Zdravím.
Poprosil by som o kontrolu logu. Poslednou dobou mám hrozne spomalený comp a o načítaní www stránok ani nehovorím.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Taťka at 2014-07-28 22:21:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (40%) free of 40 GB
Total RAM: 1023 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:38, on 28.7.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\WINDOWS\VMSnap26.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Taťka\Plocha\RSIT.exe
C:\Program Files\trend micro\Taťka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BigDogPath326VMSnap] C:\WINDOWS\VMSnap26.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A7E5DD4-918E-4582-AFA0-817A3B1098AA}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 7128 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu. Pomalé načítanie www...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu. Pomalé načítanie www...
ahoj,
ten log nebol cely
1. vycisti PC s ADWcleanerom - scan/clean
2. vloz novy log RSIT >> kompletny
ten log nebol cely
1. vycisti PC s ADWcleanerom - scan/clean
2. vloz novy log RSIT >> kompletny
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu. Pomalé načítanie www...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Taťka at 2014-07-29 14:14:27
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (40%) free of 40 GB
Total RAM: 1023 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:14:44, on 29.7.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\VMSnap26.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Taťka\Plocha\RSIT.exe
C:\Program Files\trend micro\Taťka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BigDogPath326VMSnap] C:\WINDOWS\VMSnap26.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A7E5DD4-918E-4582-AFA0-817A3B1098AA}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 6889 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Run by Taťka at 2014-07-29 14:14:27
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (40%) free of 40 GB
Total RAM: 1023 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:14:44, on 29.7.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\VMSnap26.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Taťka\Plocha\RSIT.exe
C:\Program Files\trend micro\Taťka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BigDogPath326VMSnap] C:\WINDOWS\VMSnap26.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A7E5DD4-918E-4582-AFA0-817A3B1098AA}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 6889 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Re: Prosím o kontrolu. Pomalé načítanie www...
ten log zasa nie je cely, preto vloz log FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu. Pomalé načítanie www...
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by Taťka (administrator) on HOME-COMPIK on 29-07-2014 21:40:54
Running from C:\Documents and Settings\Taťka\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\WINDOWS\VMSnap26.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\Taťka\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-10-09] (SuperAdBlocker.com)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\..\Interfaces\{4A7E5DD4-918E-4582-AFA0-817A3B1098AA}: [NameServer]192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Firefox\Profiles\8xycrnnh.default-1406202180437
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Firefox\Profiles\8xycrnnh.default-1406202180437\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-24]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-07-23]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-07-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-06-23]
Chrome:
=======
CHR HomePage:
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-15]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [110592 2005-04-06] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [859136 2006-11-10] (Nero AG) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2297664 2004-11-17] (Realtek Semiconductor Corp.)
R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BlueletSCOAudio; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10068 2006-01-19] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [23000 2005-10-23] (IVT Corporation) [File not signed]
R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20616 2008-07-31] (IVT Corporation.)
R3 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [11988 2005-07-29] () [File not signed]
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
S3 BTNetFilter; C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [14312 2006-04-14] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 GVCplDrv; C:\WINDOWS\system32\Drivers\GVCplDrv.sys [23040 2004-05-02] () [File not signed]
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [102912 2006-11-10] (Nero AG) [File not signed]
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [31360 2006-11-10] (Nero AG) [File not signed]
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [10624 2006-11-10] (Nero AG) [File not signed]
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [33792 2006-11-10] (Nero AG) [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-08-01] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2013-06-23] (Padus, Inc.) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2013-10-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12872 2013-07-14] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [67664 2013-10-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SbFw; C:\WINDOWS\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R3 usbvm328; C:\WINDOWS\System32\Drivers\vmcam326av.sys [104960 2007-10-18] (Vimicro Corporation) [File not signed]
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30208 2013-03-11] (Elaborate Bytes AG) [File not signed]
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation) [File not signed]
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [84836 2006-02-28] (IVT Corporation) [File not signed]
R0 VIAMRAID; C:\WINDOWS\System32\DRIVERS\viamraid.sys [117248 2008-08-08] (VIA Technologies inc,.ltd) [File not signed]
R3 vvftav326_a4; C:\WINDOWS\System32\drivers\vvftav326.sys [480128 2007-07-03] (Vimicro Corporation) [File not signed]
S4 IntelIde; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 21:40 - 2014-07-29 21:41 - 00013324 _____ () C:\Documents and Settings\Taťka\Plocha\FRST.txt
2014-07-29 21:39 - 2014-07-29 21:41 - 00000000 ____D () C:\FRST
2014-07-29 21:38 - 2014-07-29 21:38 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Taťka\Plocha\FRSTLauncher.exe
2014-07-29 21:35 - 2014-07-29 21:35 - 01084416 _____ (Farbar) C:\Documents and Settings\Taťka\Plocha\FRST.exe
2014-07-29 14:04 - 2014-07-29 14:04 - 01365551 _____ () C:\Documents and Settings\Taťka\Plocha\adwcleaner_3.301.exe
2014-07-29 07:00 - 2014-07-29 07:00 - 00000000 ____D () C:\58841be8c19f6685e8
2014-07-28 23:54 - 2014-07-28 23:54 - 00001665 _____ () C:\Documents and Settings\Taťka\Plocha\KMP Games.lnk
2014-07-28 23:54 - 2014-07-28 23:54 - 00000710 _____ () C:\Documents and Settings\Taťka\Plocha\KMPlayer.lnk
2014-07-28 23:39 - 2014-07-28 23:39 - 00929416 _____ (CNET Download.com) C:\Documents and Settings\Taťka\Plocha\cbsidlm-cbsi188-KMPlayer-BP-10659939.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 01107968 _____ () C:\Documents and Settings\Taťka\Plocha\RSIT.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 00000000 ____D () C:\rsit
2014-07-28 09:48 - 2014-07-28 09:48 - 00000000 ____D () C:\7fe0210d5929d76549bcca66f044aefc
2014-07-28 06:38 - 2014-07-28 06:38 - 00000000 ____D () C:\d9ca493e9e06cc6cc060
2014-07-25 09:51 - 2014-07-25 09:56 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\Prílohy mailov
2014-07-24 07:25 - 2014-07-24 08:11 - 1017118720 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-14.04-desktop-i386.iso
2014-07-23 16:52 - 2014-07-23 16:52 - 00007894 _____ () C:\Documents and Settings\Taťka\Plocha\cc_20140723_165205.reg
2014-07-23 03:01 - 2014-07-23 03:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 17:34 - 2014-07-22 17:34 - 00000000 ____D () C:\Documents and Settings\pc\Dokumenty\NeroVision
2014-07-22 14:27 - 2014-07-22 14:27 - 00002136 _____ () C:\WINDOWS\system32\sdkinst.log
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Program Files\Sunbelt Software
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Sunbelt Software
2014-07-22 14:27 - 2008-10-31 07:09 - 00270888 ____R (Sunbelt Software, Inc.) C:\WINDOWS\system32\Drivers\SbFw.sys
2014-07-22 14:27 - 2008-06-21 04:54 - 00065576 _____ (Sunbelt Software, Inc.) C:\WINDOWS\system32\Drivers\SbFwIm.sys
2014-07-22 14:25 - 2014-07-22 14:25 - 06000608 _____ (Sunbelt Software ) C:\Documents and Settings\Taťka\Plocha\sunbelt-personal-firewall.exe
2014-07-12 15:21 - 2014-07-12 15:21 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\New Folder
2014-07-12 14:51 - 2014-07-12 14:51 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\Engelmann Media
2014-07-12 14:50 - 2014-07-27 17:54 - 00000000 ____D () C:\Program Files\DVR Converter 3.0
2014-07-12 14:50 - 2014-07-12 14:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$
2014-07-12 14:47 - 2014-07-12 14:47 - 24450496 _____ (Engelmann Media GmbH) C:\Documents and Settings\Taťka\Plocha\Dvr-Converter_3.0.11.404.exe
2014-07-12 14:12 - 2014-07-12 14:12 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\CyberLink
2014-07-12 14:10 - 2014-07-12 14:10 - 00001938 _____ () C:\Documents and Settings\Taťka\Plocha\POWER-DVD-6-KEY.rar
2014-07-12 14:05 - 2014-07-12 14:05 - 00000000 ____D () C:\Program Files\Yahoo!
2014-07-12 13:43 - 2014-07-12 13:43 - 00001684 _____ () C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD.lnk
2014-07-12 13:43 - 2014-07-12 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CyberLink PowerDVD
2014-07-12 13:31 - 2004-05-02 10:47 - 00023040 ____R () C:\WINDOWS\system32\Drivers\GVCplDrv.sys
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\Taťka\Dokumenty\CyberLink
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\CyberLink
2014-07-12 13:00 - 2014-07-12 13:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-07-10 23:12 - 2014-07-10 23:12 - 00160689 _____ () C:\wubildr
2014-07-10 23:12 - 2014-07-10 23:12 - 00008192 _____ () C:\wubildr.mbr
2014-07-10 23:10 - 2014-07-10 23:10 - 00000000 ____D () C:\ubuntu
2014-07-10 22:53 - 2014-07-10 23:02 - 938475520 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-13.10-desktop-i386.iso
2014-07-05 16:23 - 2014-07-05 16:23 - 00000000 __SHD () C:\Documents and Settings\Taťka\PrivacIE
2014-07-01 14:07 - 2014-07-01 14:07 - 00000122 _____ () C:\Documents and Settings\Taťka\Plocha\AVX telefón.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 21:41 - 2014-07-29 21:40 - 00013324 _____ () C:\Documents and Settings\Taťka\Plocha\FRST.txt
2014-07-29 21:41 - 2014-07-29 21:39 - 00000000 ____D () C:\FRST
2014-07-29 21:41 - 2013-06-15 16:15 - 00000000 ____D () C:\Documents and Settings\Taťka\Local Settings\Temp
2014-07-29 21:40 - 2013-06-15 16:15 - 00000000 ___RD () C:\Documents and Settings\Taťka\Plocha
2014-07-29 21:39 - 2013-06-15 16:15 - 00000000 ___HD () C:\Documents and Settings\Taťka\Local Settings\Data aplikací
2014-07-29 21:38 - 2014-07-29 21:38 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Taťka\Plocha\FRSTLauncher.exe
2014-07-29 21:35 - 2014-07-29 21:35 - 01084416 _____ (Farbar) C:\Documents and Settings\Taťka\Plocha\FRST.exe
2014-07-29 21:29 - 2013-06-15 08:16 - 01185704 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-29 21:28 - 2014-03-15 11:19 - 00000222 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-07-29 21:28 - 2013-06-15 09:36 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-29 21:27 - 2013-07-14 00:25 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-29 21:27 - 2013-07-14 00:25 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-29 21:27 - 2013-06-15 08:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-29 15:11 - 2013-06-15 16:15 - 00000272 ___SH () C:\Documents and Settings\Taťka\ntuser.ini
2014-07-29 15:11 - 2013-06-15 08:21 - 00032418 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-29 15:06 - 2013-08-13 16:47 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-29 14:20 - 2013-06-25 17:47 - 00000534 _____ () C:\Documents and Settings\Taťka\intlname.ols
2014-07-29 14:14 - 2013-07-20 00:50 - 00000000 ____D () C:\Program Files\trend micro
2014-07-29 14:09 - 2014-05-21 17:38 - 00000000 ____D () C:\AdwCleaner
2014-07-29 14:09 - 2013-06-15 16:15 - 00000000 __RHD () C:\Documents and Settings\Taťka\Data aplikací
2014-07-29 14:09 - 2013-06-15 10:09 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-29 14:04 - 2014-07-29 14:04 - 01365551 _____ () C:\Documents and Settings\Taťka\Plocha\adwcleaner_3.301.exe
2014-07-29 07:36 - 2013-06-23 22:37 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-07-29 07:00 - 2014-07-29 07:00 - 00000000 ____D () C:\58841be8c19f6685e8
2014-07-29 06:59 - 2013-06-15 10:10 - 01082362 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-29 00:16 - 2013-06-28 18:59 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-07-29 00:15 - 2013-06-16 09:25 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-07-29 00:14 - 2013-06-15 17:54 - 00017408 _____ () C:\Documents and Settings\Taťka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-28 23:54 - 2014-07-28 23:54 - 00001665 _____ () C:\Documents and Settings\Taťka\Plocha\KMP Games.lnk
2014-07-28 23:54 - 2014-07-28 23:54 - 00000710 _____ () C:\Documents and Settings\Taťka\Plocha\KMPlayer.lnk
2014-07-28 23:39 - 2014-07-28 23:39 - 00929416 _____ (CNET Download.com) C:\Documents and Settings\Taťka\Plocha\cbsidlm-cbsi188-KMPlayer-BP-10659939.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 01107968 _____ () C:\Documents and Settings\Taťka\Plocha\RSIT.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 00000000 ____D () C:\rsit
2014-07-28 17:31 - 2013-06-15 09:14 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-28 17:31 - 2013-06-15 09:14 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-28 09:48 - 2014-07-28 09:48 - 00000000 ____D () C:\7fe0210d5929d76549bcca66f044aefc
2014-07-28 06:38 - 2014-07-28 06:38 - 00000000 ____D () C:\d9ca493e9e06cc6cc060
2014-07-27 17:54 - 2014-07-12 14:50 - 00000000 ____D () C:\Program Files\DVR Converter 3.0
2014-07-27 17:54 - 2013-06-15 10:09 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-07-27 17:45 - 2013-06-15 08:21 - 00000000 ___RD () C:\Documents and Settings\pc\Dokumenty\Hudba
2014-07-27 17:44 - 2013-07-05 10:48 - 00000000 ___RD () C:\Documents and Settings\pc\Dokumenty\Filmy
2014-07-27 17:41 - 2013-06-15 09:18 - 00000000 ____D () C:\Documents and Settings\pc\Dokumenty\Stažené soubory
2014-07-26 17:44 - 2013-06-15 08:21 - 00000272 ___SH () C:\Documents and Settings\pc\ntuser.ini
2014-07-26 17:43 - 2013-06-15 15:48 - 00188416 _____ () C:\Documents and Settings\pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-26 17:43 - 2013-06-15 08:21 - 00000000 ____D () C:\Documents and Settings\pc\Local Settings\Temp
2014-07-26 17:15 - 2013-06-15 08:21 - 00000000 ____D () C:\Documents and Settings\pc\Plocha
2014-07-26 10:27 - 2014-01-12 15:25 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\avidemux
2014-07-25 09:56 - 2014-07-25 09:51 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\Prílohy mailov
2014-07-25 09:27 - 2013-06-15 16:52 - 00000000 ____D () C:\Documents and Settings\Taťka\Dokumenty\Stažené soubory
2014-07-24 13:43 - 2014-02-27 22:06 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\Původní data aplikace Firefox
2014-07-24 08:11 - 2014-07-24 07:25 - 1017118720 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-14.04-desktop-i386.iso
2014-07-23 17:35 - 2013-06-22 13:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-23 17:32 - 2014-05-04 07:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-23 17:32 - 2001-10-25 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-23 17:30 - 2013-06-23 08:39 - 00000000 ____D () C:\WINDOWS\system32\config\RCCBakup
2014-07-23 16:52 - 2014-07-23 16:52 - 00007894 _____ () C:\Documents and Settings\Taťka\Plocha\cc_20140723_165205.reg
2014-07-23 16:49 - 2013-08-25 20:41 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\Winamp
2014-07-23 16:49 - 2013-06-15 08:21 - 00000000 ____D () C:\Documents and Settings\pc
2014-07-23 16:48 - 2013-06-15 16:15 - 00000000 ____D () C:\Documents and Settings\Taťka
2014-07-23 03:02 - 2014-07-23 03:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 17:34 - 2014-07-22 17:34 - 00000000 ____D () C:\Documents and Settings\pc\Dokumenty\NeroVision
2014-07-22 17:34 - 2013-06-28 19:08 - 00000000 ____D () C:\Documents and Settings\pc\Data aplikací\Ahead
2014-07-22 17:34 - 2013-06-15 08:21 - 00000000 ___RD () C:\Documents and Settings\pc\Dokumenty
2014-07-22 14:27 - 2014-07-22 14:27 - 00002136 _____ () C:\WINDOWS\system32\sdkinst.log
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Program Files\Sunbelt Software
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Sunbelt Software
2014-07-22 14:25 - 2014-07-22 14:25 - 06000608 _____ (Sunbelt Software ) C:\Documents and Settings\Taťka\Plocha\sunbelt-personal-firewall.exe
2014-07-15 17:38 - 2013-06-15 09:11 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2014-07-15 17:11 - 2013-07-01 20:42 - 00000156 _____ () C:\Documents and Settings\Taťka\default.pls
2014-07-13 03:26 - 2013-06-15 08:21 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2014-07-12 15:43 - 2013-08-28 20:21 - 00000376 _____ () C:\Documents and Settings\Taťka\X.ini
2014-07-12 15:21 - 2014-07-12 15:21 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\New Folder
2014-07-12 14:51 - 2014-07-12 14:51 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\Engelmann Media
2014-07-12 14:50 - 2014-07-12 14:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$
2014-07-12 14:47 - 2014-07-12 14:47 - 24450496 _____ (Engelmann Media GmbH) C:\Documents and Settings\Taťka\Plocha\Dvr-Converter_3.0.11.404.exe
2014-07-12 14:12 - 2014-07-12 14:12 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\CyberLink
2014-07-12 14:10 - 2014-07-12 14:10 - 00001938 _____ () C:\Documents and Settings\Taťka\Plocha\POWER-DVD-6-KEY.rar
2014-07-12 14:05 - 2014-07-12 14:05 - 00000000 ____D () C:\Program Files\Yahoo!
2014-07-12 13:43 - 2014-07-12 13:43 - 00001684 _____ () C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD.lnk
2014-07-12 13:43 - 2014-07-12 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CyberLink PowerDVD
2014-07-12 13:43 - 2013-06-15 10:09 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-07-12 13:34 - 2013-06-15 11:48 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\Taťka\Dokumenty\CyberLink
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\CyberLink
2014-07-12 13:30 - 2013-06-15 16:15 - 00000000 ___RD () C:\Documents and Settings\Taťka\Dokumenty
2014-07-12 13:00 - 2014-07-12 13:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-07-12 11:38 - 2014-02-27 21:56 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-07-10 23:12 - 2014-07-10 23:12 - 00160689 _____ () C:\wubildr
2014-07-10 23:12 - 2014-07-10 23:12 - 00008192 _____ () C:\wubildr.mbr
2014-07-10 23:12 - 2013-06-15 10:08 - 00000354 __RSH () C:\boot.ini
2014-07-10 23:10 - 2014-07-10 23:10 - 00000000 ____D () C:\ubuntu
2014-07-10 23:02 - 2014-07-10 22:53 - 938475520 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-13.10-desktop-i386.iso
2014-07-10 11:24 - 2014-03-15 11:19 - 00000216 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-07-05 16:23 - 2014-07-05 16:23 - 00000000 __SHD () C:\Documents and Settings\Taťka\PrivacIE
2014-07-01 14:07 - 2014-07-01 14:07 - 00000122 _____ () C:\Documents and Settings\Taťka\Plocha\AVX telefón.txt
2014-06-30 21:49 - 2013-06-15 08:24 - 00046584 _____ () C:\Documents and Settings\pc\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-06-29 15:09 - 2014-02-22 10:34 - 00000000 ____D () C:\Documents and Settings\pc\Plocha\kapesníky
2014-06-29 15:07 - 2013-08-12 19:04 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
Some content of TEMP:
====================
C:\Documents and Settings\pc\Local Settings\Temp\KMP_3.9.0.126.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\KMP_3.9.0.124.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\KMP_3.9.0.125.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\KMP_3.9.0.126.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl6.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl8DC.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl8DD.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl8DE.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall (Disabled) {82B1150E-9B37-49FC-83EB-D52197D900D0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\Taka\Plocha" je 2213 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent
C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
Reim ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
Reim ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^PHOTOfunSTUDIO -viewer-.lnk
C:\PROGRA~1\PANASO~1\PHOTOF~1\PHAUTO~1.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\QIP\\qip.exe"="C:\\Program Files\\QIP\\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\\Documents and Settings\\pc\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\pc\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\\Documents and Settings\\Taka\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\Taka\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001
==================== End Of Log ==============================
Ran by Taťka (administrator) on HOME-COMPIK on 29-07-2014 21:40:54
Running from C:\Documents and Settings\Taťka\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\WINDOWS\VMSnap26.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\Taťka\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-10-09] (SuperAdBlocker.com)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\..\Interfaces\{4A7E5DD4-918E-4582-AFA0-817A3B1098AA}: [NameServer]192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Firefox\Profiles\8xycrnnh.default-1406202180437
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Firefox\Profiles\8xycrnnh.default-1406202180437\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-24]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-07-23]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-07-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-06-23]
Chrome:
=======
CHR HomePage:
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-15]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [110592 2005-04-06] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [859136 2006-11-10] (Nero AG) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2297664 2004-11-17] (Realtek Semiconductor Corp.)
R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BlueletSCOAudio; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [20480 2005-08-31] (IVT Corporation) [File not signed]
R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10068 2006-01-19] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [23000 2005-10-23] (IVT Corporation) [File not signed]
R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20616 2008-07-31] (IVT Corporation.)
R3 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [11988 2005-07-29] () [File not signed]
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
S3 BTNetFilter; C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [14312 2006-04-14] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 GVCplDrv; C:\WINDOWS\system32\Drivers\GVCplDrv.sys [23040 2004-05-02] () [File not signed]
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [102912 2006-11-10] (Nero AG) [File not signed]
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [31360 2006-11-10] (Nero AG) [File not signed]
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [10624 2006-11-10] (Nero AG) [File not signed]
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [33792 2006-11-10] (Nero AG) [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-08-01] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2013-06-23] (Padus, Inc.) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2013-10-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12872 2013-07-14] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [67664 2013-10-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SbFw; C:\WINDOWS\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R3 usbvm328; C:\WINDOWS\System32\Drivers\vmcam326av.sys [104960 2007-10-18] (Vimicro Corporation) [File not signed]
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30208 2013-03-11] (Elaborate Bytes AG) [File not signed]
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation) [File not signed]
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [84836 2006-02-28] (IVT Corporation) [File not signed]
R0 VIAMRAID; C:\WINDOWS\System32\DRIVERS\viamraid.sys [117248 2008-08-08] (VIA Technologies inc,.ltd) [File not signed]
R3 vvftav326_a4; C:\WINDOWS\System32\drivers\vvftav326.sys [480128 2007-07-03] (Vimicro Corporation) [File not signed]
S4 IntelIde; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 21:40 - 2014-07-29 21:41 - 00013324 _____ () C:\Documents and Settings\Taťka\Plocha\FRST.txt
2014-07-29 21:39 - 2014-07-29 21:41 - 00000000 ____D () C:\FRST
2014-07-29 21:38 - 2014-07-29 21:38 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Taťka\Plocha\FRSTLauncher.exe
2014-07-29 21:35 - 2014-07-29 21:35 - 01084416 _____ (Farbar) C:\Documents and Settings\Taťka\Plocha\FRST.exe
2014-07-29 14:04 - 2014-07-29 14:04 - 01365551 _____ () C:\Documents and Settings\Taťka\Plocha\adwcleaner_3.301.exe
2014-07-29 07:00 - 2014-07-29 07:00 - 00000000 ____D () C:\58841be8c19f6685e8
2014-07-28 23:54 - 2014-07-28 23:54 - 00001665 _____ () C:\Documents and Settings\Taťka\Plocha\KMP Games.lnk
2014-07-28 23:54 - 2014-07-28 23:54 - 00000710 _____ () C:\Documents and Settings\Taťka\Plocha\KMPlayer.lnk
2014-07-28 23:39 - 2014-07-28 23:39 - 00929416 _____ (CNET Download.com) C:\Documents and Settings\Taťka\Plocha\cbsidlm-cbsi188-KMPlayer-BP-10659939.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 01107968 _____ () C:\Documents and Settings\Taťka\Plocha\RSIT.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 00000000 ____D () C:\rsit
2014-07-28 09:48 - 2014-07-28 09:48 - 00000000 ____D () C:\7fe0210d5929d76549bcca66f044aefc
2014-07-28 06:38 - 2014-07-28 06:38 - 00000000 ____D () C:\d9ca493e9e06cc6cc060
2014-07-25 09:51 - 2014-07-25 09:56 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\Prílohy mailov
2014-07-24 07:25 - 2014-07-24 08:11 - 1017118720 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-14.04-desktop-i386.iso
2014-07-23 16:52 - 2014-07-23 16:52 - 00007894 _____ () C:\Documents and Settings\Taťka\Plocha\cc_20140723_165205.reg
2014-07-23 03:01 - 2014-07-23 03:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 17:34 - 2014-07-22 17:34 - 00000000 ____D () C:\Documents and Settings\pc\Dokumenty\NeroVision
2014-07-22 14:27 - 2014-07-22 14:27 - 00002136 _____ () C:\WINDOWS\system32\sdkinst.log
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Program Files\Sunbelt Software
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Sunbelt Software
2014-07-22 14:27 - 2008-10-31 07:09 - 00270888 ____R (Sunbelt Software, Inc.) C:\WINDOWS\system32\Drivers\SbFw.sys
2014-07-22 14:27 - 2008-06-21 04:54 - 00065576 _____ (Sunbelt Software, Inc.) C:\WINDOWS\system32\Drivers\SbFwIm.sys
2014-07-22 14:25 - 2014-07-22 14:25 - 06000608 _____ (Sunbelt Software ) C:\Documents and Settings\Taťka\Plocha\sunbelt-personal-firewall.exe
2014-07-12 15:21 - 2014-07-12 15:21 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\New Folder
2014-07-12 14:51 - 2014-07-12 14:51 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\Engelmann Media
2014-07-12 14:50 - 2014-07-27 17:54 - 00000000 ____D () C:\Program Files\DVR Converter 3.0
2014-07-12 14:50 - 2014-07-12 14:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$
2014-07-12 14:47 - 2014-07-12 14:47 - 24450496 _____ (Engelmann Media GmbH) C:\Documents and Settings\Taťka\Plocha\Dvr-Converter_3.0.11.404.exe
2014-07-12 14:12 - 2014-07-12 14:12 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\CyberLink
2014-07-12 14:10 - 2014-07-12 14:10 - 00001938 _____ () C:\Documents and Settings\Taťka\Plocha\POWER-DVD-6-KEY.rar
2014-07-12 14:05 - 2014-07-12 14:05 - 00000000 ____D () C:\Program Files\Yahoo!
2014-07-12 13:43 - 2014-07-12 13:43 - 00001684 _____ () C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD.lnk
2014-07-12 13:43 - 2014-07-12 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CyberLink PowerDVD
2014-07-12 13:31 - 2004-05-02 10:47 - 00023040 ____R () C:\WINDOWS\system32\Drivers\GVCplDrv.sys
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\Taťka\Dokumenty\CyberLink
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\CyberLink
2014-07-12 13:00 - 2014-07-12 13:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-07-10 23:12 - 2014-07-10 23:12 - 00160689 _____ () C:\wubildr
2014-07-10 23:12 - 2014-07-10 23:12 - 00008192 _____ () C:\wubildr.mbr
2014-07-10 23:10 - 2014-07-10 23:10 - 00000000 ____D () C:\ubuntu
2014-07-10 22:53 - 2014-07-10 23:02 - 938475520 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-13.10-desktop-i386.iso
2014-07-05 16:23 - 2014-07-05 16:23 - 00000000 __SHD () C:\Documents and Settings\Taťka\PrivacIE
2014-07-01 14:07 - 2014-07-01 14:07 - 00000122 _____ () C:\Documents and Settings\Taťka\Plocha\AVX telefón.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 21:41 - 2014-07-29 21:40 - 00013324 _____ () C:\Documents and Settings\Taťka\Plocha\FRST.txt
2014-07-29 21:41 - 2014-07-29 21:39 - 00000000 ____D () C:\FRST
2014-07-29 21:41 - 2013-06-15 16:15 - 00000000 ____D () C:\Documents and Settings\Taťka\Local Settings\Temp
2014-07-29 21:40 - 2013-06-15 16:15 - 00000000 ___RD () C:\Documents and Settings\Taťka\Plocha
2014-07-29 21:39 - 2013-06-15 16:15 - 00000000 ___HD () C:\Documents and Settings\Taťka\Local Settings\Data aplikací
2014-07-29 21:38 - 2014-07-29 21:38 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Taťka\Plocha\FRSTLauncher.exe
2014-07-29 21:35 - 2014-07-29 21:35 - 01084416 _____ (Farbar) C:\Documents and Settings\Taťka\Plocha\FRST.exe
2014-07-29 21:29 - 2013-06-15 08:16 - 01185704 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-29 21:28 - 2014-03-15 11:19 - 00000222 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-07-29 21:28 - 2013-06-15 09:36 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-29 21:27 - 2013-07-14 00:25 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-29 21:27 - 2013-07-14 00:25 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-29 21:27 - 2013-06-15 08:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-29 15:11 - 2013-06-15 16:15 - 00000272 ___SH () C:\Documents and Settings\Taťka\ntuser.ini
2014-07-29 15:11 - 2013-06-15 08:21 - 00032418 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-29 15:06 - 2013-08-13 16:47 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-29 14:20 - 2013-06-25 17:47 - 00000534 _____ () C:\Documents and Settings\Taťka\intlname.ols
2014-07-29 14:14 - 2013-07-20 00:50 - 00000000 ____D () C:\Program Files\trend micro
2014-07-29 14:09 - 2014-05-21 17:38 - 00000000 ____D () C:\AdwCleaner
2014-07-29 14:09 - 2013-06-15 16:15 - 00000000 __RHD () C:\Documents and Settings\Taťka\Data aplikací
2014-07-29 14:09 - 2013-06-15 10:09 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-29 14:04 - 2014-07-29 14:04 - 01365551 _____ () C:\Documents and Settings\Taťka\Plocha\adwcleaner_3.301.exe
2014-07-29 07:36 - 2013-06-23 22:37 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-07-29 07:00 - 2014-07-29 07:00 - 00000000 ____D () C:\58841be8c19f6685e8
2014-07-29 06:59 - 2013-06-15 10:10 - 01082362 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-29 00:16 - 2013-06-28 18:59 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-07-29 00:15 - 2013-06-16 09:25 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-07-29 00:14 - 2013-06-15 17:54 - 00017408 _____ () C:\Documents and Settings\Taťka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-28 23:54 - 2014-07-28 23:54 - 00001665 _____ () C:\Documents and Settings\Taťka\Plocha\KMP Games.lnk
2014-07-28 23:54 - 2014-07-28 23:54 - 00000710 _____ () C:\Documents and Settings\Taťka\Plocha\KMPlayer.lnk
2014-07-28 23:39 - 2014-07-28 23:39 - 00929416 _____ (CNET Download.com) C:\Documents and Settings\Taťka\Plocha\cbsidlm-cbsi188-KMPlayer-BP-10659939.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 01107968 _____ () C:\Documents and Settings\Taťka\Plocha\RSIT.exe
2014-07-28 22:21 - 2014-07-28 22:21 - 00000000 ____D () C:\rsit
2014-07-28 17:31 - 2013-06-15 09:14 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-28 17:31 - 2013-06-15 09:14 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-28 09:48 - 2014-07-28 09:48 - 00000000 ____D () C:\7fe0210d5929d76549bcca66f044aefc
2014-07-28 06:38 - 2014-07-28 06:38 - 00000000 ____D () C:\d9ca493e9e06cc6cc060
2014-07-27 17:54 - 2014-07-12 14:50 - 00000000 ____D () C:\Program Files\DVR Converter 3.0
2014-07-27 17:54 - 2013-06-15 10:09 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-07-27 17:45 - 2013-06-15 08:21 - 00000000 ___RD () C:\Documents and Settings\pc\Dokumenty\Hudba
2014-07-27 17:44 - 2013-07-05 10:48 - 00000000 ___RD () C:\Documents and Settings\pc\Dokumenty\Filmy
2014-07-27 17:41 - 2013-06-15 09:18 - 00000000 ____D () C:\Documents and Settings\pc\Dokumenty\Stažené soubory
2014-07-26 17:44 - 2013-06-15 08:21 - 00000272 ___SH () C:\Documents and Settings\pc\ntuser.ini
2014-07-26 17:43 - 2013-06-15 15:48 - 00188416 _____ () C:\Documents and Settings\pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-26 17:43 - 2013-06-15 08:21 - 00000000 ____D () C:\Documents and Settings\pc\Local Settings\Temp
2014-07-26 17:15 - 2013-06-15 08:21 - 00000000 ____D () C:\Documents and Settings\pc\Plocha
2014-07-26 10:27 - 2014-01-12 15:25 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\avidemux
2014-07-25 09:56 - 2014-07-25 09:51 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\Prílohy mailov
2014-07-25 09:27 - 2013-06-15 16:52 - 00000000 ____D () C:\Documents and Settings\Taťka\Dokumenty\Stažené soubory
2014-07-24 13:43 - 2014-02-27 22:06 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\Původní data aplikace Firefox
2014-07-24 08:11 - 2014-07-24 07:25 - 1017118720 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-14.04-desktop-i386.iso
2014-07-23 17:35 - 2013-06-22 13:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-23 17:32 - 2014-05-04 07:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-23 17:32 - 2001-10-25 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-23 17:30 - 2013-06-23 08:39 - 00000000 ____D () C:\WINDOWS\system32\config\RCCBakup
2014-07-23 16:52 - 2014-07-23 16:52 - 00007894 _____ () C:\Documents and Settings\Taťka\Plocha\cc_20140723_165205.reg
2014-07-23 16:49 - 2013-08-25 20:41 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\Winamp
2014-07-23 16:49 - 2013-06-15 08:21 - 00000000 ____D () C:\Documents and Settings\pc
2014-07-23 16:48 - 2013-06-15 16:15 - 00000000 ____D () C:\Documents and Settings\Taťka
2014-07-23 03:02 - 2014-07-23 03:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 17:34 - 2014-07-22 17:34 - 00000000 ____D () C:\Documents and Settings\pc\Dokumenty\NeroVision
2014-07-22 17:34 - 2013-06-28 19:08 - 00000000 ____D () C:\Documents and Settings\pc\Data aplikací\Ahead
2014-07-22 17:34 - 2013-06-15 08:21 - 00000000 ___RD () C:\Documents and Settings\pc\Dokumenty
2014-07-22 14:27 - 2014-07-22 14:27 - 00002136 _____ () C:\WINDOWS\system32\sdkinst.log
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Program Files\Sunbelt Software
2014-07-22 14:27 - 2014-07-22 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Sunbelt Software
2014-07-22 14:25 - 2014-07-22 14:25 - 06000608 _____ (Sunbelt Software ) C:\Documents and Settings\Taťka\Plocha\sunbelt-personal-firewall.exe
2014-07-15 17:38 - 2013-06-15 09:11 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2014-07-15 17:11 - 2013-07-01 20:42 - 00000156 _____ () C:\Documents and Settings\Taťka\default.pls
2014-07-13 03:26 - 2013-06-15 08:21 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2014-07-12 15:43 - 2013-08-28 20:21 - 00000376 _____ () C:\Documents and Settings\Taťka\X.ini
2014-07-12 15:21 - 2014-07-12 15:21 - 00000000 ____D () C:\Documents and Settings\Taťka\Plocha\New Folder
2014-07-12 14:51 - 2014-07-12 14:51 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\Engelmann Media
2014-07-12 14:50 - 2014-07-12 14:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$
2014-07-12 14:47 - 2014-07-12 14:47 - 24450496 _____ (Engelmann Media GmbH) C:\Documents and Settings\Taťka\Plocha\Dvr-Converter_3.0.11.404.exe
2014-07-12 14:12 - 2014-07-12 14:12 - 00000000 ____D () C:\Documents and Settings\Taťka\Data aplikací\CyberLink
2014-07-12 14:10 - 2014-07-12 14:10 - 00001938 _____ () C:\Documents and Settings\Taťka\Plocha\POWER-DVD-6-KEY.rar
2014-07-12 14:05 - 2014-07-12 14:05 - 00000000 ____D () C:\Program Files\Yahoo!
2014-07-12 13:43 - 2014-07-12 13:43 - 00001684 _____ () C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD.lnk
2014-07-12 13:43 - 2014-07-12 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CyberLink PowerDVD
2014-07-12 13:43 - 2013-06-15 10:09 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-07-12 13:34 - 2013-06-15 11:48 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\Taťka\Dokumenty\CyberLink
2014-07-12 13:30 - 2014-07-12 13:30 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\CyberLink
2014-07-12 13:30 - 2013-06-15 16:15 - 00000000 ___RD () C:\Documents and Settings\Taťka\Dokumenty
2014-07-12 13:00 - 2014-07-12 13:00 - 00000000 ____D () C:\Program Files\CyberLink
2014-07-12 11:38 - 2014-02-27 21:56 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-07-10 23:12 - 2014-07-10 23:12 - 00160689 _____ () C:\wubildr
2014-07-10 23:12 - 2014-07-10 23:12 - 00008192 _____ () C:\wubildr.mbr
2014-07-10 23:12 - 2013-06-15 10:08 - 00000354 __RSH () C:\boot.ini
2014-07-10 23:10 - 2014-07-10 23:10 - 00000000 ____D () C:\ubuntu
2014-07-10 23:02 - 2014-07-10 22:53 - 938475520 _____ () C:\Documents and Settings\Taťka\Plocha\ubuntu-13.10-desktop-i386.iso
2014-07-10 11:24 - 2014-03-15 11:19 - 00000216 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-07-05 16:23 - 2014-07-05 16:23 - 00000000 __SHD () C:\Documents and Settings\Taťka\PrivacIE
2014-07-01 14:07 - 2014-07-01 14:07 - 00000122 _____ () C:\Documents and Settings\Taťka\Plocha\AVX telefón.txt
2014-06-30 21:49 - 2013-06-15 08:24 - 00046584 _____ () C:\Documents and Settings\pc\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-06-29 15:09 - 2014-02-22 10:34 - 00000000 ____D () C:\Documents and Settings\pc\Plocha\kapesníky
2014-06-29 15:07 - 2013-08-12 19:04 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
Some content of TEMP:
====================
C:\Documents and Settings\pc\Local Settings\Temp\KMP_3.9.0.126.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\KMP_3.9.0.124.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\KMP_3.9.0.125.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\KMP_3.9.0.126.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl6.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl8DC.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl8DD.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\pyl8DE.tmp.exe
C:\Documents and Settings\Taťka\Local Settings\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall (Disabled) {82B1150E-9B37-49FC-83EB-D52197D900D0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\Taka\Plocha" je 2213 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent
C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
Reim ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
Reim ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^PHOTOfunSTUDIO -viewer-.lnk
C:\PROGRA~1\PANASO~1\PHOTOF~1\PHAUTO~1.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\QIP\\qip.exe"="C:\\Program Files\\QIP\\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\\Documents and Settings\\pc\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\pc\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\\Documents and Settings\\Taka\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\Taka\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001
==================== End Of Log ==============================
Re: Prosím o kontrolu. Pomalé načítanie www...
1. velkost adresara plocha je viac ako 2GB 
vycisti aby bolo max. 300MB
2. citat:
TFC http://oldtimer.geekstogo.com/TFC.exe
• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte
vycisti aby bolo max. 300MB2. citat:
TFC http://oldtimer.geekstogo.com/TFC.exe
• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu. Pomalé načítanie www...
Tak som učinil tak, ako bolo napísané. Čo teraz? Už to bude v poriadku?
Re: Prosím o kontrolu. Pomalé načítanie www...
malo by to byt OK
ak nieco, tak sa ozvi
ak nieco, tak sa ozvi
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu. Pomalé načítanie www...
O.K. Vďaka...
Re: Prosím o kontrolu. Pomalé načítanie www...
za malo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?