Preventivni_prohlidka

Zpráva

bufu1 · #1 Příspěvek od **bufu1** » 14 bře 2015 20:59

Dobrý večer,
rád bych poprosil o preventivní prohlídku PC. Poslední dobou se PC sám od sebe zapne, v nepravidelný čas a nepravidelně.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Bufu (administrator) on MSI on 14-03-2015 20:52:48
Running from C:\Documents and Settings\Bufu\Dokumenty\Stažené soubory
Loaded Profiles: Bufu (Available profiles: Bufu & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVerMedia) C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
() C:\Program Files\System Control Manager\edd.exe
(O2Micro International) C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(MSI) C:\Program Files\System Control Manager\MGSysCtrl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
(EFD Software) C:\PROGRA~1\HDTUNE~1\HDTune.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Dropbox, Inc.) C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AGRSMMSG] => C:\windows\AGRSMMSG.exe [89541 2006-06-29] (Agere Systems)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stacka\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MGSysCtrl] => C:\Program Files\System Control Manager\MGSysCtrl.exe [180224 2007-11-21] (MSI)
HKLM\...\Run: [Samsung PanelMgr] => C:\WINDOWS\samsung\panelmgr\SSMMgr.exe [684032 2010-12-07] ()
HKLM\...\Run: [HD Tune] => C:\Program Files\HD Tune\HDTune.exe [401408 2008-02-09] (EFD Software)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [331264 2010-11-26] ()
HKLM\...\Run: [RTHDCPL] => C:\windows\RTHDCPL.EXE [17021440 2008-10-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\...\Run: [OscarEditor] => C:\Program Files\OSCAR Editor X7\OscarEditor.exe [2636800 2010-07-22] ()
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\...\Run: [Google Update] => C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Port pro program Symantec Fax Starter Edition.lnk
ShortcutTarget: Port pro program Symantec Fax Starter Edition.lnk -> C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\Bufu\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-842925246-1417001333-1177238915-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-07-23] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-842925246-1417001333-1177238915-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\windows\system32\browseui.dll [2011-06-21] (Společnost Microsoft)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-842925246-1417001333-1177238915-1004: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-842925246-1417001333-1177238915-1004: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Extension: NoScript - C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-10]
FF Extension: Video DownloadHelper - C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-13]
FF Extension: Adblock Plus - C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-05-22]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-03-14]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-16]
CHR Extension: (Norton Security Toolbar) - C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-02-19]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
StartMenuInternet: Google Chrome - C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-842925246-1417001333-1177238915-1004) Opera - "C:\Program Files\Opera\Opera.exe"

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [86016 2013-08-30] (Dassault Systèmes) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-01-19] (Flexera Software, Inc.)
R2 N360; C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 NishService; C:\Program Files\System Control Manager\edd.exe [40960 2006-03-22] () [File not signed]
R2 o2flash; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 13315215; C:\windows\System32\DRIVERS\13315215.sys [133208 2012-09-13] (Kaspersky Lab ZAO)
R0 27420492; C:\windows\System32\DRIVERS\27420492.sys [133208 2013-12-07] (Kaspersky Lab ZAO)
R0 55888585; C:\windows\System32\DRIVERS\55888585.sys [133208 2013-04-19] (Kaspersky Lab ZAO)
R0 92559672; C:\windows\System32\DRIVERS\92559672.sys [133208 2014-05-02] (Kaspersky Lab ZAO)
R3 AR5416; C:\windows\System32\DRIVERS\athw.sys [1584448 2009-09-07] (Atheros Communications, Inc.)
S3 AVerIT13x; C:\windows\System32\Drivers\AVerIT13x.sys [173824 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.)
R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150309.001\BHDrvx86.sys [1164504 2015-02-03] (Symantec Corporation)
S3 Cam5603D; C:\windows\System32\Drivers\BisonCam.sys [1032488 2008-08-15] (Bison Electronics. Inc. )
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ccSet_N360; C:\windows\system32\drivers\N360\1506000.020\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [41984 2008-01-10] (Samsung Electronics Co., Ltd.) [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-01-11] (Symantec Corporation)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-12-10] (Symantec Corporation)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [61704 2011-10-24] (FTDI Ltd.)
R0 giveio; C:\windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [35992 2015-02-25] ()
S3 HPZid412; C:\windows\System32\DRIVERS\HPZid412.sys [51120 2004-12-14] (HP)
S3 HPZipr12; C:\windows\System32\DRIVERS\HPZipr12.sys [16496 2004-12-14] (HP)
S3 HPZius12; C:\windows\System32\DRIVERS\HPZius12.sys [21744 2004-12-14] (HP)
R3 IDSxpx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150313.001\IDSxpx86.sys [475792 2015-02-06] (Symantec Corporation)
R3 MGHwCtrl; C:\WINDOWS\system32\drivers\MGHwCtrl.sys [9088 2006-07-03] (Windows (R) 2000 DDK provider) [File not signed]
S3 MPE; C:\windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150313.003\NAVENG.SYS [95704 2015-03-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150313.003\NAVEX15.SYS [1636696 2015-03-04] (Symantec Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NTPCI; C:\WINDOWS\system32\drivers\ntpci.sys [3712 2006-03-23] () [File not signed]
S2 pardrv; C:\windows\system32\Drivers\pardrv.sys [9728 2011-10-12] ( ) [File not signed]
S3 Pg4uUSB; C:\windows\System32\DRIVERS\pg4uusb.sys [120312 2013-04-09] ()
R3 RTHDMIAzAudService; C:\windows\System32\drivers\RtHDMI.sys [3684352 2008-08-26] (Realtek Semiconductor Corp.)
R1 SbFw; C:\windows\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\windows\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\windows\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R0 speedfan; C:\windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 SRTSP; C:\windows\System32\Drivers\N360\1506000.020\SRTSP.SYS [664792 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\windows\system32\drivers\N360\1506000.020\SRTSPX.SYS [32984 2014-08-26] (Symantec Corporation)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2010-10-15] (Samsung Electronics) [File not signed]
R0 SymDS; C:\windows\System32\drivers\N360\1506000.020\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\drivers\N360\1506000.020\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT.SYS [142936 2013-12-17] (Symantec Corporation)
R1 SymIRON; C:\windows\system32\drivers\N360\1506000.020\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDI; C:\windows\System32\Drivers\N360\1506000.020\SYMTDI.SYS [423256 2014-02-18] (Symantec Corporation)
S3 TVicPort; C:\WINDOWS\system32\DRIVERS\TVICPORT.SYS [14544 2005-03-30] (EnTech Taiwan) [File not signed]
R3 VClone; C:\windows\System32\DRIVERS\VClone.sys [30208 2011-01-15] (Elaborate Bytes AG) [File not signed]
R3 WinDriver6; C:\windows\System32\drivers\windrvr6.sys [203680 2013-05-12] (Jungo Connectivity) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 23:20 - 2015-03-08 23:20 - 00002218 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\recently-used.xbel
2015-03-06 23:05 - 2015-03-06 23:01 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-03-06 23:03 - 2015-03-06 23:03 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-06 23:00 - 2015-03-06 23:00 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Oracle
2015-03-06 20:24 - 2015-03-13 20:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-06 06:46 - 2015-03-06 06:46 - 02157234 _____ () C:\Documents and Settings\Bufu\Plocha\upc_3.bmp
2015-03-06 06:24 - 2015-03-06 06:24 - 02270982 _____ () C:\Documents and Settings\Bufu\Plocha\upc_2.bmp
2015-03-06 06:17 - 2015-03-06 06:18 - 01546818 _____ () C:\Documents and Settings\Bufu\Plocha\upc.bmp
2015-02-25 08:18 - 2015-02-25 08:19 - 00035992 _____ () C:\windows\system32\Drivers\hitmanpro37.sys
2015-02-25 07:41 - 2015-02-25 07:41 - 00000300 _____ () C:\windows\system32\.crusader
2015-02-25 07:28 - 2015-02-25 07:28 - 00000000 ____D () C:\Program Files\HitmanPro
2015-02-24 20:00 - 2003-04-21 21:46 - 00061440 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\windows\system32\ASIW32N50.dll
2015-02-24 20:00 - 2002-09-10 19:35 - 00016302 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\windows\system32\ASINDIS5.sys
2015-02-24 20:00 - 2001-04-16 05:48 - 00015577 _____ () C:\windows\system32\ASINDIS3.vxd
2015-02-24 18:36 - 2015-02-25 07:08 - 00000000 ____D () C:\KVRT_Data
2015-02-24 18:21 - 2015-02-24 18:21 - 00029696 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\MSGBOX.EXE
2015-02-21 13:08 - 2015-02-21 13:08 - 06005564 _____ () C:\Documents and Settings\Bufu\Plocha\Two_Steps_from_Hell_-_Heart_of_Courage.wav
2015-02-20 17:34 - 2015-02-20 17:34 - 00000000 ____D () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Steam
2015-02-16 18:03 - 2015-03-13 22:31 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Euro Truck Simulator 2
2015-02-16 17:47 - 2015-02-16 17:47 - 00000216 _____ () C:\Documents and Settings\Bufu\Plocha\Euro Truck Simulator 2.url
2015-02-12 17:15 - 2015-02-12 17:15 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\navrhar2014

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 20:53 - 2014-08-26 19:06 - 00000000 ____D () C:\Documents and Settings\Bufu\Local Settings\Temp
2015-03-14 20:52 - 2014-01-09 22:40 - 00000000 ____D () C:\FRST
2015-03-14 20:52 - 2011-08-15 20:47 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Stažené soubory
2015-03-14 20:48 - 2011-08-17 22:10 - 00000000 ____D () C:\windows\pss
2015-03-14 20:48 - 2011-08-15 19:59 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-03-14 20:47 - 2014-08-25 15:43 - 01928033 _____ () C:\windows\WindowsUpdate.log
2015-03-14 20:44 - 2012-12-11 21:37 - 00000000 ___RD () C:\Documents and Settings\Bufu\Dokumenty\Dropbox
2015-03-14 20:44 - 2012-12-11 21:31 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\Dropbox
2015-03-14 20:42 - 2014-08-25 15:44 - 00000159 _____ () C:\windows\wiadebug.log
2015-03-14 20:42 - 2014-08-25 15:44 - 00000049 _____ () C:\windows\wiaservc.log
2015-03-14 20:42 - 2014-03-11 18:01 - 00000220 _____ () C:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-14 20:42 - 2011-08-15 21:57 - 00044964 _____ () C:\windows\system32\ativvaxx.cap
2015-03-14 20:42 - 2011-08-15 18:15 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-14 20:40 - 2014-10-07 16:01 - 00524288 _____ () C:\windows\system32\config\AVer Aut.evt
2015-03-14 20:40 - 2014-08-25 15:44 - 00032538 _____ () C:\windows\SchedLgU.Txt
2015-03-14 20:40 - 2011-08-15 22:03 - 00131072 _____ () C:\windows\system32\config\ACEEvent.evt
2015-03-14 20:40 - 2011-08-15 18:16 - 00000178 ___SH () C:\Documents and Settings\Bufu\ntuser.ini
2015-03-14 20:39 - 2011-08-15 18:16 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha
2015-03-14 20:15 - 2014-10-19 08:57 - 00001022 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004UA.job
2015-03-14 20:11 - 2011-08-16 17:31 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\Skype
2015-03-14 17:01 - 2011-08-15 19:59 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-14 13:19 - 2011-08-16 19:39 - 00002493 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Excel.lnk
2015-03-14 11:17 - 2011-08-15 18:16 - 00000000 ___RD () C:\Documents and Settings\Bufu\Nabídka Start\Programy\Po spuštění
2015-03-14 11:16 - 2012-12-11 21:32 - 00000000 ____D () C:\Documents and Settings\Bufu\Nabídka Start\Programy\Dropbox
2015-03-14 11:10 - 2011-08-16 19:39 - 00002545 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Word.lnk
2015-03-14 11:09 - 2008-04-14 13:00 - 00013646 _____ () C:\windows\system32\wpa.dbl
2015-03-14 10:51 - 2011-08-16 17:37 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\.purple
2015-03-13 22:33 - 2014-12-06 18:15 - 00000000 ____D () C:\Program Files\Steam
2015-03-13 19:45 - 2012-07-29 10:18 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\vlc
2015-03-12 19:30 - 2011-08-16 17:51 - 00231424 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-11 20:57 - 2014-10-07 16:05 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\AVerTV
2015-03-11 20:18 - 2013-07-22 20:37 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 20:08 - 2011-08-15 21:15 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-09 15:15 - 2014-10-19 08:57 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004Core.job
2015-03-08 23:31 - 2013-03-12 12:05 - 00000000 ____D () C:\Documents and Settings\Bufu\.gimp-2.8
2015-03-08 23:20 - 2011-08-15 18:16 - 00000000 ___HD () C:\Documents and Settings\Bufu\Local Settings\Data aplikací
2015-03-08 21:54 - 2013-07-01 19:56 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\finance
2015-03-08 21:00 - 2011-08-17 21:25 - 00000116 _____ () C:\windows\NeroDigital.ini
2015-03-08 20:58 - 2012-05-02 13:06 - 494432256 _____ () C:\windows\MEMORY.DMP
2015-03-08 17:16 - 2013-02-08 14:47 - 04321400 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-842925246-1417001333-1177238915-1004-0.dat
2015-03-08 17:15 - 2013-02-08 14:47 - 00317934 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-03-08 15:00 - 2014-03-11 18:01 - 00000214 _____ () C:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-08 09:00 - 2011-09-30 17:32 - 00000664 _____ () C:\windows\system32\d3d9caps.dat
2015-03-07 17:08 - 2012-04-29 09:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-07 15:45 - 2013-04-01 19:12 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Tablet
2015-03-07 11:54 - 2011-08-15 18:16 - 00000000 __RHD () C:\Documents and Settings\Bufu\Data aplikací
2015-03-06 23:05 - 2011-08-15 19:59 - 01372580 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-06 23:01 - 2014-12-11 17:52 - 00146432 _____ (Oracle Corporation) C:\windows\system32\javacpl.cpl
2015-03-06 23:00 - 2011-09-23 17:27 - 00000000 ____D () C:\Program Files\Java
2015-03-05 20:21 - 2013-02-02 21:22 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Visual Studio 2010
2015-03-04 22:12 - 2014-12-20 09:27 - 00000176 _____ () C:\windows\setupact.log
2015-03-02 06:38 - 2014-08-12 18:03 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\ikony
2015-02-27 07:53 - 2011-08-15 18:16 - 00000000 ____D () C:\Documents and Settings\Bufu
2015-02-26 18:11 - 2013-12-28 19:38 - 00065536 _____ () C:\windows\system32\config\Doctor Web.evt
2015-02-25 17:38 - 2012-09-23 18:37 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Smlouvy
2015-02-25 17:13 - 2011-09-23 18:50 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\Utility
2015-02-25 08:18 - 2011-08-15 20:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-25 07:28 - 2013-12-28 18:32 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2015-02-24 20:04 - 2011-08-15 19:59 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-24 18:08 - 2011-08-19 23:24 - 00000000 ____D () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\NPE
2015-02-24 18:02 - 2011-08-15 19:57 - 00000248 __RSH () C:\boot.ini
2015-02-23 16:18 - 2011-08-16 00:12 - 00000000 ____D () C:\Program Files\Pidgin
2015-02-21 14:51 - 2014-04-15 19:53 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\Audacity
2015-02-21 13:09 - 2014-02-25 13:30 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\konv
2015-02-21 10:55 - 2012-12-02 15:36 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\vstup
2015-02-19 20:47 - 2013-01-26 18:13 - 00000000 ___RD () C:\Program Files\Skype
2015-02-19 20:47 - 2011-08-16 00:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2015-02-18 18:28 - 2011-08-15 18:16 - 00000000 ___RD () C:\Documents and Settings\Bufu\Dokumenty

==================== Files in the root of some directories =======

2011-08-16 18:19 - 2003-12-19 19:36 - 0040960 _____ () C:\Program Files\Uninstall_CDS.exe
1999-04-07 20:39 - 1999-04-07 20:39 - 0099840 _____ (Symantec Corp.) C:\Program Files\Common Files\IRAABOUT.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0048640 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRALPTTR.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0070144 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAMDMTR.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0186368 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAREG.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0017920 _____ (Symantec Corp.) C:\Program Files\Common Files\IRASRIAL.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0031744 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAWEBTR.DLL
2012-07-31 23:22 - 2012-07-31 23:22 - 0000346 _____ () C:\Documents and Settings\Bufu\Data aplikací\glade-3.conf
2013-04-15 10:40 - 2013-10-28 13:14 - 0004623 _____ () C:\Documents and Settings\Bufu\Data aplikací\LTspiceIV.ini
2013-02-03 21:39 - 2013-02-03 21:46 - 0000389 _____ () C:\Documents and Settings\Bufu\Data aplikací\repmand.ini
2013-02-03 21:39 - 2013-02-03 21:46 - 0000033 _____ () C:\Documents and Settings\Bufu\Data aplikací\repmandlib.ini
2013-02-26 21:10 - 2013-03-01 07:40 - 0000778 _____ () C:\Documents and Settings\Bufu\Data aplikací\technic-launcher.jar
2013-02-26 21:10 - 2013-02-26 21:10 - 0703117 _____ () C:\Documents and Settings\Bufu\Data aplikací\technic-launcher.jar.bak
2011-10-03 14:03 - 2013-09-02 05:58 - 0000600 _____ () C:\Documents and Settings\Bufu\Data aplikací\winscp.rnd
2013-02-03 14:48 - 2013-09-25 21:14 - 0011264 _____ () C:\Documents and Settings\Bufu\Data aplikací\_fossil
2011-08-16 17:51 - 2015-03-12 19:30 - 0231424 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-26 21:42 - 2013-07-26 21:42 - 0154232 _____ (Noël Danjou) C:\Documents and Settings\Bufu\Local Settings\Data aplikací\download.exe
2013-08-11 12:47 - 2013-08-11 13:00 - 0005120 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\file__0.localstorage
2011-08-17 06:42 - 2011-08-17 06:42 - 0000124 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\fusioncache.dat
2013-02-02 18:38 - 2014-05-11 20:15 - 0000487 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\glade-3.conf
2015-02-24 18:21 - 2015-02-24 18:21 - 0029696 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\MSGBOX.EXE
2015-03-08 23:20 - 2015-03-08 23:20 - 0002218 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\recently-used.xbel

Some content of TEMP:
====================
C:\Documents and Settings\Bufu\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxrji4k.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Předem děkuji za odpověď
PS. FRST byl zpuštěn bez Luncheru, protože Firefox blokuje stažení

#2 Příspěvek od **Rudy** » 14 bře 2015 21:26

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

bufu1 · #3 Příspěvek od **bufu1** » 14 bře 2015 22:44

Dobrý večer,
log:
# AdwCleaner v4.112 - Logfile created 14/03/2015 at 22:38:55
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Bufu - MSI
# Running from : C:\Documents and Settings\Bufu\Dokumenty\Stažené soubory\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Inbox
Folder Deleted : C:\Documents and Settings\Bufu\Data aplikací\pdfforge
Folder Deleted : C:\Documents and Settings\Bufu\Data aplikací\download Manager
[!] Folder Deleted : C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B696D3C37BD0D6C33A65D38BEC459181

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v36.0.1 (x86 cs)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [1520 bytes] - [14/03/2015 22:35:44]
AdwCleaner[S0].txt - [1467 bytes] - [14/03/2015 22:38:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1526 bytes] ##########

#4 Příspěvek od **Rudy** » 14 bře 2015 23:06

Dejte nový log FRST.

bufu1 · #5 Příspěvek od **bufu1** » 14 bře 2015 23:14

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Bufu (administrator) on MSI on 14-03-2015 23:13:15
Running from C:\Documents and Settings\Bufu\Dokumenty\Stažené soubory
Loaded Profiles: Bufu (Available profiles: Bufu & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVerMedia) C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
() C:\Program Files\System Control Manager\edd.exe
(O2Micro International) C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(MSI) C:\Program Files\System Control Manager\MGSysCtrl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
(EFD Software) C:\PROGRA~1\HDTUNE~1\HDTune.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Dropbox, Inc.) C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AGRSMMSG] => C:\windows\AGRSMMSG.exe [89541 2006-06-29] (Agere Systems)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MGSysCtrl] => C:\Program Files\System Control Manager\MGSysCtrl.exe [180224 2007-11-21] (MSI)
HKLM\...\Run: [Samsung PanelMgr] => C:\WINDOWS\samsung\panelmgr\SSMMgr.exe [684032 2010-12-07] ()
HKLM\...\Run: [HD Tune] => C:\Program Files\HD Tune\HDTune.exe [401408 2008-02-09] (EFD Software)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [331264 2010-11-26] ()
HKLM\...\Run: [RTHDCPL] => C:\windows\RTHDCPL.EXE [17021440 2008-10-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\...\Run: [OscarEditor] => C:\Program Files\OSCAR Editor X7\OscarEditor.exe [2636800 2010-07-22] ()
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\...\Run: [Google Update] => C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Port pro program Symantec Fax Starter Edition.lnk
ShortcutTarget: Port pro program Symantec Fax Starter Edition.lnk -> C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\Bufu\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Bufu\Data aplikací\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-07-23] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-842925246-1417001333-1177238915-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\windows\system32\browseui.dll [2011-06-21] (Společnost Microsoft)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-842925246-1417001333-1177238915-1004: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-842925246-1417001333-1177238915-1004: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Extension: NoScript - C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-10]
FF Extension: Video DownloadHelper - C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-13]
FF Extension: Adblock Plus - C:\Documents and Settings\Bufu\Data aplikací\Mozilla\Firefox\Profiles\7oerar6v.default-1368213974953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-05-22]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-03-14]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-16]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-842925246-1417001333-1177238915-1004) Opera - "C:\Program Files\Opera\Opera.exe"

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [86016 2013-08-30] (Dassault Systèmes) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-01-19] (Flexera Software, Inc.)
R2 N360; C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 NishService; C:\Program Files\System Control Manager\edd.exe [40960 2006-03-22] () [File not signed]
R2 o2flash; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 13315215; C:\windows\System32\DRIVERS\13315215.sys [133208 2012-09-13] (Kaspersky Lab ZAO)
R0 27420492; C:\windows\System32\DRIVERS\27420492.sys [133208 2013-12-07] (Kaspersky Lab ZAO)
R0 55888585; C:\windows\System32\DRIVERS\55888585.sys [133208 2013-04-19] (Kaspersky Lab ZAO)
R0 92559672; C:\windows\System32\DRIVERS\92559672.sys [133208 2014-05-02] (Kaspersky Lab ZAO)
R3 AR5416; C:\windows\System32\DRIVERS\athw.sys [1584448 2009-09-07] (Atheros Communications, Inc.)
S3 AVerIT13x; C:\windows\System32\Drivers\AVerIT13x.sys [173824 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.)
R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150309.001\BHDrvx86.sys [1164504 2015-02-03] (Symantec Corporation)
S3 Cam5603D; C:\windows\System32\Drivers\BisonCam.sys [1032488 2008-08-15] (Bison Electronics. Inc. )
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ccSet_N360; C:\windows\system32\drivers\N360\1506000.020\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [41984 2008-01-10] (Samsung Electronics Co., Ltd.) [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-01-11] (Symantec Corporation)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-12-10] (Symantec Corporation)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [61704 2011-10-24] (FTDI Ltd.)
R0 giveio; C:\windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [35992 2015-02-25] ()
S3 HPZid412; C:\windows\System32\DRIVERS\HPZid412.sys [51120 2004-12-14] (HP)
S3 HPZipr12; C:\windows\System32\DRIVERS\HPZipr12.sys [16496 2004-12-14] (HP)
S3 HPZius12; C:\windows\System32\DRIVERS\HPZius12.sys [21744 2004-12-14] (HP)
R3 IDSxpx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150313.001\IDSxpx86.sys [475792 2015-02-06] (Symantec Corporation)
R3 MGHwCtrl; C:\WINDOWS\system32\drivers\MGHwCtrl.sys [9088 2006-07-03] (Windows (R) 2000 DDK provider) [File not signed]
S3 MPE; C:\windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150314.003\NAVENG.SYS [95704 2015-03-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150314.003\NAVEX15.SYS [1636696 2015-03-04] (Symantec Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NTPCI; C:\WINDOWS\system32\drivers\ntpci.sys [3712 2006-03-23] () [File not signed]
S2 pardrv; C:\windows\system32\Drivers\pardrv.sys [9728 2011-10-12] ( ) [File not signed]
S3 Pg4uUSB; C:\windows\System32\DRIVERS\pg4uusb.sys [120312 2013-04-09] ()
R3 RTHDMIAzAudService; C:\windows\System32\drivers\RtHDMI.sys [3684352 2008-08-26] (Realtek Semiconductor Corp.)
R1 SbFw; C:\windows\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\windows\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\windows\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R0 speedfan; C:\windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 SRTSP; C:\windows\System32\Drivers\N360\1506000.020\SRTSP.SYS [664792 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\windows\system32\drivers\N360\1506000.020\SRTSPX.SYS [32984 2014-08-26] (Symantec Corporation)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2010-10-15] (Samsung Electronics) [File not signed]
R0 SymDS; C:\windows\System32\drivers\N360\1506000.020\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\drivers\N360\1506000.020\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT.SYS [142936 2013-12-17] (Symantec Corporation)
R1 SymIRON; C:\windows\system32\drivers\N360\1506000.020\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDI; C:\windows\System32\Drivers\N360\1506000.020\SYMTDI.SYS [423256 2014-02-18] (Symantec Corporation)
S3 TVicPort; C:\WINDOWS\system32\DRIVERS\TVICPORT.SYS [14544 2005-03-30] (EnTech Taiwan) [File not signed]
R3 VClone; C:\windows\System32\DRIVERS\VClone.sys [30208 2011-01-15] (Elaborate Bytes AG) [File not signed]
R3 WinDriver6; C:\windows\System32\drivers\windrvr6.sys [203680 2013-05-12] (Jungo Connectivity) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 22:35 - 2015-03-14 22:38 - 00000000 ____D () C:\AdwCleaner
2015-03-08 23:20 - 2015-03-08 23:20 - 00002218 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\recently-used.xbel
2015-03-06 23:05 - 2015-03-06 23:01 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-03-06 23:03 - 2015-03-06 23:03 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-06 23:00 - 2015-03-06 23:00 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Oracle
2015-03-06 20:24 - 2015-03-13 20:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-06 06:46 - 2015-03-06 06:46 - 02157234 _____ () C:\Documents and Settings\Bufu\Plocha\upc_3.bmp
2015-03-06 06:24 - 2015-03-06 06:24 - 02270982 _____ () C:\Documents and Settings\Bufu\Plocha\upc_2.bmp
2015-03-06 06:17 - 2015-03-06 06:18 - 01546818 _____ () C:\Documents and Settings\Bufu\Plocha\upc.bmp
2015-02-25 08:18 - 2015-02-25 08:19 - 00035992 _____ () C:\windows\system32\Drivers\hitmanpro37.sys
2015-02-25 07:41 - 2015-02-25 07:41 - 00000300 _____ () C:\windows\system32\.crusader
2015-02-25 07:28 - 2015-02-25 07:28 - 00000000 ____D () C:\Program Files\HitmanPro
2015-02-24 20:00 - 2003-04-21 21:46 - 00061440 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\windows\system32\ASIW32N50.dll
2015-02-24 20:00 - 2002-09-10 19:35 - 00016302 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\windows\system32\ASINDIS5.sys
2015-02-24 20:00 - 2001-04-16 05:48 - 00015577 _____ () C:\windows\system32\ASINDIS3.vxd
2015-02-24 18:36 - 2015-02-25 07:08 - 00000000 ____D () C:\KVRT_Data
2015-02-24 18:21 - 2015-02-24 18:21 - 00029696 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\MSGBOX.EXE
2015-02-21 13:08 - 2015-02-21 13:08 - 06005564 _____ () C:\Documents and Settings\Bufu\Plocha\Two_Steps_from_Hell_-_Heart_of_Courage.wav
2015-02-20 17:34 - 2015-02-20 17:34 - 00000000 ____D () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\Steam
2015-02-16 18:03 - 2015-03-14 22:34 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Euro Truck Simulator 2
2015-02-16 17:47 - 2015-02-16 17:47 - 00000216 _____ () C:\Documents and Settings\Bufu\Plocha\Euro Truck Simulator 2.url
2015-02-12 17:15 - 2015-02-12 17:15 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\navrhar2014

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 23:13 - 2014-08-26 19:06 - 00000000 ____D () C:\Documents and Settings\Bufu\Local Settings\Temp
2015-03-14 23:13 - 2014-01-09 22:40 - 00000000 ____D () C:\FRST
2015-03-14 23:13 - 2011-08-15 20:47 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Stažené soubory
2015-03-14 22:43 - 2014-08-25 15:43 - 01933640 _____ () C:\windows\WindowsUpdate.log
2015-03-14 22:42 - 2012-12-11 21:37 - 00000000 ___RD () C:\Documents and Settings\Bufu\Dokumenty\Dropbox
2015-03-14 22:42 - 2012-12-11 21:31 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\Dropbox
2015-03-14 22:41 - 2014-08-25 15:44 - 00000159 _____ () C:\windows\wiadebug.log
2015-03-14 22:41 - 2011-08-16 17:31 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\Skype
2015-03-14 22:41 - 2011-08-15 22:03 - 00196608 _____ () C:\windows\system32\config\ACEEvent.evt
2015-03-14 22:40 - 2014-08-25 15:44 - 00000049 _____ () C:\windows\wiaservc.log
2015-03-14 22:40 - 2014-03-11 18:01 - 00000220 _____ () C:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-14 22:40 - 2011-08-15 21:57 - 00044964 _____ () C:\windows\system32\ativvaxx.cap
2015-03-14 22:40 - 2011-08-15 18:15 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-14 22:39 - 2014-10-07 16:01 - 00524288 _____ () C:\windows\system32\config\AVer Aut.evt
2015-03-14 22:39 - 2014-08-25 15:44 - 00032538 _____ () C:\windows\SchedLgU.Txt
2015-03-14 22:39 - 2011-08-15 18:16 - 00000178 ___SH () C:\Documents and Settings\Bufu\ntuser.ini
2015-03-14 22:38 - 2011-08-15 18:16 - 00000000 __RHD () C:\Documents and Settings\Bufu\Data aplikací
2015-03-14 22:35 - 2014-12-06 18:15 - 00000000 ____D () C:\Program Files\Steam
2015-03-14 22:15 - 2014-10-19 08:57 - 00001022 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004UA.job
2015-03-14 21:09 - 2011-08-15 18:16 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha
2015-03-14 20:48 - 2011-08-17 22:10 - 00000000 ____D () C:\windows\pss
2015-03-14 20:48 - 2011-08-15 19:59 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-03-14 17:01 - 2011-08-15 19:59 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-14 13:19 - 2011-08-16 19:39 - 00002493 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Excel.lnk
2015-03-14 11:17 - 2011-08-15 18:16 - 00000000 ___RD () C:\Documents and Settings\Bufu\Nabídka Start\Programy\Po spuštění
2015-03-14 11:16 - 2012-12-11 21:32 - 00000000 ____D () C:\Documents and Settings\Bufu\Nabídka Start\Programy\Dropbox
2015-03-14 11:10 - 2011-08-16 19:39 - 00002545 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Word.lnk
2015-03-14 11:09 - 2008-04-14 13:00 - 00013646 _____ () C:\windows\system32\wpa.dbl
2015-03-14 10:51 - 2011-08-16 17:37 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\.purple
2015-03-13 19:45 - 2012-07-29 10:18 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\vlc
2015-03-12 19:30 - 2011-08-16 17:51 - 00231424 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-11 20:57 - 2014-10-07 16:05 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\AVerTV
2015-03-11 20:18 - 2013-07-22 20:37 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 20:08 - 2011-08-15 21:15 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-09 15:15 - 2014-10-19 08:57 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004Core.job
2015-03-08 23:31 - 2013-03-12 12:05 - 00000000 ____D () C:\Documents and Settings\Bufu\.gimp-2.8
2015-03-08 23:20 - 2011-08-15 18:16 - 00000000 ___HD () C:\Documents and Settings\Bufu\Local Settings\Data aplikací
2015-03-08 21:54 - 2013-07-01 19:56 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\finance
2015-03-08 21:00 - 2011-08-17 21:25 - 00000116 _____ () C:\windows\NeroDigital.ini
2015-03-08 20:58 - 2012-05-02 13:06 - 494432256 _____ () C:\windows\MEMORY.DMP
2015-03-08 17:16 - 2013-02-08 14:47 - 04321400 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-842925246-1417001333-1177238915-1004-0.dat
2015-03-08 17:15 - 2013-02-08 14:47 - 00317934 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-03-08 15:00 - 2014-03-11 18:01 - 00000214 _____ () C:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-08 09:00 - 2011-09-30 17:32 - 00000664 _____ () C:\windows\system32\d3d9caps.dat
2015-03-07 17:08 - 2012-04-29 09:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-07 15:45 - 2013-04-01 19:12 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Tablet
2015-03-06 23:05 - 2011-08-15 19:59 - 01372580 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-06 23:01 - 2014-12-11 17:52 - 00146432 _____ (Oracle Corporation) C:\windows\system32\javacpl.cpl
2015-03-06 23:00 - 2011-09-23 17:27 - 00000000 ____D () C:\Program Files\Java
2015-03-05 20:21 - 2013-02-02 21:22 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Visual Studio 2010
2015-03-04 22:12 - 2014-12-20 09:27 - 00000176 _____ () C:\windows\setupact.log
2015-03-02 06:38 - 2014-08-12 18:03 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\ikony
2015-02-27 07:53 - 2011-08-15 18:16 - 00000000 ____D () C:\Documents and Settings\Bufu
2015-02-26 18:11 - 2013-12-28 19:38 - 00065536 _____ () C:\windows\system32\config\Doctor Web.evt
2015-02-25 17:38 - 2012-09-23 18:37 - 00000000 ____D () C:\Documents and Settings\Bufu\Dokumenty\Smlouvy
2015-02-25 17:13 - 2011-09-23 18:50 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\Utility
2015-02-25 08:18 - 2011-08-15 20:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-25 07:28 - 2013-12-28 18:32 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2015-02-24 20:04 - 2011-08-15 19:59 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-24 18:08 - 2011-08-19 23:24 - 00000000 ____D () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\NPE
2015-02-24 18:02 - 2011-08-15 19:57 - 00000248 __RSH () C:\boot.ini
2015-02-23 16:18 - 2011-08-16 00:12 - 00000000 ____D () C:\Program Files\Pidgin
2015-02-21 14:51 - 2014-04-15 19:53 - 00000000 ____D () C:\Documents and Settings\Bufu\Data aplikací\Audacity
2015-02-21 13:09 - 2014-02-25 13:30 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\konv
2015-02-21 10:55 - 2012-12-02 15:36 - 00000000 ____D () C:\Documents and Settings\Bufu\Plocha\vstup
2015-02-19 20:47 - 2013-01-26 18:13 - 00000000 ___RD () C:\Program Files\Skype
2015-02-19 20:47 - 2011-08-16 00:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2015-02-18 18:28 - 2011-08-15 18:16 - 00000000 ___RD () C:\Documents and Settings\Bufu\Dokumenty

==================== Files in the root of some directories =======

2011-08-16 18:19 - 2003-12-19 19:36 - 0040960 _____ () C:\Program Files\Uninstall_CDS.exe
1999-04-07 20:39 - 1999-04-07 20:39 - 0099840 _____ (Symantec Corp.) C:\Program Files\Common Files\IRAABOUT.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0048640 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRALPTTR.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0070144 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAMDMTR.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0186368 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAREG.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0017920 _____ (Symantec Corp.) C:\Program Files\Common Files\IRASRIAL.DLL
1998-12-09 05:53 - 1998-12-09 05:53 - 0031744 _____ (Symantec Corp., Peter Norton Computing Group) C:\Program Files\Common Files\IRAWEBTR.DLL
2012-07-31 23:22 - 2012-07-31 23:22 - 0000346 _____ () C:\Documents and Settings\Bufu\Data aplikací\glade-3.conf
2013-04-15 10:40 - 2013-10-28 13:14 - 0004623 _____ () C:\Documents and Settings\Bufu\Data aplikací\LTspiceIV.ini
2013-02-03 21:39 - 2013-02-03 21:46 - 0000389 _____ () C:\Documents and Settings\Bufu\Data aplikací\repmand.ini
2013-02-03 21:39 - 2013-02-03 21:46 - 0000033 _____ () C:\Documents and Settings\Bufu\Data aplikací\repmandlib.ini
2013-02-26 21:10 - 2013-03-01 07:40 - 0000778 _____ () C:\Documents and Settings\Bufu\Data aplikací\technic-launcher.jar
2013-02-26 21:10 - 2013-02-26 21:10 - 0703117 _____ () C:\Documents and Settings\Bufu\Data aplikací\technic-launcher.jar.bak
2011-10-03 14:03 - 2013-09-02 05:58 - 0000600 _____ () C:\Documents and Settings\Bufu\Data aplikací\winscp.rnd
2013-02-03 14:48 - 2013-09-25 21:14 - 0011264 _____ () C:\Documents and Settings\Bufu\Data aplikací\_fossil
2011-08-16 17:51 - 2015-03-12 19:30 - 0231424 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-26 21:42 - 2013-07-26 21:42 - 0154232 _____ (Noël Danjou) C:\Documents and Settings\Bufu\Local Settings\Data aplikací\download.exe
2013-08-11 12:47 - 2013-08-11 13:00 - 0005120 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\file__0.localstorage
2011-08-17 06:42 - 2011-08-17 06:42 - 0000124 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\fusioncache.dat
2013-02-02 18:38 - 2014-05-11 20:15 - 0000487 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\glade-3.conf
2015-02-24 18:21 - 2015-02-24 18:21 - 0029696 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\MSGBOX.EXE
2015-03-08 23:20 - 2015-03-08 23:20 - 0002218 _____ () C:\Documents and Settings\Bufu\Local Settings\Data aplikací\recently-used.xbel

Some content of TEMP:
====================
C:\Documents and Settings\Bufu\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphlfbth.dll
C:\Documents and Settings\Bufu\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Bufu\Local Settings\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

#6 Příspěvek od **Rudy** » 15 bře 2015 11:10

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004UA.job
C:\Documents and Settings\Bufu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004Core.job
C:\Documents and Settings\Bufu\Local Settings\Temp
End

Uložte do C:\Documents and Settings\Bufu\Dokumenty\Stažené soubory jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

bufu1 · #7 Příspěvek od **bufu1** » 15 bře 2015 14:44

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Bufu at 2015-03-15 14:09:10 Run:2
Running from C:\Documents and Settings\Bufu\Dokumenty\Stažené soubory
Loaded Profiles: Bufu (Available profiles: Bufu & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-842925246-1417001333-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004UA.job
C:\Documents and Settings\Bufu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004Core.job
C:\Documents and Settings\Bufu\Local Settings\Temp
End
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-842925246-1417001333-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004UA.job => Moved successfully.
C:\Documents and Settings\Bufu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1417001333-1177238915-1004Core.job => Moved successfully.

"C:\Documents and Settings\Bufu\Local Settings\Temp" directory move:

Could not move "C:\Documents and Settings\Bufu\Local Settings\Temp" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-15 14:12:24)<=

C:\Documents and Settings\Bufu\Local Settings\Temp => Moved successfully.

==== End of Fixlog 14:12:25 ====

#8 Příspěvek od **Rudy** » 15 bře 2015 17:04

Smazáno. Nastala nějaká změna?

bufu1 · #9 Příspěvek od **bufu1** » 17 bře 2015 07:03

Dobrý den,
problém se projevuje nepravidelně, ale včera se nevyskytl. Děkuji za kontrolu, budu dále pozorovat.

Přeji pěkný den

#10 Příspěvek od **Rudy** » 17 bře 2015 18:54

Smazáno. Nastala nějaká změna?

VIRY.CZ

Preventivni_prohlidka

Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka

Re: Preventivni_prohlidka