dobry den,
potřeboval bych prosim pomoct s odsekáním pc, pokud je to možné. PC jsem projel Ccleanerem a místo AVG nainsaloval Avast. nevím ale co dál. Zasílám log FRST..+ příloha
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by Siemens (administrator) on SIEMENS-544659E on 21-02-2015 14:50:11
Running from C:\Documents and Settings\Siemens\Plocha
Loaded Profiles: Siemens (Available profiles: Siemens)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SoundMan.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\osk.exe
(Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\Siemens\Plocha\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-07-19] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-07-19] (Intel Corporation)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [86016 2005-09-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2807808 2005-09-21] (RealTek Semicoductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-31] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: No Name -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 4439257765
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF DefaultSearchEngine: Seznam
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656\searchplugins\seznam-avast.xml
FF Extension: Seznam lištička - C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-28]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Profile: C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-13]
CHR Extension: (Google Search) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-13]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-24]
CHR Extension: (Gmail) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-31] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-31] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-31] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-31] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-31] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-31] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-31] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-31] ()
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3298432 2005-09-12] (Intel® Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 14:50 - 2015-02-21 14:51 - 00012584 _____ () C:\Documents and Settings\Siemens\Plocha\FRST.txt
2015-02-21 14:48 - 2015-02-21 14:48 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Siemens\Plocha\FRSTLauncher (1).exe
2015-02-21 14:42 - 2015-02-21 14:50 - 00000000 ____D () C:\FRST
2015-02-21 14:41 - 2015-02-21 14:42 - 01126400 _____ (Farbar) C:\Documents and Settings\Siemens\Plocha\FRST.exe
2015-02-21 14:34 - 2015-02-21 14:34 - 00001191 _____ () C:\WINDOWS\setupapi.log
2015-02-21 13:59 - 2015-02-21 14:02 - 00000000 ____D () C:\Documents and Settings\Siemens\Dokumenty\registry
2015-02-20 18:18 - 2015-02-20 18:18 - 00001731 _____ () C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
2015-02-20 18:17 - 2015-01-31 17:23 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-31 19:30 - 2015-01-31 19:30 - 00000000 __SHD () C:\Documents and Settings\Siemens\IECompatCache
2015-01-31 19:29 - 2015-01-31 19:29 - 00000803 _____ () C:\Documents and Settings\Siemens\Nabídka Start\Programy\Internet Explorer (2).lnk
2015-01-31 17:25 - 2015-02-20 18:19 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\AVAST Software
2015-01-31 17:23 - 2015-01-31 17:23 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-30 18:15 - 2015-01-30 18:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 14:51 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens\Local Settings\Temp
2015-02-21 14:50 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens\Plocha
2015-02-21 14:49 - 2013-03-28 02:06 - 00000000 ___HD () C:\Documents and Settings\Siemens\Local Settings\Data aplikací
2015-02-21 14:37 - 2013-03-28 02:41 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-21 14:37 - 2013-03-28 02:41 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-21 14:37 - 2013-03-28 01:54 - 01992059 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-21 14:35 - 2014-03-28 20:50 - 00000316 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-21 14:35 - 2013-04-06 00:28 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-21 14:34 - 2013-04-12 06:34 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 14:34 - 2013-04-03 19:30 - 00000266 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2015-02-21 14:34 - 2013-03-28 02:44 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-21 14:34 - 2013-03-28 02:44 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-21 14:34 - 2013-03-28 02:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-21 14:33 - 2013-03-28 02:06 - 00000178 ___SH () C:\Documents and Settings\Siemens\ntuser.ini
2015-02-21 14:33 - 2013-03-28 02:04 - 00032104 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-21 14:00 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Dokumenty
2015-02-21 13:55 - 2013-04-12 06:34 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 13:55 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens
2015-02-21 13:38 - 2013-03-28 02:41 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-02-21 13:38 - 2013-03-28 02:40 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-20 18:20 - 2013-07-24 17:38 - 00137216 ___SH () C:\Documents and Settings\Siemens\Plocha\Thumbs.db
2015-02-19 19:21 - 2001-10-25 12:00 - 00002228 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-12 20:39 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Oblíbené položky
2015-01-31 19:29 - 2014-03-28 17:34 - 00000712 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-01-31 19:29 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Nabídka Start\Programy
2015-01-31 17:24 - 2014-03-28 20:42 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-31 17:24 - 2014-03-28 20:42 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-31 17:23 - 2014-08-07 16:22 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-30 18:17 - 2013-03-28 02:04 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-30 18:17 - 2013-03-28 01:59 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-30 18:17 - 2013-03-28 01:51 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-30 18:16 - 2015-01-16 20:51 - 00000000 ____D () C:\Documents and Settings\Siemens\Data aplikací\vlc
2015-01-30 18:15 - 2014-03-28 17:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-30 18:15 - 2013-04-03 18:49 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
2015-01-30 18:15 - 2013-04-03 18:37 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-01-22 18:53 - 2014-03-28 20:28 - 00000000 ____D () C:\Documents and Settings\Siemens\Dokumenty\Stažené soubory
==================== Files in the root of some directories =======
2014-04-12 20:57 - 2014-05-29 17:12 - 0010240 _____ () C:\Documents and Settings\Siemens\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Siemens\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkcdo6l.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\Siemens\Plocha" je 48 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\vbc.exe"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"
"C:\\Documents and Settings\\Siemens\\Data aplikac\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\Siemens\\Data aplikac\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
Díky.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomalost a sekani
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
pomalost a sekani
- Přílohy
-
- Addition.rar
- (3.68 KiB) Staženo 41 x
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalost a sekani
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pomalost a sekani
# AdwCleaner v4.111 - Logfile created 22/02/2015 at 01:07:57
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Siemens - SIEMENS-544659E
# Running from : C:\Documents and Settings\Siemens\Plocha\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v34.0.5 (x86 cs)
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [1113 bytes] - [22/02/2015 01:00:24]
AdwCleaner[S0].txt - [1047 bytes] - [22/02/2015 01:07:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1106 bytes] ##########
děkuji, jak mam pokračovat?
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Siemens - SIEMENS-544659E
# Running from : C:\Documents and Settings\Siemens\Plocha\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v34.0.5 (x86 cs)
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [1113 bytes] - [22/02/2015 01:00:24]
AdwCleaner[S0].txt - [1047 bytes] - [22/02/2015 01:07:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1106 bytes] ##########
děkuji, jak mam pokračovat?
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalost a sekani
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pomalost a sekani
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2015
Ran by Siemens (administrator) on SIEMENS-544659E on 22-02-2015 20:33:57
Running from C:\Documents and Settings\Siemens\Plocha
Loaded Profiles: Siemens (Available profiles: Siemens)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SoundMan.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\osk.exe
(Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-07-19] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-07-19] (Intel Corporation)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [86016 2005-09-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2807808 2005-09-21] (RealTek Semicoductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-31] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: No Name -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 4439257765
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF DefaultSearchEngine: Seznam
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656\searchplugins\seznam-avast.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-28]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Profile: C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-13]
CHR Extension: (Google Search) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-13]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-24]
CHR Extension: (Gmail) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-31] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-31] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-31] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-31] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-31] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-31] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-31] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-31] ()
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3298432 2005-09-12] (Intel® Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 20:33 - 2015-02-22 20:35 - 00012300 _____ () C:\Documents and Settings\Siemens\Plocha\FRST.txt
2015-02-22 20:33 - 2015-02-22 20:33 - 00000000 ____D () C:\Documents and Settings\Siemens\Plocha\FRST-OlderVersion
2015-02-22 01:00 - 2015-02-22 01:07 - 00000000 ____D () C:\AdwCleaner
2015-02-22 00:59 - 2015-02-22 00:59 - 02126848 _____ () C:\Documents and Settings\Siemens\Plocha\adwcleaner_4.111.exe
2015-02-21 14:42 - 2015-02-22 20:34 - 00000000 ____D () C:\FRST
2015-02-21 14:41 - 2015-02-22 20:33 - 01126912 _____ (Farbar) C:\Documents and Settings\Siemens\Plocha\FRST.exe
2015-02-21 14:34 - 2015-02-22 20:29 - 00004320 _____ () C:\WINDOWS\setupapi.log
2015-02-21 13:59 - 2015-02-21 14:02 - 00000000 ____D () C:\Documents and Settings\Siemens\Dokumenty\registry
2015-02-20 18:18 - 2015-02-20 18:18 - 00001731 _____ () C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
2015-02-20 18:17 - 2015-01-31 17:23 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-31 19:30 - 2015-01-31 19:30 - 00000000 __SHD () C:\Documents and Settings\Siemens\IECompatCache
2015-01-31 19:29 - 2015-01-31 19:29 - 00000803 _____ () C:\Documents and Settings\Siemens\Nabídka Start\Programy\Internet Explorer (2).lnk
2015-01-31 17:25 - 2015-02-20 18:19 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\AVAST Software
2015-01-31 17:23 - 2015-01-31 17:23 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-30 18:15 - 2015-01-30 18:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 20:35 - 2014-03-28 20:50 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-22 20:35 - 2013-04-06 00:28 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-22 20:35 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens\Local Settings\Temp
2015-02-22 20:33 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens\Plocha
2015-02-22 20:29 - 2013-03-28 01:54 - 02003957 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 20:28 - 2013-04-12 06:34 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-22 20:28 - 2013-04-03 19:30 - 00000266 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2015-02-22 20:28 - 2013-03-28 02:44 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-22 20:28 - 2013-03-28 02:44 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-22 20:28 - 2013-03-28 02:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-22 01:21 - 2013-03-28 02:06 - 00000178 ___SH () C:\Documents and Settings\Siemens\ntuser.ini
2015-02-22 01:21 - 2013-03-28 02:04 - 00032326 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-22 00:55 - 2013-04-12 06:34 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 14:56 - 2013-03-28 02:06 - 00000000 ___HD () C:\Documents and Settings\Siemens\Local Settings\Data aplikací
2015-02-21 14:37 - 2013-03-28 02:41 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-21 14:37 - 2013-03-28 02:41 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-21 14:00 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Dokumenty
2015-02-21 13:55 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens
2015-02-21 13:38 - 2013-03-28 02:41 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-02-21 13:38 - 2013-03-28 02:40 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-20 18:20 - 2013-07-24 17:38 - 00137216 ___SH () C:\Documents and Settings\Siemens\Plocha\Thumbs.db
2015-02-19 19:21 - 2001-10-25 12:00 - 00002228 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-12 20:39 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Oblíbené položky
2015-01-31 19:29 - 2014-03-28 17:34 - 00000712 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-01-31 19:29 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Nabídka Start\Programy
2015-01-31 17:24 - 2014-03-28 20:42 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-31 17:24 - 2014-03-28 20:42 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-31 17:23 - 2014-08-07 16:22 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-30 18:17 - 2013-03-28 02:04 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-30 18:17 - 2013-03-28 01:59 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-30 18:17 - 2013-03-28 01:51 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-30 18:16 - 2015-01-16 20:51 - 00000000 ____D () C:\Documents and Settings\Siemens\Data aplikací\vlc
2015-01-30 18:15 - 2014-03-28 17:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-30 18:15 - 2013-04-03 18:49 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
2015-01-30 18:15 - 2013-04-03 18:37 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
==================== Files in the root of some directories =======
2014-04-12 20:57 - 2014-05-29 17:12 - 0010240 _____ () C:\Documents and Settings\Siemens\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Siemens\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkcdo6l.dll
C:\Documents and Settings\Siemens\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Siemens\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Ran by Siemens (administrator) on SIEMENS-544659E on 22-02-2015 20:33:57
Running from C:\Documents and Settings\Siemens\Plocha
Loaded Profiles: Siemens (Available profiles: Siemens)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SoundMan.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\osk.exe
(Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-07-19] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-07-19] (Intel Corporation)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [86016 2005-09-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2807808 2005-09-21] (RealTek Semicoductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-31] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Siemens\Data aplikací\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-507921405-2049760794-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: No Name -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 4439257765
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF DefaultSearchEngine: Seznam
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Siemens\Data aplikací\Mozilla\Firefox\Profiles\jepddh27.default-1398525180656\searchplugins\seznam-avast.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-28]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Profile: C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-13]
CHR Extension: (Google Search) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-13]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-24]
CHR Extension: (Gmail) - C:\Documents and Settings\Siemens\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-31] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-31] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-31] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-31] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-31] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-31] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-31] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-31] ()
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3298432 2005-09-12] (Intel® Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 20:33 - 2015-02-22 20:35 - 00012300 _____ () C:\Documents and Settings\Siemens\Plocha\FRST.txt
2015-02-22 20:33 - 2015-02-22 20:33 - 00000000 ____D () C:\Documents and Settings\Siemens\Plocha\FRST-OlderVersion
2015-02-22 01:00 - 2015-02-22 01:07 - 00000000 ____D () C:\AdwCleaner
2015-02-22 00:59 - 2015-02-22 00:59 - 02126848 _____ () C:\Documents and Settings\Siemens\Plocha\adwcleaner_4.111.exe
2015-02-21 14:42 - 2015-02-22 20:34 - 00000000 ____D () C:\FRST
2015-02-21 14:41 - 2015-02-22 20:33 - 01126912 _____ (Farbar) C:\Documents and Settings\Siemens\Plocha\FRST.exe
2015-02-21 14:34 - 2015-02-22 20:29 - 00004320 _____ () C:\WINDOWS\setupapi.log
2015-02-21 13:59 - 2015-02-21 14:02 - 00000000 ____D () C:\Documents and Settings\Siemens\Dokumenty\registry
2015-02-20 18:18 - 2015-02-20 18:18 - 00001731 _____ () C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
2015-02-20 18:17 - 2015-01-31 17:23 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-31 19:30 - 2015-01-31 19:30 - 00000000 __SHD () C:\Documents and Settings\Siemens\IECompatCache
2015-01-31 19:29 - 2015-01-31 19:29 - 00000803 _____ () C:\Documents and Settings\Siemens\Nabídka Start\Programy\Internet Explorer (2).lnk
2015-01-31 17:25 - 2015-02-20 18:19 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\AVAST Software
2015-01-31 17:23 - 2015-01-31 17:23 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-30 18:15 - 2015-01-30 18:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 20:35 - 2014-03-28 20:50 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-22 20:35 - 2013-04-06 00:28 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-22 20:35 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens\Local Settings\Temp
2015-02-22 20:33 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens\Plocha
2015-02-22 20:29 - 2013-03-28 01:54 - 02003957 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 20:28 - 2013-04-12 06:34 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-22 20:28 - 2013-04-03 19:30 - 00000266 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2015-02-22 20:28 - 2013-03-28 02:44 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-22 20:28 - 2013-03-28 02:44 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-22 20:28 - 2013-03-28 02:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-22 01:21 - 2013-03-28 02:06 - 00000178 ___SH () C:\Documents and Settings\Siemens\ntuser.ini
2015-02-22 01:21 - 2013-03-28 02:04 - 00032326 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-22 00:55 - 2013-04-12 06:34 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 14:56 - 2013-03-28 02:06 - 00000000 ___HD () C:\Documents and Settings\Siemens\Local Settings\Data aplikací
2015-02-21 14:37 - 2013-03-28 02:41 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-21 14:37 - 2013-03-28 02:41 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-21 14:00 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Dokumenty
2015-02-21 13:55 - 2013-03-28 02:06 - 00000000 ____D () C:\Documents and Settings\Siemens
2015-02-21 13:38 - 2013-03-28 02:41 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-02-21 13:38 - 2013-03-28 02:40 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-20 18:20 - 2013-07-24 17:38 - 00137216 ___SH () C:\Documents and Settings\Siemens\Plocha\Thumbs.db
2015-02-19 19:21 - 2001-10-25 12:00 - 00002228 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-12 20:39 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Oblíbené položky
2015-01-31 19:29 - 2014-03-28 17:34 - 00000712 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-01-31 19:29 - 2013-03-28 02:06 - 00000000 ___RD () C:\Documents and Settings\Siemens\Nabídka Start\Programy
2015-01-31 17:24 - 2014-03-28 20:42 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-31 17:24 - 2014-03-28 20:42 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-31 17:23 - 2014-08-07 16:22 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-01-31 17:23 - 2014-03-28 20:42 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-30 18:17 - 2013-03-28 02:04 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-30 18:17 - 2013-03-28 01:59 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-30 18:17 - 2013-03-28 01:51 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-30 18:16 - 2015-01-16 20:51 - 00000000 ____D () C:\Documents and Settings\Siemens\Data aplikací\vlc
2015-01-30 18:15 - 2014-03-28 17:34 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-30 18:15 - 2013-04-03 18:49 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
2015-01-30 18:15 - 2013-04-03 18:37 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
==================== Files in the root of some directories =======
2014-04-12 20:57 - 2014-05-29 17:12 - 0010240 _____ () C:\Documents and Settings\Siemens\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Siemens\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkcdo6l.dll
C:\Documents and Settings\Siemens\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Siemens\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalost a sekani
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: No Name -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-507921405-2049760794-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
U1 WS2IFSL; No ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\AutoKMS.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\Siemens\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\Siemens\Local Settings\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?