Prosím o kontrolu logu

Zpráva

saturn · #1 Příspěvek od **saturn** » 31 kvě 2014 21:50

Dobrý večer,
mám router a napojený PC káblom a notebook s ipadom cez wifinu. Včera som zaregistroval problém s nefunkčným googlom, FB a youtube. V niektorých prípadoch sa mi zobrazilo varovanie, že môj flash player je zastaralý. Tento problém sa prejavil v PC, v notebooku aj v Ipade. Na Vašom fóre sme našli podobný problém, tak som resetoval router a nakonfiguroval celú sieť. Týmto sa problémy odstránili. Kým som nevedel o probléme s routerom, tak som spustil na notebook online scanner ESS 7, ktorý našiel niekoľko vírov. Preto Vás chcem požiadať o kontrolu logu. Tento log je z notebooku.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by ntb (administrator) on NTB-HP on 31-05-2014 22:18:32
Running from C:\Users\ntb\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041b
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Google Inc.) C:\Users\ntb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ntb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ntb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ntb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ntb\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(forum.viry.cz) C:\Users\ntb\Desktop\FRSTLauncher (3).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2010-09-13] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2010-09-22] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Run: [Google Update] => C:\Users\ntb\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-16] (Google Inc.)
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1005\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-10-18] (EasyBits Software Corp.)

FireFox:
========
FF ProfilePath: C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\78xc584o.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://google.sk
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @powerchallenge.com/PowerLoader - C:\Users\ntb\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ntb\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ntb\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\ntb\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml
FF Extension: Adblock Plus - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\78xc584o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-11-13]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-02]

Chrome:
=======
CHR HomePage: hxxp://www.google.sk/
CHR StartupUrls: "hxxp://www.google.sk/", "hxxp://localhost/", "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR Extension: (Adblock Plus) - C:\Users\ntb\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-11]
CHR Extension: (AdBlock) - C:\Users\ntb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-11]
CHR Extension: (Peňaženka Google) - C:\Users\ntb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
CHR StartMenuInternet: Google Chrome - C:\Users\ntb\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18720 2012-02-09] (Autodesk, Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-03-26] (Freemake)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S1 58cd3; C:\Windows\system32\drivers\58cd3.sys [61912 2014-05-30] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-31 22:18 - 2014-05-31 22:18 - 00014223 _____ () C:\Users\ntb\Desktop\FRST.txt
2014-05-31 22:18 - 2014-05-31 22:18 - 00000000 ____D () C:\FRST
2014-05-31 22:11 - 2014-05-31 22:11 - 00112640 _____ (forum.viry.cz) C:\Users\ntb\Desktop\FRSTLauncher (3).exe
2014-05-31 22:05 - 2014-05-31 22:06 - 02066944 _____ (Farbar) C:\Users\ntb\Desktop\FRST64.exe
2014-05-31 09:03 - 2014-05-31 09:04 - 01157628 _____ () C:\Users\ntb\Downloads\2010121419274713.zip
2014-05-31 08:22 - 2014-05-31 08:22 - 00000788 _____ () C:\Windows\PFRO.log
2014-05-30 19:32 - 2014-05-30 19:32 - 02347384 _____ (ESET) C:\Users\ntb\Downloads\esetsmartinstaller_sky.exe
2014-05-30 19:32 - 2014-05-30 19:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-30 19:24 - 2014-05-30 19:24 - 00061912 _____ () C:\Windows\system32\Drivers\58cd3.sys
2014-05-30 19:18 - 2014-05-31 16:55 - 00000168 _____ () C:\Windows\setupact.log
2014-05-30 19:18 - 2014-05-30 19:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-22 15:22 - 2014-05-23 02:07 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Local\Monkey Quest
2014-05-22 14:57 - 2014-05-22 14:57 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Roaming\WinRAR
2014-05-22 14:28 - 2014-05-23 02:06 - 00000000 ____D () C:\Users\ANdrejovko\Desktop\Server
2014-05-21 20:55 - 2014-05-21 20:56 - 20281311 _____ () C:\Users\ntb\Downloads\BC.ZIP
2014-05-21 20:07 - 2014-05-21 20:07 - 00000000 ____D () C:\Users\ntb\Downloads\WTF
2014-05-20 16:41 - 2014-05-20 16:41 - 00000000 ____D () C:\Users\ANdrejovko\Documents\CyberLink
2014-05-20 16:41 - 2014-05-20 16:41 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Roaming\CyberLink
2014-05-20 16:41 - 2014-05-20 16:41 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Local\Cyberlink
2014-05-18 18:38 - 2014-05-18 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-18 18:38 - 2014-05-18 18:38 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-18 10:26 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-18 10:26 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-18 10:26 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-18 10:26 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-18 10:26 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-18 10:26 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-17 12:22 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-17 12:22 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-17 12:22 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-17 12:22 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-17 12:21 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-17 12:21 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-17 12:21 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-17 12:21 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-17 12:21 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-17 12:21 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-17 12:21 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-17 12:21 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-17 12:21 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-17 12:21 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-17 12:21 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-17 12:21 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-17 12:21 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-17 12:21 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-17 12:21 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-17 12:21 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-17 12:21 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-17 12:21 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-17 12:21 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-17 12:21 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-17 12:21 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-17 12:21 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-17 12:21 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-17 12:21 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-17 12:21 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-17 12:21 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-17 12:21 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-17 12:21 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-17 12:21 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-17 12:21 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-06 21:14 - 2014-05-18 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-03 11:38 - 2014-05-03 12:22 - 00000000 ____D () C:\Users\ANdrejovko\Documents\NHL09
2014-05-03 11:37 - 2014-05-23 02:06 - 00000000 ____D () C:\Users\ANdrejovko\Desktop\My game
2014-05-03 11:14 - 2014-05-03 11:14 - 00000000 ____D () C:\Program Files\EA Sports
2014-05-03 11:11 - 2014-05-03 11:11 - 00000000 ____D () C:\Users\ntb\Downloads\nhl-09-čeština-+-dabing
2014-05-03 11:09 - 2014-05-03 11:10 - 07203318 _____ () C:\Users\ntb\Downloads\nhl-09-čeština-+-dabing.rar
2014-05-03 10:00 - 2014-05-29 22:08 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForntb
2014-05-03 10:00 - 2014-05-29 22:08 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForntb.job

==================== One Month Modified Files and Folders =======

2014-05-31 22:18 - 2014-05-31 22:18 - 00014223 _____ () C:\Users\ntb\Desktop\FRST.txt
2014-05-31 22:18 - 2014-05-31 22:18 - 00000000 ____D () C:\FRST
2014-05-31 22:18 - 2011-05-26 11:12 - 00000000 ____D () C:\Users\ntb\AppData\Local\Temp
2014-05-31 22:13 - 2014-02-01 18:50 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 22:11 - 2014-05-31 22:11 - 00112640 _____ (forum.viry.cz) C:\Users\ntb\Desktop\FRSTLauncher (3).exe
2014-05-31 22:06 - 2014-05-31 22:05 - 02066944 _____ (Farbar) C:\Users\ntb\Desktop\FRST64.exe
2014-05-31 21:56 - 2014-01-30 20:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-31 21:54 - 2012-05-01 15:27 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job
2014-05-31 21:32 - 2012-04-16 18:25 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000UA.job
2014-05-31 21:12 - 2011-04-20 12:43 - 01604748 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 20:38 - 2012-05-10 12:15 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C994EC5-4C10-4C2C-B41C-CA0800F06C73}
2014-05-31 19:42 - 2013-10-03 10:37 - 00000938 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job
2014-05-31 17:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-31 17:36 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 17:36 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 16:56 - 2014-02-01 18:50 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-31 16:56 - 2013-02-19 14:49 - 00000000 ____D () C:\Users\ntb\AppData\Local\LogMeIn Hamachi
2014-05-31 16:55 - 2014-05-30 19:18 - 00000168 _____ () C:\Windows\setupact.log
2014-05-31 16:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 11:38 - 2013-11-22 20:15 - 00000000 ____D () C:\Users\ntb\Documents\Bluetooth Folder
2014-05-31 11:32 - 2012-04-16 18:25 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000Core.job
2014-05-31 11:20 - 2010-10-19 03:31 - 00732190 _____ () C:\Windows\system32\perfh010.dat
2014-05-31 11:20 - 2010-10-19 03:31 - 00147054 _____ () C:\Windows\system32\perfc010.dat
2014-05-31 11:20 - 2009-07-14 07:13 - 01661252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-31 10:42 - 2013-10-03 10:37 - 00000916 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005Core.job
2014-05-31 09:04 - 2014-05-31 09:03 - 01157628 _____ () C:\Users\ntb\Downloads\2010121419274713.zip
2014-05-31 08:22 - 2014-05-31 08:22 - 00000788 _____ () C:\Windows\PFRO.log
2014-05-30 19:32 - 2014-05-30 19:32 - 02347384 _____ (ESET) C:\Users\ntb\Downloads\esetsmartinstaller_sky.exe
2014-05-30 19:32 - 2014-05-30 19:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-30 19:24 - 2014-05-30 19:24 - 00061912 _____ () C:\Windows\system32\Drivers\58cd3.sys
2014-05-30 19:24 - 2011-07-19 14:45 - 00000000 ____D () C:\Users\ntb\AppData\Local\CrashDumps
2014-05-30 19:18 - 2014-05-30 19:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-30 17:18 - 2011-06-16 11:21 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-30 17:17 - 2011-12-16 23:02 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-29 22:08 - 2014-05-03 10:00 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForntb
2014-05-29 22:08 - 2014-05-03 10:00 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForntb.job
2014-05-25 13:54 - 2012-05-01 15:27 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005Core.job
2014-05-23 02:07 - 2014-05-22 15:22 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Local\Monkey Quest
2014-05-23 02:07 - 2013-11-30 10:16 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Roaming\GHISLER
2014-05-23 02:07 - 2013-11-25 14:52 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Roaming\.minecraft
2014-05-23 02:07 - 2013-11-25 14:26 - 00000000 ____D () C:\Users\ANdrejovko\Documents\Euro Truck Simulator 2
2014-05-23 02:07 - 2013-11-25 14:11 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Local\LogMeIn Hamachi
2014-05-23 02:07 - 2013-11-25 14:10 - 00000000 ____D () C:\Users\ANdrejovko
2014-05-23 02:07 - 2013-11-22 22:32 - 00000000 ____D () C:\ProgramData\Atheros
2014-05-23 02:07 - 2011-12-25 11:13 - 00000000 ____D () C:\Users\deti.ntb-HP
2014-05-23 02:06 - 2014-05-22 14:28 - 00000000 ____D () C:\Users\ANdrejovko\Desktop\Server
2014-05-23 02:06 - 2014-05-03 11:37 - 00000000 ____D () C:\Users\ANdrejovko\Desktop\My game
2014-05-23 02:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-22 20:41 - 2011-11-20 19:54 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-22 20:38 - 2011-05-26 11:12 - 00000000 ____D () C:\Users\ntb
2014-05-22 15:22 - 2014-01-21 09:29 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Local\temp
2014-05-22 14:57 - 2014-05-22 14:57 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Roaming\WinRAR
2014-05-21 20:56 - 2014-05-21 20:55 - 20281311 _____ () C:\Users\ntb\Downloads\BC.ZIP
2014-05-21 20:23 - 2012-04-21 20:36 - 00000000 ____D () C:\Users\ntb\Documents\NHL09
2014-05-21 20:07 - 2014-05-21 20:07 - 00000000 ____D () C:\Users\ntb\Downloads\WTF
2014-05-20 16:44 - 2014-01-11 10:35 - 00000000 ____D () C:\Users\ANdrejovko\Desktop\WOW
2014-05-20 16:41 - 2014-05-20 16:41 - 00000000 ____D () C:\Users\ANdrejovko\Documents\CyberLink
2014-05-20 16:41 - 2014-05-20 16:41 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Roaming\CyberLink
2014-05-20 16:41 - 2014-05-20 16:41 - 00000000 ____D () C:\Users\ANdrejovko\AppData\Local\Cyberlink
2014-05-20 16:40 - 2013-11-25 14:11 - 00000000 ___RD () C:\Users\ANdrejovko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 16:40 - 2013-11-25 14:11 - 00000000 ___RD () C:\Users\ANdrejovko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 16:40 - 2013-11-25 14:10 - 00001306 __RSH () C:\Users\ANdrejovko\ntuser.pol
2014-05-20 16:40 - 2011-10-15 14:57 - 00000664 __RSH () C:\Users\ntb\ntuser.pol
2014-05-18 20:47 - 2011-05-26 11:28 - 00003214 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNTB-HP$
2014-05-18 20:47 - 2011-05-26 11:28 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForNTB-HP$.job
2014-05-18 18:38 - 2014-05-18 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-18 18:38 - 2014-05-18 18:38 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-18 11:42 - 2011-05-26 11:13 - 00000000 ___RD () C:\Users\ntb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 11:42 - 2011-05-26 11:13 - 00000000 ___RD () C:\Users\ntb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 11:38 - 2014-05-06 21:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-18 11:18 - 2012-05-11 20:03 - 00294400 ___SH () C:\Users\ntb\Desktop\Thumbs.db
2014-05-18 10:25 - 2011-06-16 13:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-18 10:24 - 2013-08-16 20:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 10:21 - 2011-06-16 11:25 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-17 12:56 - 2014-01-30 20:21 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-17 12:56 - 2014-01-30 20:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 12:56 - 2014-01-30 20:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-11 14:34 - 2012-10-27 21:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 14:26 - 2013-12-28 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-10 15:08 - 2014-02-01 18:50 - 00003926 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 15:08 - 2014-02-01 18:50 - 00003674 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 08:14 - 2014-05-17 12:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-17 12:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 11:27 - 2012-04-16 18:25 - 00003904 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000UA
2014-05-08 11:27 - 2012-04-16 18:25 - 00003508 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000Core
2014-05-06 06:40 - 2014-05-18 10:26 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-18 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-18 10:26 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-18 10:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-18 10:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-18 10:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-03 12:22 - 2014-05-03 11:38 - 00000000 ____D () C:\Users\ANdrejovko\Documents\NHL09
2014-05-03 11:14 - 2014-05-03 11:14 - 00000000 ____D () C:\Program Files\EA Sports
2014-05-03 11:11 - 2014-05-03 11:11 - 00000000 ____D () C:\Users\ntb\Downloads\nhl-09-čeština-+-dabing
2014-05-03 11:10 - 2014-05-03 11:09 - 07203318 _____ () C:\Users\ntb\Downloads\nhl-09-čeština-+-dabing.rar
2014-05-01 18:54 - 2011-10-15 15:09 - 00000000 ____D () C:\Users\ntb\Documents\skola

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-31 11:10

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:447.35 GB) (Free:280.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:18.11 GB) (Free:2.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

Available physical RAM: 2142.37 MB
Total physical RAM: 3893.86 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 466 GB) (Disk ID: 3264533E)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005Core.job => C:\Users\deti.ntb-HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job => C:\Users\deti.ntb-HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000Core.job => C:\Users\ntb\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000UA.job => C:\Users\ntb\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005Core.job => C:\Users\deti.ntb-HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job => C:\Users\deti.ntb-HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForNTB-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForntb.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ntb\Desktop" je 326 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001

==================== End Of Log ==============================

Ďakujem

#2 Příspěvek od **Rudy** » 01 čer 2014 10:47

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1005\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files (x86)\Skype\Toolbars
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
S1 58cd3; C:\Windows\system32\drivers\58cd3.sys
C:\Windows\system32\drivers\58cd3.sys
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000Core.job
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
End

Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

saturn · #3 Příspěvek od **saturn** » 01 čer 2014 15:11

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-06-2014
Ran by ntb at 2014-06-01 16:06:35 Run:1
Running from C:\Users\ntb\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1005\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files (x86)\Skype\Toolbars
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
S1 58cd3; C:\Windows\system32\drivers\58cd3.sys
C:\Windows\system32\drivers\58cd3.sys
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000Core.job
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => Value deleted successfully.
HKU\S-1-5-21-2255258162-3851658991-3524058132-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => Value deleted successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1006\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2255258162-3851658991-3524058132-1005\User => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
58cd3 => Service deleted successfully.
C:\Windows\system32\drivers\58cd3.sys => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1005UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2255258162-3851658991-3524058132-1000Core.job => Moved successfully.
C:\ProgramData\Temp => ":A1EDB939" ADS removed successfully.

The system needed a reboot.

==== End of Fixlog ====

#4 Příspěvek od **Rudy** » 01 čer 2014 15:31

Smazáno. Nastala nějaká změna?

saturn · #5 Příspěvek od **saturn** » 01 čer 2014 16:20

"trojani" sú preč aj prehliadač sa mi zdá pracuje rychlejšie. Ďakujem Vám za pomoc a prajem pekný zvyšok dňa.

#6 Příspěvek od **Rudy** » 01 čer 2014 17:38

Nemáte zač a hezký den!

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu