Dobrý den
Omlouvám se že zakládám nové téma, akorá jsme skončili s mým pc, téma už je uzamčené, ale zdá se že v pc ještě nějakou mrchu mám :-/
V prohlížeči se mi po spuštění místo domovské stránky zobrazuje luckysearch. Už to bylo dobré, ale opět se to objevilo.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Luckysearch
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Luckysearch
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Luckysearch
Dobrý den 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Cipisek (administrator) on CIPISKUV on 30-03-2015 17:36:19
Running from C:\Documents and Settings\Cipisek\Plocha
Loaded Profiles: Cipisek (Available profiles: Cipisek & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Kinoni\Remote Desktop\service.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Ralink Technology, Corp.) C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Kinoni) C:\Program Files\Kinoni\Remote Desktop\WindowsServer.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~4\rapimgr.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(TP-LINK TECHNOLOGIES CO., LTD. ) C:\Program Files\TP-LINK\COMMON\TWCU.exe
() C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\szndesktop.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-06] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime Alternative\qttask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [YourFileDownloader Installer Starter] => "C:\DOCUME~1\Cipisek\LOCALS~1\Temp\YourFileDownloaderZM3xAsi8qz.exe" -startup <===== ATTENTION
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TP-LINK Wireless Utility.lnk
ShortcutTarget: TP-LINK Wireless Utility.lnk -> C:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk /p \??\G:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {0BEB713D-1221-42DE-9363-7FC7FD1ADD2E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {31059C0F-D78E-4700-B02B-C99D1A99C1E6} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {606AD0E8-A44A-498E-9736-EDF7753B499B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {8CBF5E50-8BCC-44BA-BC12-2E47B6379E1D} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {AB8BAA71-D142-40AA-AED0-8137DB5AFE8E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {CD779888-BF77-49F8-B10E-A3F7EC1A8EE5} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {D4A2E317-B9D8-441F-99A4-5543FC8705E7} URL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {F6E8F28C-42FC-425F-9AA3-B11938942620} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {FAD04AC1-0B23-4C5F-9D6E-A2D4689567F0} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
Toolbar: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2010-04-16] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0396838750
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 secure.disc-soft.com
Tcpip\Parameters: [DhcpNameServer] 10.154.198.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default
FF DefaultSearchEngine: Centrum.cz classic
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-20] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-08-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
FF Extension: Garmin Communicator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-01-19]
FF Extension: FireFTP - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\elemhidehelper@adblockplus.org.xpi [2011-10-24]
FF Extension: Simple Currency Converter - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\foxcconverter@gmail.com.xpi [2011-10-02]
FF Extension: Turn Off the Lights - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\stefanvandamme@stefanvd.net.xpi [2012-03-11]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\translator@zoli.bod.xpi [2011-10-26]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2011-09-10]
FF Extension: Quick Translator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-11-26]
FF Extension: QR Code - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{6a910736-6fab-4480-841a-36325cce134f}.xpi [2014-12-17]
FF Extension: Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-04]
FF Extension: Greasemonkey - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-08]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-05]
Opera:
=======
OPR Extension: (CinemaP-1.9cV05.03) - C:\Documents and Settings\Cipisek\Data aplikací\Opera Software\Opera Stable\Extensions\kljbbcnooaklhpifalnihdiofoahmmjj [2015-03-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-05] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 KinoniRemoteDesktop; C:\Program Files\Kinoni\Remote Desktop\service.exe [39424 2013-01-24] () [File not signed]
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [155716 2007-10-25] (NVIDIA Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2012-12-21] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [103736 2012-12-21] ()
R2 RalinkRegistryWriter; C:\Program Files\TP-LINK\COMMON\RaRegistry.exe [185632 2010-06-25] (Ralink Technology, Corp.)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-09-07] (Crawler.com)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-10-05] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-10-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-10-05] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-10-05] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-10-06] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-10-05] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-10-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2015-02-17] (DT Soft Ltd)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2011-07-11] (Windows (R) 2000 DDK provider)
S3 M1000Srv; C:\WINDOWS\System32\Drivers\M1000KNT.sys [276930 2005-07-01] ()
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [7936 2013-04-09] (MBB Incorporated)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [7426112 2007-10-25] (NVIDIA Corporation) [File not signed]
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2011-10-23] (VSO Software) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [827488 2010-06-25] (Ralink Technology, Corp.)
R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1182480 2012-11-01] (Realtek Semiconductor Corporation )
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2010-06-25] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2015-02-16] (Duplex Secure Ltd.)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 WFIOCTL; C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
R3 WFSONORA; C:\WINDOWS\System32\drivers\wfsonora.sys [313472 2007-07-11] (Leadtek Research Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
U3 aqy7oska; C:\WINDOWS\system32\Drivers\aqy7oska.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 aykcfr3u; C:\WINDOWS\system32\Drivers\aykcfr3u.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-29 12:25 - 2015-03-29 12:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\100CANON
2015-03-27 03:22 - 2015-03-30 17:36 - 00000000 ____D () C:\Documents and Settings\Cipisek\Local Settings\Temp
2015-03-26 12:15 - 2015-03-30 17:36 - 00018570 _____ () C:\Documents and Settings\Cipisek\Plocha\FRST.txt
2015-03-26 12:15 - 2015-03-26 12:16 - 00057831 _____ () C:\Documents and Settings\Cipisek\Plocha\Addition.txt
2015-03-26 12:14 - 2015-03-30 17:36 - 00000000 ____D () C:\FRST
2015-03-26 12:13 - 2015-03-26 12:13 - 01135104 _____ (Farbar) C:\Documents and Settings\Cipisek\Plocha\FRST.exe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Adobe
2015-03-25 03:03 - 2015-03-25 03:08 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 __RHD () C:\Documents and Settings\Administrator\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ___HD () C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-03-25 03:03 - 2014-09-14 16:04 - 00000869 _____ () C:\Documents and Settings\Administrator\Plocha\T-Mobile Internet Manager.lnk
2015-03-25 03:03 - 2014-09-14 16:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Plocha
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní tiskárny
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní síť
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Oblíbené položky
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty
2015-03-25 03:03 - 2011-07-11 16:27 - 00001599 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000792 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy
2015-03-25 03:03 - 2011-07-11 16:24 - 00000000 ___HD () C:\Documents and Settings\Administrator\Šablony
2015-03-22 14:47 - 2015-03-22 14:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 18:38 - 2015-03-20 18:38 - 00000413 _____ () C:\Documents and Settings\Cipisek\Plocha\viry.txt
2015-03-19 23:58 - 2015-03-19 23:58 - 00000000 ____D () C:\_OTM
2015-03-19 23:57 - 2015-03-19 23:57 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\GFI Software
2015-03-19 23:54 - 2015-03-19 23:54 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\Cipisek\Plocha\OTM.exe
2015-03-19 17:49 - 2015-03-18 18:53 - 01107968 _____ () C:\Documents and Settings\Cipisek\Plocha\RSIT.exe
2015-03-18 22:27 - 2015-03-18 23:09 - 00000000 ____D () C:\AdwCleaner
2015-03-18 18:53 - 2015-03-25 03:15 - 00000000 ____D () C:\Program Files\trend micro
2015-03-18 18:53 - 2015-03-18 18:53 - 00000000 ____D () C:\rsit
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2015-03-17 15:35 - 2015-03-17 22:36 - 00000000 ____D () C:\Program Files\CinemaP-1.9cV05.03
2015-03-17 15:35 - 2015-03-17 15:35 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-03-17 15:34 - 2015-03-30 16:14 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz
2015-03-17 15:25 - 2015-03-17 15:36 - 00000000 ____D () C:\Program Files\SetEdit
2015-03-17 15:25 - 2015-03-17 15:25 - 00001565 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEditHD100.lnk
2015-03-17 15:25 - 2015-03-17 15:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\SetEditHD100
2015-03-15 19:37 - 2015-03-17 15:34 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit
2015-03-15 19:37 - 2015-03-15 19:37 - 03755218 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit.rar
2015-03-11 14:59 - 2015-03-12 15:05 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-03-07 21:47 - 2015-03-07 21:47 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-515967899-1563985344-725345543-1004-0.dat
2015-03-07 21:46 - 2015-03-07 21:46 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-03-06 15:58 - 2015-03-06 16:06 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\vlc
2015-03-06 15:57 - 2015-03-07 08:29 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-06 13:59 - 2015-03-07 08:56 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\HandBrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000694 _____ () C:\Documents and Settings\Cipisek\Plocha\Handbrake.lnk
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Handbrake
2015-03-06 13:38 - 2015-03-06 13:38 - 00000666 _____ () C:\Documents and Settings\Cipisek\Plocha\MakeMKV.lnk
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Program Files\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\.MakeMKV
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-30 17:36 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha
2015-03-30 16:09 - 2014-08-04 16:34 - 00000226 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-30 16:09 - 2012-07-22 15:31 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-30 16:09 - 2011-12-10 15:37 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\nView_Wallpaper
2015-03-30 16:09 - 2011-07-11 16:26 - 01459676 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-30 15:59 - 2011-07-11 18:20 - 01184034 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-30 15:55 - 2011-07-11 18:22 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-30 15:55 - 2011-07-11 18:22 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-30 15:55 - 2011-07-11 16:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-30 15:55 - 2006-03-02 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-30 00:15 - 2011-07-11 16:29 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-30 00:15 - 2011-07-11 16:29 - 00000178 ___SH () C:\Documents and Settings\Cipisek\ntuser.ini
2015-03-29 12:24 - 2011-07-15 22:36 - 00101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-29 12:00 - 2013-02-28 13:23 - 00000948 _____ () C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2015-03-29 11:14 - 2011-08-22 17:30 - 00000000 ____D () C:\Program Files\The KMPlayer
2015-03-25 15:19 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek
2015-03-24 13:59 - 2012-05-08 12:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-20 22:58 - 2014-01-26 11:35 - 00432964 _____ () C:\WINDOWS\setupapi.log
2015-03-20 22:58 - 2014-01-26 11:35 - 00012128 _____ () C:\WINDOWS\setupact.log
2015-03-20 11:44 - 2011-07-11 18:20 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-20 11:44 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací
2015-03-20 11:00 - 2011-07-11 16:29 - 00000000 __RHD () C:\Documents and Settings\Cipisek\Data aplikací
2015-03-20 10:30 - 2014-10-03 13:26 - 00000000 ____D () C:\Program Files\Opera
2015-03-19 23:58 - 2011-07-15 16:34 - 00000000 ___RD () C:\Program Files\Skype
2015-03-19 23:57 - 2013-02-28 13:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2015-03-19 23:57 - 2013-02-28 13:10 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Ad-Aware Antivirus
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-03-17 16:32 - 2015-01-25 18:12 - 00000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2015-03-17 15:37 - 2011-07-11 16:29 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-03-17 15:37 - 2006-03-02 14:00 - 00000600 _____ () C:\WINDOWS\win.ini
2015-03-17 15:35 - 2014-11-06 13:22 - 00000916 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000855 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000849 _____ () C:\Documents and Settings\All Users\Plocha\Opera.lnk
2015-03-17 15:35 - 2011-07-11 18:18 - 00000922 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-03-17 15:35 - 2011-07-11 16:29 - 00000995 _____ () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Internet Explorer.lnk
2015-03-17 15:25 - 2011-07-11 16:29 - 00000000 ___RD () C:\Documents and Settings\Cipisek\Nabídka Start\Programy
2015-03-08 16:00 - 2014-08-04 16:34 - 00000220 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-07 21:46 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-02-28 17:04 - 2015-01-03 16:03 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\ostravice
==================== Files in the root of some directories =======
2012-05-03 16:31 - 2012-05-03 16:31 - 0002528 _____ () C:\Documents and Settings\Cipisek\Data aplikací\$_hpcst$.hpc
2011-09-21 17:59 - 2011-09-21 17:59 - 0000572 _____ () C:\Documents and Settings\Cipisek\Data aplikací\AutoGK.ini
2015-01-25 18:12 - 2015-03-17 16:32 - 0000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2011-10-23 12:43 - 2011-10-23 12:43 - 0087608 _____ () C:\Documents and Settings\Cipisek\Data aplikací\inst.exe
2015-01-25 18:12 - 2015-01-25 18:12 - 0002086 _____ () C:\Documents and Settings\Cipisek\Data aplikací\OEM
2011-10-23 12:43 - 2011-10-23 12:43 - 0007887 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.cat
2011-10-23 12:43 - 2011-10-23 12:43 - 0001144 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.inf
2011-10-23 12:43 - 2011-10-23 12:43 - 0000034 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.log
2011-10-23 12:43 - 2011-10-23 12:43 - 0047360 _____ (VSO Software) C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.sys
2012-12-21 14:33 - 2012-12-21 14:33 - 0022328 _____ () C:\Documents and Settings\Cipisek\Data aplikací\PnkBstrK.sys
2011-10-23 12:43 - 2014-01-29 15:39 - 0974673 _____ () C:\Documents and Settings\Cipisek\Data aplikací\vso_ts_preview.xml
2011-07-15 22:36 - 2015-03-29 12:24 - 0101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Cipisek\Local Settings\Temp\KMP_3.9.1.134.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Cipisek (administrator) on CIPISKUV on 30-03-2015 17:36:19
Running from C:\Documents and Settings\Cipisek\Plocha
Loaded Profiles: Cipisek (Available profiles: Cipisek & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Kinoni\Remote Desktop\service.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Ralink Technology, Corp.) C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Kinoni) C:\Program Files\Kinoni\Remote Desktop\WindowsServer.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~4\rapimgr.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(TP-LINK TECHNOLOGIES CO., LTD. ) C:\Program Files\TP-LINK\COMMON\TWCU.exe
() C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\szndesktop.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-06] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime Alternative\qttask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [YourFileDownloader Installer Starter] => "C:\DOCUME~1\Cipisek\LOCALS~1\Temp\YourFileDownloaderZM3xAsi8qz.exe" -startup <===== ATTENTION
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TP-LINK Wireless Utility.lnk
ShortcutTarget: TP-LINK Wireless Utility.lnk -> C:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk /p \??\G:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {0BEB713D-1221-42DE-9363-7FC7FD1ADD2E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {31059C0F-D78E-4700-B02B-C99D1A99C1E6} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {606AD0E8-A44A-498E-9736-EDF7753B499B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {8CBF5E50-8BCC-44BA-BC12-2E47B6379E1D} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {AB8BAA71-D142-40AA-AED0-8137DB5AFE8E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {CD779888-BF77-49F8-B10E-A3F7EC1A8EE5} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {D4A2E317-B9D8-441F-99A4-5543FC8705E7} URL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {F6E8F28C-42FC-425F-9AA3-B11938942620} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {FAD04AC1-0B23-4C5F-9D6E-A2D4689567F0} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
Toolbar: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2010-04-16] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0396838750
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 secure.disc-soft.com
Tcpip\Parameters: [DhcpNameServer] 10.154.198.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default
FF DefaultSearchEngine: Centrum.cz classic
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-20] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-08-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
FF Extension: Garmin Communicator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-01-19]
FF Extension: FireFTP - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\elemhidehelper@adblockplus.org.xpi [2011-10-24]
FF Extension: Simple Currency Converter - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\foxcconverter@gmail.com.xpi [2011-10-02]
FF Extension: Turn Off the Lights - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\stefanvandamme@stefanvd.net.xpi [2012-03-11]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\translator@zoli.bod.xpi [2011-10-26]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2011-09-10]
FF Extension: Quick Translator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-11-26]
FF Extension: QR Code - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{6a910736-6fab-4480-841a-36325cce134f}.xpi [2014-12-17]
FF Extension: Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-04]
FF Extension: Greasemonkey - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-08]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-05]
Opera:
=======
OPR Extension: (CinemaP-1.9cV05.03) - C:\Documents and Settings\Cipisek\Data aplikací\Opera Software\Opera Stable\Extensions\kljbbcnooaklhpifalnihdiofoahmmjj [2015-03-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-05] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 KinoniRemoteDesktop; C:\Program Files\Kinoni\Remote Desktop\service.exe [39424 2013-01-24] () [File not signed]
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [155716 2007-10-25] (NVIDIA Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2012-12-21] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [103736 2012-12-21] ()
R2 RalinkRegistryWriter; C:\Program Files\TP-LINK\COMMON\RaRegistry.exe [185632 2010-06-25] (Ralink Technology, Corp.)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-09-07] (Crawler.com)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-10-05] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-10-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-10-05] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-10-05] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-10-06] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-10-05] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-10-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2015-02-17] (DT Soft Ltd)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2011-07-11] (Windows (R) 2000 DDK provider)
S3 M1000Srv; C:\WINDOWS\System32\Drivers\M1000KNT.sys [276930 2005-07-01] ()
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [7936 2013-04-09] (MBB Incorporated)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [7426112 2007-10-25] (NVIDIA Corporation) [File not signed]
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2011-10-23] (VSO Software) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [827488 2010-06-25] (Ralink Technology, Corp.)
R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1182480 2012-11-01] (Realtek Semiconductor Corporation )
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2010-06-25] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2015-02-16] (Duplex Secure Ltd.)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 WFIOCTL; C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
R3 WFSONORA; C:\WINDOWS\System32\drivers\wfsonora.sys [313472 2007-07-11] (Leadtek Research Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
U3 aqy7oska; C:\WINDOWS\system32\Drivers\aqy7oska.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 aykcfr3u; C:\WINDOWS\system32\Drivers\aykcfr3u.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-29 12:25 - 2015-03-29 12:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\100CANON
2015-03-27 03:22 - 2015-03-30 17:36 - 00000000 ____D () C:\Documents and Settings\Cipisek\Local Settings\Temp
2015-03-26 12:15 - 2015-03-30 17:36 - 00018570 _____ () C:\Documents and Settings\Cipisek\Plocha\FRST.txt
2015-03-26 12:15 - 2015-03-26 12:16 - 00057831 _____ () C:\Documents and Settings\Cipisek\Plocha\Addition.txt
2015-03-26 12:14 - 2015-03-30 17:36 - 00000000 ____D () C:\FRST
2015-03-26 12:13 - 2015-03-26 12:13 - 01135104 _____ (Farbar) C:\Documents and Settings\Cipisek\Plocha\FRST.exe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Adobe
2015-03-25 03:03 - 2015-03-25 03:08 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 __RHD () C:\Documents and Settings\Administrator\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ___HD () C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-03-25 03:03 - 2014-09-14 16:04 - 00000869 _____ () C:\Documents and Settings\Administrator\Plocha\T-Mobile Internet Manager.lnk
2015-03-25 03:03 - 2014-09-14 16:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Plocha
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní tiskárny
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní síť
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Oblíbené položky
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty
2015-03-25 03:03 - 2011-07-11 16:27 - 00001599 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000792 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy
2015-03-25 03:03 - 2011-07-11 16:24 - 00000000 ___HD () C:\Documents and Settings\Administrator\Šablony
2015-03-22 14:47 - 2015-03-22 14:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 18:38 - 2015-03-20 18:38 - 00000413 _____ () C:\Documents and Settings\Cipisek\Plocha\viry.txt
2015-03-19 23:58 - 2015-03-19 23:58 - 00000000 ____D () C:\_OTM
2015-03-19 23:57 - 2015-03-19 23:57 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\GFI Software
2015-03-19 23:54 - 2015-03-19 23:54 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\Cipisek\Plocha\OTM.exe
2015-03-19 17:49 - 2015-03-18 18:53 - 01107968 _____ () C:\Documents and Settings\Cipisek\Plocha\RSIT.exe
2015-03-18 22:27 - 2015-03-18 23:09 - 00000000 ____D () C:\AdwCleaner
2015-03-18 18:53 - 2015-03-25 03:15 - 00000000 ____D () C:\Program Files\trend micro
2015-03-18 18:53 - 2015-03-18 18:53 - 00000000 ____D () C:\rsit
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2015-03-17 15:35 - 2015-03-17 22:36 - 00000000 ____D () C:\Program Files\CinemaP-1.9cV05.03
2015-03-17 15:35 - 2015-03-17 15:35 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-03-17 15:34 - 2015-03-30 16:14 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz
2015-03-17 15:25 - 2015-03-17 15:36 - 00000000 ____D () C:\Program Files\SetEdit
2015-03-17 15:25 - 2015-03-17 15:25 - 00001565 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEditHD100.lnk
2015-03-17 15:25 - 2015-03-17 15:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\SetEditHD100
2015-03-15 19:37 - 2015-03-17 15:34 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit
2015-03-15 19:37 - 2015-03-15 19:37 - 03755218 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit.rar
2015-03-11 14:59 - 2015-03-12 15:05 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-03-07 21:47 - 2015-03-07 21:47 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-515967899-1563985344-725345543-1004-0.dat
2015-03-07 21:46 - 2015-03-07 21:46 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-03-06 15:58 - 2015-03-06 16:06 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\vlc
2015-03-06 15:57 - 2015-03-07 08:29 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-06 13:59 - 2015-03-07 08:56 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\HandBrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000694 _____ () C:\Documents and Settings\Cipisek\Plocha\Handbrake.lnk
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Handbrake
2015-03-06 13:38 - 2015-03-06 13:38 - 00000666 _____ () C:\Documents and Settings\Cipisek\Plocha\MakeMKV.lnk
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Program Files\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\.MakeMKV
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-30 17:36 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha
2015-03-30 16:09 - 2014-08-04 16:34 - 00000226 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-30 16:09 - 2012-07-22 15:31 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-30 16:09 - 2011-12-10 15:37 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\nView_Wallpaper
2015-03-30 16:09 - 2011-07-11 16:26 - 01459676 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-30 15:59 - 2011-07-11 18:20 - 01184034 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-30 15:55 - 2011-07-11 18:22 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-30 15:55 - 2011-07-11 18:22 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-30 15:55 - 2011-07-11 16:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-30 15:55 - 2006-03-02 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-30 00:15 - 2011-07-11 16:29 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-30 00:15 - 2011-07-11 16:29 - 00000178 ___SH () C:\Documents and Settings\Cipisek\ntuser.ini
2015-03-29 12:24 - 2011-07-15 22:36 - 00101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-29 12:00 - 2013-02-28 13:23 - 00000948 _____ () C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2015-03-29 11:14 - 2011-08-22 17:30 - 00000000 ____D () C:\Program Files\The KMPlayer
2015-03-25 15:19 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek
2015-03-24 13:59 - 2012-05-08 12:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-20 22:58 - 2014-01-26 11:35 - 00432964 _____ () C:\WINDOWS\setupapi.log
2015-03-20 22:58 - 2014-01-26 11:35 - 00012128 _____ () C:\WINDOWS\setupact.log
2015-03-20 11:44 - 2011-07-11 18:20 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-20 11:44 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací
2015-03-20 11:00 - 2011-07-11 16:29 - 00000000 __RHD () C:\Documents and Settings\Cipisek\Data aplikací
2015-03-20 10:30 - 2014-10-03 13:26 - 00000000 ____D () C:\Program Files\Opera
2015-03-19 23:58 - 2011-07-15 16:34 - 00000000 ___RD () C:\Program Files\Skype
2015-03-19 23:57 - 2013-02-28 13:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2015-03-19 23:57 - 2013-02-28 13:10 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Ad-Aware Antivirus
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-03-17 16:32 - 2015-01-25 18:12 - 00000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2015-03-17 15:37 - 2011-07-11 16:29 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-03-17 15:37 - 2006-03-02 14:00 - 00000600 _____ () C:\WINDOWS\win.ini
2015-03-17 15:35 - 2014-11-06 13:22 - 00000916 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000855 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000849 _____ () C:\Documents and Settings\All Users\Plocha\Opera.lnk
2015-03-17 15:35 - 2011-07-11 18:18 - 00000922 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-03-17 15:35 - 2011-07-11 16:29 - 00000995 _____ () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Internet Explorer.lnk
2015-03-17 15:25 - 2011-07-11 16:29 - 00000000 ___RD () C:\Documents and Settings\Cipisek\Nabídka Start\Programy
2015-03-08 16:00 - 2014-08-04 16:34 - 00000220 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-07 21:46 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-02-28 17:04 - 2015-01-03 16:03 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\ostravice
==================== Files in the root of some directories =======
2012-05-03 16:31 - 2012-05-03 16:31 - 0002528 _____ () C:\Documents and Settings\Cipisek\Data aplikací\$_hpcst$.hpc
2011-09-21 17:59 - 2011-09-21 17:59 - 0000572 _____ () C:\Documents and Settings\Cipisek\Data aplikací\AutoGK.ini
2015-01-25 18:12 - 2015-03-17 16:32 - 0000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2011-10-23 12:43 - 2011-10-23 12:43 - 0087608 _____ () C:\Documents and Settings\Cipisek\Data aplikací\inst.exe
2015-01-25 18:12 - 2015-01-25 18:12 - 0002086 _____ () C:\Documents and Settings\Cipisek\Data aplikací\OEM
2011-10-23 12:43 - 2011-10-23 12:43 - 0007887 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.cat
2011-10-23 12:43 - 2011-10-23 12:43 - 0001144 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.inf
2011-10-23 12:43 - 2011-10-23 12:43 - 0000034 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.log
2011-10-23 12:43 - 2011-10-23 12:43 - 0047360 _____ (VSO Software) C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.sys
2012-12-21 14:33 - 2012-12-21 14:33 - 0022328 _____ () C:\Documents and Settings\Cipisek\Data aplikací\PnkBstrK.sys
2011-10-23 12:43 - 2014-01-29 15:39 - 0974673 _____ () C:\Documents and Settings\Cipisek\Data aplikací\vso_ts_preview.xml
2011-07-15 22:36 - 2015-03-29 12:24 - 0101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Cipisek\Local Settings\Temp\KMP_3.9.1.134.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Luckysearch
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Luckysearch
# AdwCleaner v4.200 - Log vytvooen 30/03/2015 v 22:07:47
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Cipisek - CIPISKUV
# Spuštino z : F:\dokumenty\Stažené soubory\adwcleaner_4.200.exe
# Nastavení : Eištiní
***** [ Služby ] *****
Služba Smazáno : sp_rsdrv2
***** [ Soubory / Složky ] *****
Soubor Smazáno : C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\foxcconverter@gmail.com.xpi
Soubor Smazáno : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeee ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v36.0.4 (x86 cs)
[41v727nw.default\prefs.js] - Oádek Smazáno : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
-\\ Opera v28.0.1750.48
*************************
AdwCleaner[R0].txt - [11496 bytu] - [18/03/2015 22:27:52]
AdwCleaner[R1].txt - [1380 bytu] - [30/03/2015 22:06:08]
AdwCleaner[S0].txt - [12002 bytu] - [18/03/2015 23:09:42]
AdwCleaner[S1].txt - [1310 bytu] - [30/03/2015 22:07:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1368 bytu] ##########
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Cipisek - CIPISKUV
# Spuštino z : F:\dokumenty\Stažené soubory\adwcleaner_4.200.exe
# Nastavení : Eištiní
***** [ Služby ] *****
Služba Smazáno : sp_rsdrv2
***** [ Soubory / Složky ] *****
Soubor Smazáno : C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\foxcconverter@gmail.com.xpi
Soubor Smazáno : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeee ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v36.0.4 (x86 cs)
[41v727nw.default\prefs.js] - Oádek Smazáno : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
-\\ Opera v28.0.1750.48
*************************
AdwCleaner[R0].txt - [11496 bytu] - [18/03/2015 22:27:52]
AdwCleaner[R1].txt - [1380 bytu] - [30/03/2015 22:06:08]
AdwCleaner[S0].txt - [12002 bytu] - [18/03/2015 23:09:42]
AdwCleaner[S1].txt - [1310 bytu] - [30/03/2015 22:07:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1368 bytu] ##########
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Luckysearch
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Luckysearch
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Cipisek (administrator) on CIPISKUV on 31-03-2015 13:15:18
Running from C:\Documents and Settings\Cipisek\Plocha
Loaded Profiles: Cipisek (Available profiles: Cipisek & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Kinoni\Remote Desktop\service.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Ralink Technology, Corp.) C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Kinoni) C:\Program Files\Kinoni\Remote Desktop\WindowsServer.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~4\rapimgr.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(TP-LINK TECHNOLOGIES CO., LTD. ) C:\Program Files\TP-LINK\COMMON\TWCU.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
() C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-06] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime Alternative\qttask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [YourFileDownloader Installer Starter] => "C:\DOCUME~1\Cipisek\LOCALS~1\Temp\YourFileDownloaderZM3xAsi8qz.exe" -startup <===== ATTENTION
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TP-LINK Wireless Utility.lnk
ShortcutTarget: TP-LINK Wireless Utility.lnk -> C:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk /p \??\G:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {0BEB713D-1221-42DE-9363-7FC7FD1ADD2E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {31059C0F-D78E-4700-B02B-C99D1A99C1E6} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {606AD0E8-A44A-498E-9736-EDF7753B499B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {8CBF5E50-8BCC-44BA-BC12-2E47B6379E1D} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {AB8BAA71-D142-40AA-AED0-8137DB5AFE8E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {CD779888-BF77-49F8-B10E-A3F7EC1A8EE5} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {D4A2E317-B9D8-441F-99A4-5543FC8705E7} URL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {F6E8F28C-42FC-425F-9AA3-B11938942620} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {FAD04AC1-0B23-4C5F-9D6E-A2D4689567F0} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
Toolbar: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2010-04-16] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0396838750
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 secure.disc-soft.com
Tcpip\Parameters: [DhcpNameServer] 10.154.198.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default
FF DefaultSearchEngine: Centrum.cz classic
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-20] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-08-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
FF Extension: Garmin Communicator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-01-19]
FF Extension: FireFTP - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\elemhidehelper@adblockplus.org.xpi [2011-10-24]
FF Extension: Turn Off the Lights - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\stefanvandamme@stefanvd.net.xpi [2012-03-11]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\translator@zoli.bod.xpi [2011-10-26]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2011-09-10]
FF Extension: Quick Translator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-11-26]
FF Extension: QR Code - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{6a910736-6fab-4480-841a-36325cce134f}.xpi [2014-12-17]
FF Extension: Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-04]
FF Extension: Greasemonkey - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-08]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-05]
Opera:
=======
OPR Extension: (CinemaP-1.9cV05.03) - C:\Documents and Settings\Cipisek\Data aplikací\Opera Software\Opera Stable\Extensions\kljbbcnooaklhpifalnihdiofoahmmjj [2015-03-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-05] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 KinoniRemoteDesktop; C:\Program Files\Kinoni\Remote Desktop\service.exe [39424 2013-01-24] () [File not signed]
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [155716 2007-10-25] (NVIDIA Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2012-12-21] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [103736 2012-12-21] ()
R2 RalinkRegistryWriter; C:\Program Files\TP-LINK\COMMON\RaRegistry.exe [185632 2010-06-25] (Ralink Technology, Corp.)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-09-07] (Crawler.com)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-10-05] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-10-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-10-05] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-10-05] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-10-06] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-10-05] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-10-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2015-02-17] (DT Soft Ltd)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2011-07-11] (Windows (R) 2000 DDK provider)
S3 M1000Srv; C:\WINDOWS\System32\Drivers\M1000KNT.sys [276930 2005-07-01] ()
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [7936 2013-04-09] (MBB Incorporated)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [7426112 2007-10-25] (NVIDIA Corporation) [File not signed]
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2011-10-23] (VSO Software) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [827488 2010-06-25] (Ralink Technology, Corp.)
R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1182480 2012-11-01] (Realtek Semiconductor Corporation )
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2010-06-25] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2015-02-16] (Duplex Secure Ltd.)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 WFIOCTL; C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
R3 WFSONORA; C:\WINDOWS\System32\drivers\wfsonora.sys [313472 2007-07-11] (Leadtek Research Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
U3 ajjlu5fd; C:\WINDOWS\system32\Drivers\ajjlu5fd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 akexcznj; C:\WINDOWS\system32\Drivers\akexcznj.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-30 22:08 - 2011-06-21 11:24 - 00032768 _____ () C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys
2015-03-29 12:25 - 2015-03-29 12:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\100CANON
2015-03-27 03:22 - 2015-03-31 13:15 - 00000000 ____D () C:\Documents and Settings\Cipisek\Local Settings\Temp
2015-03-26 12:15 - 2015-03-31 13:15 - 00018654 _____ () C:\Documents and Settings\Cipisek\Plocha\FRST.txt
2015-03-26 12:15 - 2015-03-30 17:37 - 00056704 _____ () C:\Documents and Settings\Cipisek\Plocha\Addition.txt
2015-03-26 12:14 - 2015-03-31 13:15 - 00000000 ____D () C:\FRST
2015-03-26 12:13 - 2015-03-26 12:13 - 01135104 _____ (Farbar) C:\Documents and Settings\Cipisek\Plocha\FRST.exe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Adobe
2015-03-25 03:03 - 2015-03-25 03:08 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 __RHD () C:\Documents and Settings\Administrator\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ___HD () C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-03-25 03:03 - 2014-09-14 16:04 - 00000869 _____ () C:\Documents and Settings\Administrator\Plocha\T-Mobile Internet Manager.lnk
2015-03-25 03:03 - 2014-09-14 16:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Plocha
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní tiskárny
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní síť
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Oblíbené položky
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty
2015-03-25 03:03 - 2011-07-11 16:27 - 00001599 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000792 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy
2015-03-25 03:03 - 2011-07-11 16:24 - 00000000 ___HD () C:\Documents and Settings\Administrator\Šablony
2015-03-22 14:47 - 2015-03-22 14:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 18:38 - 2015-03-20 18:38 - 00000413 _____ () C:\Documents and Settings\Cipisek\Plocha\viry.txt
2015-03-19 23:58 - 2015-03-19 23:58 - 00000000 ____D () C:\_OTM
2015-03-19 23:57 - 2015-03-19 23:57 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\GFI Software
2015-03-19 23:54 - 2015-03-19 23:54 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\Cipisek\Plocha\OTM.exe
2015-03-19 17:49 - 2015-03-18 18:53 - 01107968 _____ () C:\Documents and Settings\Cipisek\Plocha\RSIT.exe
2015-03-18 22:27 - 2015-03-30 22:07 - 00000000 ____D () C:\AdwCleaner
2015-03-18 18:53 - 2015-03-25 03:15 - 00000000 ____D () C:\Program Files\trend micro
2015-03-18 18:53 - 2015-03-18 18:53 - 00000000 ____D () C:\rsit
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2015-03-17 15:35 - 2015-03-17 22:36 - 00000000 ____D () C:\Program Files\CinemaP-1.9cV05.03
2015-03-17 15:35 - 2015-03-17 15:35 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-03-17 15:34 - 2015-03-31 12:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz
2015-03-17 15:25 - 2015-03-17 15:36 - 00000000 ____D () C:\Program Files\SetEdit
2015-03-17 15:25 - 2015-03-17 15:25 - 00001565 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEditHD100.lnk
2015-03-17 15:25 - 2015-03-17 15:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\SetEditHD100
2015-03-15 19:37 - 2015-03-17 15:34 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit
2015-03-15 19:37 - 2015-03-15 19:37 - 03755218 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit.rar
2015-03-11 14:59 - 2015-03-12 15:05 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-03-07 21:47 - 2015-03-07 21:47 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-515967899-1563985344-725345543-1004-0.dat
2015-03-07 21:46 - 2015-03-07 21:46 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-03-06 15:58 - 2015-03-06 16:06 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\vlc
2015-03-06 15:57 - 2015-03-07 08:29 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-06 13:59 - 2015-03-07 08:56 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\HandBrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000694 _____ () C:\Documents and Settings\Cipisek\Plocha\Handbrake.lnk
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Handbrake
2015-03-06 13:38 - 2015-03-06 13:38 - 00000666 _____ () C:\Documents and Settings\Cipisek\Plocha\MakeMKV.lnk
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Program Files\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\.MakeMKV
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-31 13:15 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha
2015-03-31 12:27 - 2011-07-11 18:20 - 01184034 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-31 12:26 - 2011-07-11 16:26 - 01481466 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-31 12:24 - 2014-08-04 16:34 - 00000226 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-31 12:24 - 2012-07-22 15:31 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-31 12:24 - 2011-12-10 15:37 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\nView_Wallpaper
2015-03-31 12:23 - 2011-07-11 18:22 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-03-31 12:23 - 2011-07-11 18:22 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-31 12:23 - 2011-07-11 16:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-30 22:14 - 2011-07-11 16:29 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-30 22:14 - 2011-07-11 16:29 - 00000178 ___SH () C:\Documents and Settings\Cipisek\ntuser.ini
2015-03-30 15:55 - 2006-03-02 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-29 12:24 - 2011-07-15 22:36 - 00101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-29 12:00 - 2013-02-28 13:23 - 00000948 _____ () C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2015-03-29 11:14 - 2011-08-22 17:30 - 00000000 ____D () C:\Program Files\The KMPlayer
2015-03-25 15:19 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek
2015-03-24 13:59 - 2012-05-08 12:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-20 22:58 - 2014-01-26 11:35 - 00432964 _____ () C:\WINDOWS\setupapi.log
2015-03-20 22:58 - 2014-01-26 11:35 - 00012128 _____ () C:\WINDOWS\setupact.log
2015-03-20 11:44 - 2011-07-11 18:20 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-20 11:44 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací
2015-03-20 11:00 - 2011-07-11 16:29 - 00000000 __RHD () C:\Documents and Settings\Cipisek\Data aplikací
2015-03-20 10:30 - 2014-10-03 13:26 - 00000000 ____D () C:\Program Files\Opera
2015-03-19 23:58 - 2011-07-15 16:34 - 00000000 ___RD () C:\Program Files\Skype
2015-03-19 23:57 - 2013-02-28 13:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2015-03-19 23:57 - 2013-02-28 13:10 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Ad-Aware Antivirus
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-03-17 16:32 - 2015-01-25 18:12 - 00000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2015-03-17 15:37 - 2011-07-11 16:29 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-03-17 15:37 - 2006-03-02 14:00 - 00000600 _____ () C:\WINDOWS\win.ini
2015-03-17 15:35 - 2014-11-06 13:22 - 00000916 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000855 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000849 _____ () C:\Documents and Settings\All Users\Plocha\Opera.lnk
2015-03-17 15:35 - 2011-07-11 18:18 - 00000922 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-03-17 15:35 - 2011-07-11 16:29 - 00000995 _____ () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Internet Explorer.lnk
2015-03-17 15:25 - 2011-07-11 16:29 - 00000000 ___RD () C:\Documents and Settings\Cipisek\Nabídka Start\Programy
2015-03-08 16:00 - 2014-08-04 16:34 - 00000220 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-07 21:46 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
==================== Files in the root of some directories =======
2012-05-03 16:31 - 2012-05-03 16:31 - 0002528 _____ () C:\Documents and Settings\Cipisek\Data aplikací\$_hpcst$.hpc
2011-09-21 17:59 - 2011-09-21 17:59 - 0000572 _____ () C:\Documents and Settings\Cipisek\Data aplikací\AutoGK.ini
2015-01-25 18:12 - 2015-03-17 16:32 - 0000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2011-10-23 12:43 - 2011-10-23 12:43 - 0087608 _____ () C:\Documents and Settings\Cipisek\Data aplikací\inst.exe
2015-01-25 18:12 - 2015-01-25 18:12 - 0002086 _____ () C:\Documents and Settings\Cipisek\Data aplikací\OEM
2011-10-23 12:43 - 2011-10-23 12:43 - 0007887 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.cat
2011-10-23 12:43 - 2011-10-23 12:43 - 0001144 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.inf
2011-10-23 12:43 - 2011-10-23 12:43 - 0000034 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.log
2011-10-23 12:43 - 2011-10-23 12:43 - 0047360 _____ (VSO Software) C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.sys
2012-12-21 14:33 - 2012-12-21 14:33 - 0022328 _____ () C:\Documents and Settings\Cipisek\Data aplikací\PnkBstrK.sys
2011-10-23 12:43 - 2014-01-29 15:39 - 0974673 _____ () C:\Documents and Settings\Cipisek\Data aplikací\vso_ts_preview.xml
2011-07-15 22:36 - 2015-03-29 12:24 - 0101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Cipisek\Local Settings\Temp\KMP_3.9.1.134.exe
C:\Documents and Settings\Cipisek\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Cipisek\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Ran by Cipisek (administrator) on CIPISKUV on 31-03-2015 13:15:18
Running from C:\Documents and Settings\Cipisek\Plocha
Loaded Profiles: Cipisek (Available profiles: Cipisek & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Kinoni\Remote Desktop\service.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Ralink Technology, Corp.) C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
(Crawler.com) C:\Program Files\Spyware Terminator\st_rsser.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Kinoni) C:\Program Files\Kinoni\Remote Desktop\WindowsServer.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~4\rapimgr.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(TP-LINK TECHNOLOGIES CO., LTD. ) C:\Program Files\TP-LINK\COMMON\TWCU.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
() C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-06] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime Alternative\qttask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [YourFileDownloader Installer Starter] => "C:\DOCUME~1\Cipisek\LOCALS~1\Temp\YourFileDownloaderZM3xAsi8qz.exe" -startup <===== ATTENTION
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-515967899-1563985344-725345543-1004\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TP-LINK Wireless Utility.lnk
ShortcutTarget: TP-LINK Wireless Utility.lnk -> C:\Program Files\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk /p \??\G:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-515967899-1563985344-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {0BEB713D-1221-42DE-9363-7FC7FD1ADD2E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {31059C0F-D78E-4700-B02B-C99D1A99C1E6} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {606AD0E8-A44A-498E-9736-EDF7753B499B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {8CBF5E50-8BCC-44BA-BC12-2E47B6379E1D} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {AB8BAA71-D142-40AA-AED0-8137DB5AFE8E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {CD779888-BF77-49F8-B10E-A3F7EC1A8EE5} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {D4A2E317-B9D8-441F-99A4-5543FC8705E7} URL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {F6E8F28C-42FC-425F-9AA3-B11938942620} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> {FAD04AC1-0B23-4C5F-9D6E-A2D4689567F0} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
Toolbar: HKU\S-1-5-21-515967899-1563985344-725345543-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2010-04-16] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0396838750
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 secure.disc-soft.com
Tcpip\Parameters: [DhcpNameServer] 10.154.198.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default
FF DefaultSearchEngine: Centrum.cz classic
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox,tb-classic&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&utm_campaign=classic&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-20] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-08-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
FF Extension: Garmin Communicator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-01-19]
FF Extension: FireFTP - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\elemhidehelper@adblockplus.org.xpi [2011-10-24]
FF Extension: Turn Off the Lights - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\stefanvandamme@stefanvd.net.xpi [2012-03-11]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\translator@zoli.bod.xpi [2011-10-26]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2011-09-10]
FF Extension: Quick Translator - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-11-26]
FF Extension: QR Code - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{6a910736-6fab-4480-841a-36325cce134f}.xpi [2014-12-17]
FF Extension: Adblock Plus - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-04]
FF Extension: Greasemonkey - C:\Documents and Settings\Cipisek\Data aplikací\Mozilla\Firefox\Profiles\41v727nw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-08]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-05]
Opera:
=======
OPR Extension: (CinemaP-1.9cV05.03) - C:\Documents and Settings\Cipisek\Data aplikací\Opera Software\Opera Stable\Extensions\kljbbcnooaklhpifalnihdiofoahmmjj [2015-03-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-05] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 KinoniRemoteDesktop; C:\Program Files\Kinoni\Remote Desktop\service.exe [39424 2013-01-24] () [File not signed]
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [155716 2007-10-25] (NVIDIA Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2012-12-21] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [103736 2012-12-21] ()
R2 RalinkRegistryWriter; C:\Program Files\TP-LINK\COMMON\RaRegistry.exe [185632 2010-06-25] (Ralink Technology, Corp.)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-09-07] (Crawler.com)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-10-05] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-10-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-10-05] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-10-05] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-10-06] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-10-05] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-10-05] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2015-02-17] (DT Soft Ltd)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2011-07-11] (Windows (R) 2000 DDK provider)
S3 M1000Srv; C:\WINDOWS\System32\Drivers\M1000KNT.sys [276930 2005-07-01] ()
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [7936 2013-04-09] (MBB Incorporated)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [7426112 2007-10-25] (NVIDIA Corporation) [File not signed]
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2011-10-23] (VSO Software) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [827488 2010-06-25] (Ralink Technology, Corp.)
R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1182480 2012-11-01] (Realtek Semiconductor Corporation )
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2010-06-25] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2015-02-16] (Duplex Secure Ltd.)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 WFIOCTL; C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [9446 2005-01-06] (Leadtek Research Inc.) [File not signed]
R3 WFSONORA; C:\WINDOWS\System32\drivers\wfsonora.sys [313472 2007-07-11] (Leadtek Research Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
U3 ajjlu5fd; C:\WINDOWS\system32\Drivers\ajjlu5fd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 akexcznj; C:\WINDOWS\system32\Drivers\akexcznj.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
U5 P3; C:\Windows\System32\Drivers\P3.sys [46592 2008-04-14] (Microsoft Corporation)
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-30 22:08 - 2011-06-21 11:24 - 00032768 _____ () C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys
2015-03-29 12:25 - 2015-03-29 12:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\100CANON
2015-03-27 03:22 - 2015-03-31 13:15 - 00000000 ____D () C:\Documents and Settings\Cipisek\Local Settings\Temp
2015-03-26 12:15 - 2015-03-31 13:15 - 00018654 _____ () C:\Documents and Settings\Cipisek\Plocha\FRST.txt
2015-03-26 12:15 - 2015-03-30 17:37 - 00056704 _____ () C:\Documents and Settings\Cipisek\Plocha\Addition.txt
2015-03-26 12:14 - 2015-03-31 13:15 - 00000000 ____D () C:\FRST
2015-03-26 12:13 - 2015-03-26 12:13 - 01135104 _____ (Farbar) C:\Documents and Settings\Cipisek\Plocha\FRST.exe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2015-03-25 03:04 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Adobe
2015-03-25 03:03 - 2015-03-25 03:08 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 __RHD () C:\Documents and Settings\Administrator\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ___HD () C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-03-25 03:03 - 2015-03-25 03:04 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-03-25 03:03 - 2014-09-14 16:04 - 00000869 _____ () C:\Documents and Settings\Administrator\Plocha\T-Mobile Internet Manager.lnk
2015-03-25 03:03 - 2014-09-14 16:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Plocha
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní tiskárny
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Okolní síť
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Oblíbené položky
2015-03-25 03:03 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty
2015-03-25 03:03 - 2011-07-11 16:27 - 00001599 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000792 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2015-03-25 03:03 - 2011-07-11 16:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Nabídka Start\Programy
2015-03-25 03:03 - 2011-07-11 16:24 - 00000000 ___HD () C:\Documents and Settings\Administrator\Šablony
2015-03-22 14:47 - 2015-03-22 14:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 18:38 - 2015-03-20 18:38 - 00000413 _____ () C:\Documents and Settings\Cipisek\Plocha\viry.txt
2015-03-19 23:58 - 2015-03-19 23:58 - 00000000 ____D () C:\_OTM
2015-03-19 23:57 - 2015-03-19 23:57 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\GFI Software
2015-03-19 23:54 - 2015-03-19 23:54 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\Cipisek\Plocha\OTM.exe
2015-03-19 17:49 - 2015-03-18 18:53 - 01107968 _____ () C:\Documents and Settings\Cipisek\Plocha\RSIT.exe
2015-03-18 22:27 - 2015-03-30 22:07 - 00000000 ____D () C:\AdwCleaner
2015-03-18 18:53 - 2015-03-25 03:15 - 00000000 ____D () C:\Program Files\trend micro
2015-03-18 18:53 - 2015-03-18 18:53 - 00000000 ____D () C:\rsit
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2015-03-17 15:37 - 2015-03-17 15:37 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2015-03-17 15:35 - 2015-03-17 22:36 - 00000000 ____D () C:\Program Files\CinemaP-1.9cV05.03
2015-03-17 15:35 - 2015-03-17 15:35 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-03-17 15:34 - 2015-03-31 12:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Seznam.cz
2015-03-17 15:25 - 2015-03-17 15:36 - 00000000 ____D () C:\Program Files\SetEdit
2015-03-17 15:25 - 2015-03-17 15:25 - 00001565 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEditHD100.lnk
2015-03-17 15:25 - 2015-03-17 15:25 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\SetEditHD100
2015-03-15 19:37 - 2015-03-17 15:34 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit
2015-03-15 19:37 - 2015-03-15 19:37 - 03755218 _____ () C:\Documents and Settings\Cipisek\Plocha\SetEdith-satelit.rar
2015-03-11 14:59 - 2015-03-12 15:05 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-03-07 21:47 - 2015-03-07 21:47 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-515967899-1563985344-725345543-1004-0.dat
2015-03-07 21:46 - 2015-03-07 21:46 - 00161190 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-03-06 15:58 - 2015-03-06 16:06 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\vlc
2015-03-06 15:57 - 2015-03-07 08:29 - 00000000 ____D () C:\Program Files\VideoLAN
2015-03-06 13:59 - 2015-03-07 08:56 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\HandBrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000694 _____ () C:\Documents and Settings\Cipisek\Plocha\Handbrake.lnk
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-06 13:59 - 2015-03-06 13:59 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Handbrake
2015-03-06 13:38 - 2015-03-06 13:38 - 00000666 _____ () C:\Documents and Settings\Cipisek\Plocha\MakeMKV.lnk
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Program Files\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\MakeMKV
2015-03-06 13:38 - 2015-03-06 13:38 - 00000000 ____D () C:\Documents and Settings\Cipisek\.MakeMKV
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-31 13:15 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek\Plocha
2015-03-31 12:27 - 2011-07-11 18:20 - 01184034 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-31 12:26 - 2011-07-11 16:26 - 01481466 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-31 12:24 - 2014-08-04 16:34 - 00000226 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-31 12:24 - 2012-07-22 15:31 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-31 12:24 - 2011-12-10 15:37 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\nView_Wallpaper
2015-03-31 12:23 - 2011-07-11 18:22 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-03-31 12:23 - 2011-07-11 18:22 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-31 12:23 - 2011-07-11 16:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-30 22:14 - 2011-07-11 16:29 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-30 22:14 - 2011-07-11 16:29 - 00000178 ___SH () C:\Documents and Settings\Cipisek\ntuser.ini
2015-03-30 15:55 - 2006-03-02 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-29 12:24 - 2011-07-15 22:36 - 00101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-29 12:00 - 2013-02-28 13:23 - 00000948 _____ () C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2015-03-29 11:14 - 2011-08-22 17:30 - 00000000 ____D () C:\Program Files\The KMPlayer
2015-03-25 15:19 - 2011-07-11 16:29 - 00000000 ____D () C:\Documents and Settings\Cipisek
2015-03-24 13:59 - 2012-05-08 12:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-20 22:58 - 2014-01-26 11:35 - 00432964 _____ () C:\WINDOWS\setupapi.log
2015-03-20 22:58 - 2014-01-26 11:35 - 00012128 _____ () C:\WINDOWS\setupact.log
2015-03-20 11:44 - 2011-07-11 18:20 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-20 11:44 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací
2015-03-20 11:00 - 2011-07-11 16:29 - 00000000 __RHD () C:\Documents and Settings\Cipisek\Data aplikací
2015-03-20 10:30 - 2014-10-03 13:26 - 00000000 ____D () C:\Program Files\Opera
2015-03-19 23:58 - 2011-07-15 16:34 - 00000000 ___RD () C:\Program Files\Skype
2015-03-19 23:57 - 2013-02-28 13:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2015-03-19 23:57 - 2013-02-28 13:10 - 00000000 ____D () C:\Documents and Settings\Cipisek\Data aplikací\Ad-Aware Antivirus
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-03-19 23:57 - 2011-07-11 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-03-17 16:32 - 2015-01-25 18:12 - 00000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2015-03-17 15:37 - 2011-07-11 16:29 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-03-17 15:37 - 2006-03-02 14:00 - 00000600 _____ () C:\WINDOWS\win.ini
2015-03-17 15:35 - 2014-11-06 13:22 - 00000916 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000855 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2015-03-17 15:35 - 2014-10-03 13:27 - 00000849 _____ () C:\Documents and Settings\All Users\Plocha\Opera.lnk
2015-03-17 15:35 - 2011-07-11 18:18 - 00000922 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-03-17 15:35 - 2011-07-11 16:29 - 00000995 _____ () C:\Documents and Settings\Cipisek\Nabídka Start\Programy\Internet Explorer.lnk
2015-03-17 15:25 - 2011-07-11 16:29 - 00000000 ___RD () C:\Documents and Settings\Cipisek\Nabídka Start\Programy
2015-03-08 16:00 - 2014-08-04 16:34 - 00000220 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-03-07 21:46 - 2011-07-11 16:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
==================== Files in the root of some directories =======
2012-05-03 16:31 - 2012-05-03 16:31 - 0002528 _____ () C:\Documents and Settings\Cipisek\Data aplikací\$_hpcst$.hpc
2011-09-21 17:59 - 2011-09-21 17:59 - 0000572 _____ () C:\Documents and Settings\Cipisek\Data aplikací\AutoGK.ini
2015-01-25 18:12 - 2015-03-17 16:32 - 0000365 _____ () C:\Documents and Settings\Cipisek\Data aplikací\FHIGIC
2011-10-23 12:43 - 2011-10-23 12:43 - 0087608 _____ () C:\Documents and Settings\Cipisek\Data aplikací\inst.exe
2015-01-25 18:12 - 2015-01-25 18:12 - 0002086 _____ () C:\Documents and Settings\Cipisek\Data aplikací\OEM
2011-10-23 12:43 - 2011-10-23 12:43 - 0007887 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.cat
2011-10-23 12:43 - 2011-10-23 12:43 - 0001144 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.inf
2011-10-23 12:43 - 2011-10-23 12:43 - 0000034 _____ () C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.log
2011-10-23 12:43 - 2011-10-23 12:43 - 0047360 _____ (VSO Software) C:\Documents and Settings\Cipisek\Data aplikací\pcouffin.sys
2012-12-21 14:33 - 2012-12-21 14:33 - 0022328 _____ () C:\Documents and Settings\Cipisek\Data aplikací\PnkBstrK.sys
2011-10-23 12:43 - 2014-01-29 15:39 - 0974673 _____ () C:\Documents and Settings\Cipisek\Data aplikací\vso_ts_preview.xml
2011-07-15 22:36 - 2015-03-29 12:24 - 0101888 _____ () C:\Documents and Settings\Cipisek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\Cipisek\Local Settings\Temp\KMP_3.9.1.134.exe
C:\Documents and Settings\Cipisek\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Cipisek\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Luckysearch
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
U3 ajjlu5fd; C:\WINDOWS\system32\Drivers\ajjlu5fd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 akexcznj; C:\WINDOWS\system32\Drivers\akexcznj.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
C:\Documents and Settings\Cipisek\Local Settings\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Luckysearch
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Cipisek at 2015-04-01 08:45:29 Run:2
Running from C:\Documents and Settings\Cipisek\Plocha
Loaded Profiles: Cipisek (Available profiles: Cipisek & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
U3 ajjlu5fd; C:\WINDOWS\system32\Drivers\ajjlu5fd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 akexcznj; C:\WINDOWS\system32\Drivers\akexcznj.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
C:\Documents and Settings\Cipisek\Local Settings\Temp
End
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml => Moved successfully.
ajjlu5fd => Service not found.
akexcznj => Service not found.
"C:\Documents and Settings\Cipisek\Local Settings\Temp" directory move:
Could not move "C:\Documents and Settings\Cipisek\Local Settings\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-01 08:47:55)<=
C:\Documents and Settings\Cipisek\Local Settings\Temp => Moved successfully.
==== End of Fixlog 08:47:56 ====
Ran by Cipisek at 2015-04-01 08:45:29 Run:2
Running from C:\Documents and Settings\Cipisek\Plocha
Loaded Profiles: Cipisek (Available profiles: Cipisek & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml [2015-03-17]
U3 ajjlu5fd; C:\WINDOWS\system32\Drivers\ajjlu5fd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 akexcznj; C:\WINDOWS\system32\Drivers\akexcznj.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
C:\Documents and Settings\Cipisek\Local Settings\Temp
End
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\luckysearches.xml => Moved successfully.
ajjlu5fd => Service not found.
akexcznj => Service not found.
"C:\Documents and Settings\Cipisek\Local Settings\Temp" directory move:
Could not move "C:\Documents and Settings\Cipisek\Local Settings\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-01 08:47:55)<=
C:\Documents and Settings\Cipisek\Local Settings\Temp => Moved successfully.
==== End of Fixlog 08:47:56 ====
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Luckysearch
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Luckysearch
No právě že ne, spustím mozzilu a prvni okno je lucky... ale uz jde přepsat domovska stranka, takže když kliknu na ikonu domovske stranky naskociseznam, ale okno pri prvnim spusteni je to lucky, a nemam ani v doplncich nebo v programech co bych mohl odinstalovat :-/ (ve smyslu ze by to vypadalo jako soft ktery stim souvisi)
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Luckysearch
FF zazálohujte pomocí MozBackup: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ . Pak FF odinstalujte vč. jeho profilu. Znovu nainstalujte a zpět ze zálohy nakopírujte pouze záložky, příp. hesla.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Luckysearch
Dobré dopoledne
Takže mozzilu jsem zalohoval, odinstaloval (revo uninstal) nainstaloval novou. Něco jsem poplet, protože mozzila se nainstalovala i s záložkama, hestly atd.naštěstí zmizel (doufám že úplně) luckysearch. Operu jsem odinstaloval rovnou, ale ještě prudí v IE ten občas používám. Nejsem si jistý jestli můžu IE jen tak reinstalovat.
Takže mozzilu jsem zalohoval, odinstaloval (revo uninstal) nainstaloval novou. Něco jsem poplet, protože mozzila se nainstalovala i s záložkama, hestly atd.naštěstí zmizel (doufám že úplně) luckysearch. Operu jsem odinstaloval rovnou, ale ještě prudí v IE ten občas používám. Nejsem si jistý jestli můžu IE jen tak reinstalovat.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Luckysearch
IE takto reinstalovat nelze. Lze použít tento postup: https://support.microsoft.com/en-us/kb/318378/cs .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Luckysearch
Dobrý den
Trochu to trvalo, ale povedlo se ie přeinstalovat. Už se mi Luckyserch nezobrazuje ani tam. Asi je to vše, nic zvlaštního na chování PC nevidím.
Moc děkuji.
Trochu to trvalo, ale povedlo se ie přeinstalovat. Už se mi Luckyserch nezobrazuje ani tam. Asi je to vše, nic zvlaštního na chování PC nevidím.
Moc děkuji.
Přispějete na provoz fóra?