsoft Corporation) c868f3ae15cf71a93f2aa3a32856d839

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2006-03-02 14:00] - [2008-04-14 08:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 2430.12 MB
Total physical RAM: 3519.48 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Owner\Plocha" je 1 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3
C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Realtek\\11n USB Wireless LAN Utility\\RtWLan.exe"="C:\\Program Files\\Realtek\\11n USB Wireless LAN Utility\\RtWLan.exe:*:Enabled:RtWlan"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\\Programy\\Skype\\SkypePortable\\App\\Skype\\Phone\\Skype.exe"="E:\\Programy\\Skype\\SkypePortable\\App\\Skype\\Phone\\Skype.exe:*:Enabled:Skype "
"C:\\Program Files\\Java\\jre7\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre7\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1542:TCP"="1542:TCP:*:Enabled:Realtek WPS TCP Prot"
"1542:UDP"="1542:UDP:*:Enabled:Realtek WPS UDP Prot"
"53:UDP"="53:UDP:*:Enabled:Realtek AP UDP Prot"
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"54925:UDP"="54925:UDP:*:Enabled:BrotherNetwork Scanner"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Zdravim

Log vypada OK,je s PC nejaky problem??

[ras099]

Ne, s pc žádný problém není.

[vyosek]

Vycistete CCleanerem, jinak OK

[ras099]

OK. Díky.

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat