Dobrý den,
Prosím o pomoc
prohlížeče Mozilla, Opera, Explorer při startu načitají jinou stránku než je nastavena. Mozzila při serfování se seká a přesměrovává na jiné stránky formou vyskakovacích oken. Jako např.
http://pixel.uprise.website/cc_redir?u= ... IifV0%253D
http://cs.reimageplus.com/lp/sxs/index. ... 956A066610
Startovní stránka v Mozille je nyní tato:
http://pbgvv.kikdating.club/c/da57dc555 ... 2379458148
změnila se od včera po vypnutí a zapnutí PC z:
http://ic.loadblanks.ru/c/02037a282dd7fbaf?
Omylem jsem při stahování více souborů kliknul na nějaký exe soubor co vypadal jako samorozbalovací archiv Winraru. Avast něco zablokokoval a po kontrole už nehlásil nic a od té doby to začalo. Staáhnout FRSTLauncher http://viry.xf.cz/pro_usery/FRSTLauncher.exe mi bohužel nejde.
Dále na mě vyskakuje na stránkách hláška, že skript přestal fugovat. Před tím to nedělalo.
Děkuji.
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mi at 2017-01-06 10:37:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 66 GB (65%) free of 102 GB
Total RAM: 2047 MB (50% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:37:13, on 6.1.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe
c:\PROGRA~1\MOZILL~1\firefox.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Documents and Settings\Mi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mi_RSIT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ic.loadblanks.ru/c/02037a282dd7fbaf?
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 6563 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1453819583.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1463469744.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default
prefs.js - "browser.startup.homepage" - "about:home"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fdm_ffext@freedownloadmanager.org"=C:\Program Files\Free Download Manager\Firefox\Extension
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.185 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\
amcontextmenu@loucypher
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Add-ons Manager Context Menu - extension - amcontextmenu@loucypher
FlashGot Mass Downloader - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions.json
Microsoft .NET Framework Assistant - extension - {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Program Files\Free Download Manager\Firefox\Extension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Documents and Settings\All Users\Data aplikacÃ\Free Download Manager\Firefox\Extensions\2.1.13
Multi-process staged rollout - extension - e10srollout@mozilla.org - c:\PROGRA~1\MOZILL~1\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - c:\PROGRA~1\MOZILL~1\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - c:\PROGRA~1\MOZILL~1\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - c:\PROGRA~1\MOZILL~1\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\PROGRA~1\MOZILL~1\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
FlashGot - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
Fast search - extension - amcontextmenu@loucypher - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\amcontextmenu@loucypher
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\pluginreg.dat
Plugin - Windows Media Player Plug-in Dynamic Link Library - 3.0.2.629 - C:\Program Files\Windows Media Player\npdsplay.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npwmsdrm.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npdrmv2.dll
Plugin - Windows Presentation Foundation - 3.5.30729.1 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin - Java(TM) Platform SE 7 U10 - 10.10.2.18 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.100.18 - 10.10.2.18 - C:\WINDOWS\system32\npDeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.185 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
Plugin - Foxit Reader Plugin for Mozilla - 2.2.5.107 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ligocpecgmjonmijmlompafnhnpgjccd]
"Path"=C:\Program Files\Lingea\Lexicon5\syst\LG_Chrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://search.live.com/results.aspx?q={ ... rer:source?}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-14 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2015-12-03 738384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-14 170416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-04 9080768]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]
"RTHDCPL"=RTHDCPL.EXE []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-12-01 15524712]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-12-01 108392]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2015-11-07 134792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"T-Mobile CManager"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe [2015-08-06 2162152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.xtor"=C:\WINDOWS\system32\DxtoryCodec.dll
======List of files/folders created in the last 1 month======
2017-01-06 10:37:06 ----D---- C:\rsit
2017-01-06 10:37:06 ----D---- C:\Program Files\trend micro
2017-01-05 11:36:18 ----D---- C:\Documents and Settings\Mi\Data aplikací\Browsers
2017-01-05 11:36:17 ----D---- C:\Documents and Settings\Mi\Data aplikací\SPI
2017-01-05 11:20:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Movavi
2017-01-05 11:20:14 ----D---- C:\Program Files\Movavi Video Converter 17
2017-01-05 11:19:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Movavi Video Converter 17
2017-01-05 09:47:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2017-01-04 11:33:23 ----A---- C:\WINDOWS\ucrtbase.dll
2017-01-04 11:33:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-04 11:33:07 ----A---- C:\WINDOWS\avastSS.scr
2016-12-30 10:25:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Gemfor
2016-12-30 10:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\T-Mobile
2016-12-30 10:20:15 ----D---- C:\Documents and Settings\Mi\Data aplikací\T-Mobile
2016-12-30 10:20:06 ----D---- C:\Program Files\T-Mobile
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcecm.sys
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcacm.sys
2016-12-30 10:19:31 ----D---- C:\Program Files\Huawei
2016-12-21 20:24:40 ----A---- C:\WINDOWS\system32\DxtoryCodec.dll
2016-12-21 20:24:39 ----D---- C:\Program Files\ExKode
2016-12-20 14:12:22 ----D---- C:\Program Files\Mozilla Firefox
2016-12-15 10:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB945436$
2016-12-15 10:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959765$
2016-12-14 14:09:35 ----D---- C:\Program Files\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\Mi\Data aplikací\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2016-12-14 13:55:25 ----D---- C:\Program Files\Karen's Power Tools
2016-12-14 13:55:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Karen's Power Tools
======List of files/folders modified in the last 1 month======
2017-01-06 10:37:06 ----RD---- C:\Program Files
2017-01-06 10:35:03 ----D---- C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2017-01-06 10:21:50 ----D---- C:\WINDOWS\Temp
2017-01-06 10:20:59 ----D---- C:\Program Files\Opera
2017-01-05 16:15:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-01-05 16:15:14 ----D---- C:\WINDOWS\Prefetch
2017-01-05 11:36:41 ----D---- C:\Downloads
2017-01-05 11:19:52 ----D---- C:\WINDOWS
2017-01-05 10:38:24 ----D---- C:\WINDOWS\system32\drivers
2017-01-05 09:47:35 ----SD---- C:\WINDOWS\Tasks
2017-01-05 09:46:32 ----D---- C:\WINDOWS\WinSxS
2017-01-04 11:35:04 ----HD---- C:\WINDOWS\inf
2017-01-04 11:35:03 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-04 11:35:03 ----D---- C:\WINDOWS\system32
2017-01-04 11:34:29 ----D---- C:\WINDOWS\system32\CatRoot2
2017-01-02 09:30:06 ----A---- C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2016-12-21 09:49:32 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-12-20 12:24:59 ----A---- C:\WINDOWS\win.ini
2016-12-20 09:46:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-20 09:46:15 ----D---- C:\WINDOWS\system32\Macromed
2016-12-15 10:03:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-12-15 10:03:03 ----A---- C:\WINDOWS\imsins.BAK
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-04 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-04 224752]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-04 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2017-01-04 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-04 735488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-04 433768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2015-11-07 540424]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-04 92256]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2017-01-04 184592]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2013-11-30 77824]
R3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 111872]
R3 hwusb_cdcecm;hwusb_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_cdcecm.sys [2014-09-30 117888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-19 6141584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-06-18 32384]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-04 34008]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2017-01-04 66688]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2014-02-07 249856]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 199296]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-04 197128]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-04-10 244392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2016-03-14 170408]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-12-01 164712]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2015-11-07 3722912]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2015-10-19 96272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-20 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2017
Ran by Mi (administrator) on MI-5AVBHJAGM3NL (06-01-2017 11:04:18)
Running from C:\Documents and Settings\Mi\Plocha
Loaded Profiles: Mi (Available Profiles: Mi)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Gemfor s.r.o.) C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Mozilla Corporation) C:\PROGRA~1\MOZILL~1\firefox.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-04] (AVAST Software)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2412032 2009-09-18] (Vodafone)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065936 2012-06-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2012-12-03] ()
HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [134792 2015-11-07] (Check Point Software Technologies Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-343818398-1202660629-839522115-1003\...\Run: [T-Mobile CManager] => C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-343818398-1202660629-839522115-1003\...\MountPoints2: H - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-343818398-1202660629-839522115-1003\...\MountPoints2: {0d9d1fea-ce71-11e6-ae39-e81d2ccb5214} - H:\Autorun.exe
HKU\S-1-5-21-343818398-1202660629-839522115-1003\...\MountPoints2: {0d9d1fed-ce71-11e6-ae39-caed0fc7bbb4} - H:\Autorun.exe
HKU\S-1-5-21-343818398-1202660629-839522115-1003\...\MountPoints2: {6b07e804-8784-11e5-acb3-b7ed8b5f6c83} - H:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-01-04] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.77.165.211 217.77.165.81
Tcpip\..\Interfaces\{50C548D8-2BA5-4082-8D77-FD84F514546C}: [DhcpNameServer] 217.77.165.211 217.77.165.81
Internet Explorer:
==================
HKU\S-1-5-21-343818398-1202660629-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ic.loadblanks.ru/c/02037a282dd7fbaf?
HKU\S-1-5-21-343818398-1202660629-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-14] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04] (AVAST Software)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2015-12-03] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-14] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-343818398-1202660629-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2008-04-14] (Společnost Microsoft)
FireFox:
========
FF DefaultProfile: qc9jlnep.default
FF ProfilePath: C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default [2017-01-06]
FF Homepage: C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default -> about:home
FF Extension: (Fast search) - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\Extensions\amcontextmenu@loucypher [2017-01-05]
FF Extension: (FlashGot) - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-17]
FF Extension: (Flashblock) - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-09-02]
FF Extension: (Adblock Plus) - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-01-09] [not signed]
FF HKLM\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: (Free Download Manager extension) - C:\Program Files\Free Download Manager\Firefox\Extension [2016-06-03]
FF HKU\S-1-5-21-343818398-1202660629-839522115-1003\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Documents and Settings\All Users\Data aplikací\Free Download Manager\Firefox\Extensions\2.1.13
FF Extension: (Free Download Manager extension) - C:\Documents and Settings\All Users\Data aplikací\Free Download Manager\Firefox\Extensions\2.1.13 [2016-09-29]
FF HKU\S-1-5-21-343818398-1202660629-839522115-1003\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-12-20] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2016-03-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-03-14] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-343818398-1202660629-839522115-1003: @lingea.com/x-lingea-translate -> C:\Program Files\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files\Lingea\Lexicon5\syst\LG_Chrome.crx [2014-04-18]
Opera:
=======
OPR Extension: (Fast search) - C:\Documents and Settings\Mi\Data aplikací\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-04] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-04-10] (Foxit Software Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [170408 2016-03-14] (Oracle Corporation)
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-18] (Vodafone) [File not signed]
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3722912 2015-11-07] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2017-01-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2017-01-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2017-01-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2017-01-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2017-01-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2017-01-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2017-01-04] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [184592 2017-01-04] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [66688 2017-01-04] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224752 2017-01-04] (AVAST Software)
S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2015-11-04] (Windows (R) 2000 DDK provider)
R3 hwusb_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_cdcacm.sys [111872 2014-07-25] (Huawei Technologies Co., Ltd.)
R3 hwusb_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_cdcecm.sys [117888 2014-09-30] (Huawei Technologies Co., Ltd.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [124264 2012-07-03] (NVIDIA Corporation)
R3 Ser2pl; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [43264 2003-07-16] (Prolific Technology Inc.) [File not signed]
R1 Vsdatant; C:\WINDOWS\System32\vsdatant.sys [540424 2015-11-07] (Check Point Software Technologies Ltd.)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225664 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-06 11:04 - 2017-01-06 11:05 - 00013443 _____ C:\Documents and Settings\Mi\Plocha\FRST.txt
2017-01-06 11:04 - 2017-01-06 11:04 - 00000000 ____D C:\FRST
2017-01-06 10:37 - 2017-01-06 10:37 - 00000000 ____D C:\rsit
2017-01-06 10:37 - 2017-01-06 10:37 - 00000000 ____D C:\Program Files\trend micro
2017-01-06 10:36 - 2017-01-06 10:35 - 01201664 _____ C:\Documents and Settings\Mi\Plocha\RSIT.exe
2017-01-06 10:32 - 2017-01-06 10:32 - 01760256 _____ (Farbar) C:\Documents and Settings\Mi\Plocha\FRST.exe
2017-01-05 11:36 - 2017-01-05 11:36 - 00001842 ___RS C:\Documents and Settings\All Users\Nabídka Start\Programy\Аvаst SаfеZone 1 Browser.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00001842 ___RS C:\Documents and Settings\All Users\Nabídka Start\Programy\Аvаst SаfeZonе Вrowser.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00001836 ___RS C:\Documents and Settings\All Users\Plocha\Аvast SafeZonе Вrowsеr.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00001068 _____ C:\Documents and Settings\Mi\Plocha\Play WarThunder.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00000992 ___RS C:\Documents and Settings\Mi\Nabídka Start\Programy\Intеrnet Еxрlorer.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00000986 ___RS C:\Documents and Settings\All Users\Nabídka Start\Programy\Ореrа.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00000981 ___RS C:\Documents and Settings\All Users\Nabídka Start\Programy\Мozilla Firеfох.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00000980 ___RS C:\Documents and Settings\All Users\Plocha\Оperа.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00000975 ___RS C:\Documents and Settings\All Users\Plocha\Моzillа Firefоx.lnk
2017-01-05 11:36 - 2017-01-05 11:36 - 00000000 ____D C:\Documents and Settings\Mi\Data aplikací\SPI
2017-01-05 11:36 - 2017-01-05 11:36 - 00000000 ____D C:\Documents and Settings\Mi\Data aplikací\Browsers
2017-01-05 11:21 - 2017-01-05 11:21 - 00000000 ____D C:\Documents and Settings\Mi\Local Settings\Data aplikací\Movavi
2017-01-05 11:20 - 2017-01-05 11:20 - 00000806 _____ C:\Documents and Settings\All Users\Plocha\Movavi Video Converter 17.lnk
2017-01-05 11:20 - 2017-01-05 11:20 - 00000000 ____D C:\Program Files\Movavi Video Converter 17
2017-01-05 11:20 - 2017-01-05 11:20 - 00000000 ____D C:\Documents and Settings\Mi\Local Settings\Data aplikací\converter
2017-01-05 11:20 - 2017-01-05 11:20 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Movavi Video Converter 17
2017-01-05 11:20 - 2017-01-05 11:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Movavi
2017-01-05 11:19 - 2017-01-05 11:19 - 00005054 _____ C:\Documents and Settings\All Users\Data aplikací\mudtcpaz.vzs
2017-01-05 11:19 - 2017-01-05 11:19 - 00000016 _____ C:\Documents and Settings\All Users\Data aplikací\mntemp
2017-01-05 11:19 - 2017-01-05 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Movavi Video Converter 17
2017-01-05 09:49 - 2017-01-05 09:49 - 00000000 ____D C:\Documents and Settings\Mi\Local Settings\Data aplikací\CEF
2017-01-05 09:47 - 2017-01-05 09:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2017-01-05 09:47 - 2017-01-05 09:47 - 00000756 ____H C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast SafeZone 1 Browser.lnk
2017-01-04 11:33 - 2017-01-04 11:33 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2017-01-04 11:33 - 2017-01-04 11:33 - 00319760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-04 11:33 - 2017-01-04 11:33 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-12-31 14:15 - 2017-01-06 10:45 - 00000294 _____ C:\Documents and Settings\Mi\Plocha\Nový objekt - Textový dokument (2).txt
2016-12-31 12:24 - 2016-12-31 12:24 - 00476681 _____ C:\Documents and Settings\Mi\Dokumenty\230.pdf
2016-12-30 13:39 - 2016-12-30 13:39 - 00576769 _____ C:\Documents and Settings\Mi\Dokumenty\pulsni_menice-278560.pdf
2016-12-30 10:25 - 2016-12-30 10:25 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2016-12-30 10:25 - 2016-12-30 10:25 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Gemfor
2016-12-30 10:20 - 2016-12-30 14:40 - 00000875 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\T-Mobile Internet Manager.lnk
2016-12-30 10:20 - 2016-12-30 14:40 - 00000869 _____ C:\Documents and Settings\Mi\Plocha\T-Mobile Internet Manager.lnk
2016-12-30 10:20 - 2016-12-30 14:40 - 00000869 _____ C:\Documents and Settings\Default User\Plocha\T-Mobile Internet Manager.lnk
2016-12-30 10:20 - 2016-12-30 14:40 - 00000000 ____D C:\Program Files\T-Mobile
2016-12-30 10:20 - 2016-12-30 10:20 - 00000000 ____D C:\Documents and Settings\Mi\Data aplikací\T-Mobile
2016-12-30 10:20 - 2016-12-30 10:20 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Gemfor
2016-12-30 10:20 - 2016-12-30 10:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\T-Mobile
2016-12-30 10:19 - 2016-12-30 10:19 - 00000000 ____D C:\Program Files\Huawei
2016-12-30 10:19 - 2014-09-30 16:48 - 00117888 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_cdcecm.sys
2016-12-30 10:19 - 2014-07-25 17:06 - 00111872 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_cdcacm.sys
2016-12-29 12:28 - 2016-12-29 12:28 - 00000160 _____ C:\Documents and Settings\Mi\Plocha\navdat.txt
2016-12-28 12:38 - 2016-12-28 13:25 - 27245493 _____ C:\Documents and Settings\Mi\Plocha\BR_P&E_No16_SR_DE_loco_10203.pdf
2016-12-28 12:38 - 2016-12-28 12:38 - 00045408 _____ C:\Documents and Settings\Mi\Plocha\Intro to BR Performance and Efficiency Test Bulletins.pdf
2016-12-28 12:38 - 2016-12-28 12:38 - 00038508 _____ C:\Documents and Settings\Mi\Plocha\List of BR Performance and Efficiency Test Bulletins.pdf
2016-12-28 12:18 - 2016-12-28 12:34 - 11469563 _____ C:\Documents and Settings\Mi\Plocha\BR_P&E_No8_LNER_V2.pdf
2016-12-28 11:42 - 2016-12-28 12:14 - 12683918 _____ C:\Documents and Settings\Mi\Plocha\BR_P&E_No1_GWR_Hall.pdf
2016-12-28 11:16 - 2016-12-28 11:16 - 00002226 _____ C:\Documents and Settings\Mi\Plocha\modem.pdf
2016-12-28 11:13 - 2016-12-28 11:14 - 00000009 _____ C:\Documents and Settings\Mi\Plocha\číslo objednávky.txt
2016-12-27 12:30 - 2016-12-27 12:11 - 15663104 _____ C:\Documents and Settings\Mi\Plocha\Cabview_131_025_ZSSK_Cargo_medium.mp4
2016-12-26 14:29 - 2016-12-26 14:29 - 00305020 _____ C:\Documents and Settings\Mi\Plocha\Obrázek1.png
2016-12-26 10:02 - 2016-12-26 10:03 - 00000451 _____ C:\Documents and Settings\Mi\Plocha\Nový objekt - Textový dokument.txt
2016-12-24 15:16 - 2016-12-25 10:47 - 00000000 ____D C:\Documents and Settings\Mi\Plocha\zvuky
2016-12-24 13:32 - 2016-12-24 13:32 - 00002560 _____ C:\Documents and Settings\Mi\Dokumenty\151b.txt
2016-12-24 13:25 - 2016-12-24 13:25 - 00009212 _____ C:\Documents and Settings\Mi\Dokumenty\150.prn
2016-12-23 12:05 - 2016-12-23 07:29 - 209944576 _____ C:\Documents and Settings\Mi\Plocha\Cabview_471_Milovice_Zeleneč_hd720.mp4
2016-12-22 12:46 - 2016-12-22 13:07 - 20854411 _____ C:\Documents and Settings\Mi\Plocha\OpenRails-Testing-Manual.pdf
2016-12-21 20:59 - 2016-12-21 20:59 - 00294720 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-343818398-1202660629-839522115-1003-0.dat
2016-12-21 20:59 - 2016-12-21 20:59 - 00244502 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2016-12-21 20:24 - 2016-12-21 20:46 - 00000000 ____D C:\Documents and Settings\Mi\Local Settings\Data aplikací\Dxtory Software
2016-12-21 20:24 - 2016-12-21 20:24 - 00000000 ____D C:\Program Files\ExKode
2016-12-21 20:24 - 2016-12-21 20:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Dxtory2.0
2016-12-21 20:24 - 2015-08-10 16:00 - 02499648 _____ (ExKode Co. Ltd.) C:\WINDOWS\system32\DxtoryCodec.dll
2016-12-20 14:12 - 2016-12-21 09:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-20 11:09 - 2016-12-20 11:19 - 00000513 _____ C:\Documents and Settings\Mi\Plocha\471.txt
2016-12-20 10:04 - 2012-03-30 18:19 - 00011634 _____ C:\Documents and Settings\Mi\Plocha\RS3.cvf
2016-12-19 09:58 - 2016-12-19 09:43 - 17498112 _____ C:\Documents and Settings\Mi\Plocha\Cabview_162wtb_Kolín_vjezd_hd720.mp4
2016-12-18 11:46 - 2016-12-18 11:46 - 00031159 _____ C:\Documents and Settings\Mi\Plocha\DPV_ZAK.JPG
2016-12-18 11:43 - 2016-12-18 11:43 - 01227976 _____ C:\Documents and Settings\Mi\Dokumenty\SolanskyS_Systemy AVV_AZ_2009.pdf
2016-12-18 11:24 - 2016-12-18 11:24 - 00763624 _____ C:\Documents and Settings\Mi\Dokumenty\23-CRV-AVV.pdf
2016-12-18 11:18 - 2016-12-18 11:39 - 01862994 _____ C:\Documents and Settings\Mi\Dokumenty\2012-2b.pdf
2016-12-18 11:15 - 2016-12-18 11:15 - 00075645 _____ C:\Documents and Settings\Mi\Dokumenty\Automatick_veden _vlaku.pdf
2016-12-16 12:05 - 2016-12-24 15:03 - 00032084 _____ C:\Documents and Settings\Mi\Dokumenty\150.txt
2016-12-16 12:05 - 2016-12-16 12:05 - 00000456 _____ C:\Documents and Settings\Mi\Dokumenty\1502.txt
2016-12-16 11:07 - 2016-12-16 11:07 - 04079740 _____ C:\Documents and Settings\Mi\Dokumenty\CernohorskyT_Hybridni_posunovaci_JS_2009.pdf
2016-12-15 14:52 - 2016-12-15 14:53 - 00024032 _____ C:\Documents and Settings\Mi\Plocha\teorie.htm
2016-12-15 14:52 - 2016-12-15 14:53 - 00000000 ____D C:\Documents and Settings\Mi\Plocha\teorie_soubory
2016-12-15 14:22 - 2016-12-15 14:22 - 00014848 _____ C:\Documents and Settings\Mi\Dokumenty\151.xls
2016-12-15 13:51 - 2016-12-24 13:21 - 00028160 _____ C:\Documents and Settings\Mi\Dokumenty\150.xls
2016-12-15 10:03 - 2016-12-15 10:03 - 00005351 _____ C:\WINDOWS\KB945436.log
2016-12-15 10:03 - 2016-12-15 10:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB945436$
2016-12-15 10:02 - 2016-12-15 10:03 - 00005072 _____ C:\WINDOWS\KB959765.log
2016-12-15 10:02 - 2016-12-15 10:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB959765$
2016-12-15 10:02 - 2013-06-18 11:32 - 00030592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rndismpx.sys
2016-12-15 10:02 - 2013-06-18 11:32 - 00030592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rndismp.sys
2016-12-14 14:10 - 2016-12-14 14:10 - 00000662 _____ C:\Documents and Settings\Mi\Nabídka Start\Programy\Connection Meter.lnk
2016-12-14 14:09 - 2016-12-23 15:18 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ConMet
2016-12-14 14:09 - 2016-12-23 13:28 - 00000000 ____D C:\Documents and Settings\Mi\Data aplikací\ConMet
2016-12-14 14:09 - 2016-12-14 14:09 - 00000000 ____D C:\Program Files\ConMet
2016-12-14 13:55 - 2016-12-14 13:55 - 00000000 ____D C:\Program Files\Karen's Power Tools
2016-12-14 13:55 - 2016-12-14 13:55 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Karen's Power Tools
2016-12-14 13:55 - 2016-12-14 13:55 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Karen's Power Tools
2016-12-14 11:50 - 2016-12-14 11:50 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikacĂ
2016-12-12 15:54 - 2016-12-12 15:54 - 00261416 _____ C:\Documents and Settings\Mi\Dokumenty\priklad_AS motory_bc FS.pdf
2016-12-12 15:27 - 2016-12-12 15:27 - 00021816 _____ C:\Documents and Settings\Mi\Dokumenty\vzorec-pro-prepocet-tociveho-momentu-na-vykon[1].pdf
2016-12-12 14:53 - 2016-12-12 14:53 - 00803671 _____ C:\Documents and Settings\Mi\Dokumenty\KunaM_VlivNerovnomernosti_MK_2010_jizdní odpory.pdf
2016-12-12 14:39 - 2016-12-12 14:39 - 00927402 _____ C:\Documents and Settings\Mi\Plocha\Obrázek2.png
2016-12-12 14:37 - 2016-12-12 14:37 - 00241861 _____ C:\Documents and Settings\Mi\Plocha\Obrázek1.jpg
2016-12-12 13:45 - 2016-12-12 13:45 - 00042562 _____ C:\Documents and Settings\Mi\Dokumenty\klopné momenta ang.jpg
2016-12-11 09:44 - 2016-12-11 09:44 - 00000574 _____ C:\Documents and Settings\Mi\Dokumenty\680.txt
2016-12-10 14:32 - 2016-12-10 14:32 - 00557920 _____ C:\Documents and Settings\Mi\Plocha\1.jpg
2016-12-10 14:10 - 2016-12-11 15:39 - 00017408 _____ C:\Documents and Settings\Mi\Dokumenty\680.xls
2016-12-07 11:36 - 2016-12-07 11:36 - 00015872 _____ C:\Documents and Settings\Mi\Dokumenty\810.xls
2016-12-07 11:32 - 2016-12-07 11:33 - 00000328 _____ C:\Documents and Settings\Mi\Dokumenty\810.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-06 11:05 - 2015-11-04 11:30 - 00000000 ____D C:\Documents and Settings\Mi\Local Settings\Temp
2017-01-06 11:04 - 2015-11-04 11:30 - 00000000 ____D C:\Documents and Settings\Mi\Plocha
2017-01-06 10:38 - 2016-01-18 12:05 - 00000000 ____D C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2017-01-06 10:35 - 2015-11-10 11:01 - 00000000 ____D C:\Documents and Settings\Mi\Dokumenty\Stažené soubory
2017-01-06 10:21 - 2016-05-17 08:22 - 00000476 _____ C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1463469744.job
2017-01-06 10:21 - 2016-01-26 15:46 - 00000420 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1453819583.job
2017-01-06 10:21 - 2015-11-10 09:20 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2017-01-06 10:20 - 2016-01-26 15:46 - 00000000 ____D C:\Program Files\Opera
2017-01-06 10:20 - 2015-11-04 11:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-05 16:15 - 2015-11-04 11:30 - 00032612 _____ C:\WINDOWS\SchedLgU.Txt
2017-01-05 16:15 - 2015-11-04 11:30 - 00000178 ___SH C:\Documents and Settings\Mi\ntuser.ini
2017-01-05 11:42 - 2015-11-04 11:30 - 00000000 ____D C:\Documents and Settings\Mi
2017-01-05 11:36 - 2015-11-04 12:20 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2017-01-05 11:36 - 2015-11-04 12:20 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-01-05 11:36 - 2015-11-04 11:30 - 00000000 __RHD C:\Documents and Settings\Mi\Data aplikací
2017-01-05 11:36 - 2015-11-04 11:30 - 00000000 ___RD C:\Documents and Settings\Mi\Nabídka Start\Programy
2017-01-05 11:21 - 2015-11-04 11:30 - 00000000 ___HD C:\Documents and Settings\Mi\Local Settings\Data aplikací
2017-01-05 11:20 - 2015-11-04 12:19 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2017-01-04 13:57 - 2016-01-18 09:26 - 00000000 _____ C:\FileOut.Cns
2017-01-04 13:57 - 2016-01-18 09:26 - 00000000 _____ C:\FileIn.Cns
2017-01-04 11:35 - 2015-11-04 12:15 - 00000000 ___HD C:\WINDOWS\inf
2017-01-04 11:34 - 2015-11-10 09:20 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-01-04 11:34 - 2015-11-10 09:20 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-01-04 11:34 - 2015-11-10 09:20 - 00224752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-01-04 11:33 - 2016-05-17 07:56 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-01-04 11:33 - 2015-11-10 09:20 - 00184592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2017-01-04 11:33 - 2015-11-10 09:20 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-04 11:33 - 2015-11-10 09:20 - 00066688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2017-01-04 11:33 - 2015-11-10 09:20 - 00064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2017-01-04 11:33 - 2015-11-10 09:20 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-04 11:33 - 2015-11-10 09:20 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-04 10:25 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-01-02 13:41 - 2016-01-18 09:42 - 00002207 _____ C:\Documents and Settings\Mi\Nabídka Start\Shape Viewer 2.2.lnk
2017-01-02 13:35 - 2016-11-26 11:14 - 00030522 _____ C:\Documents and Settings\Mi\Plocha\OpenRailsLog.txt
2017-01-02 09:30 - 2016-12-02 13:22 - 00033274 _____ C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2016-12-31 12:24 - 2015-11-04 11:30 - 00000000 ___RD C:\Documents and Settings\Mi\Dokumenty
2016-12-30 14:41 - 2016-01-09 08:58 - 00471256 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2016-12-30 14:41 - 2015-11-04 11:30 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2016-12-30 14:40 - 2015-11-04 12:20 - 00000000 ____D C:\Documents and Settings\Default User\Plocha
2016-12-30 14:40 - 2015-11-04 11:40 - 00001024 ____H C:\Documents and Settings\Default User\NTUSER.DAT.LOG
2016-12-30 10:25 - 2015-11-04 11:30 - 00000000 __SHD C:\Documents and Settings\LocalService\Cookies
2016-12-30 10:25 - 2015-11-04 11:30 - 00000000 __SHD C:\Documents and Settings\LocalService
2016-12-30 10:20 - 2015-11-04 11:28 - 00262144 ____H C:\Documents and Settings\Default User\NTUSER.DAT
2016-12-30 10:19 - 2015-11-04 12:19 - 00195807 _____ C:\WINDOWS\setupact.log
2016-12-25 15:51 - 2015-11-04 12:21 - 00000216 _____ C:\WINDOWS\wiadebug.log
2016-12-25 15:17 - 2015-11-04 12:21 - 00000050 _____ C:\WINDOWS\wiaservc.log
2016-12-23 13:32 - 2016-09-03 12:22 - 00000000 ____D C:\Documents and Settings\Mi\Dokumenty\Lexicon
2016-12-21 09:49 - 2015-11-10 11:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-20 12:24 - 2001-10-25 13:00 - 00000508 _____ C:\WINDOWS\win.ini
2016-12-20 09:46 - 2016-04-23 10:48 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-20 09:46 - 2016-04-23 10:48 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-12-20 09:46 - 2015-11-04 11:27 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-18 13:50 - 2015-11-04 11:40 - 00066750 _____ C:\WINDOWS\wmsetup.log
2016-12-17 09:53 - 2016-11-05 12:27 - 00013824 _____ C:\Documents and Settings\Mi\Dokumenty\vypočet.xls
2016-12-15 11:20 - 2016-12-02 11:10 - 00721930 _____ C:\Documents and Settings\Mi\Dokumenty\Dreadnought_Ejector.pdf
2016-12-15 10:03 - 2015-11-04 12:20 - 00127825 _____ C:\WINDOWS\iis6.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00065851 _____ C:\WINDOWS\FaxSetup.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00050657 _____ C:\WINDOWS\ocgen.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00037185 _____ C:\WINDOWS\tsoc.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00034133 _____ C:\WINDOWS\comsetup.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00032944 _____ C:\WINDOWS\msmqinst.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00019739 _____ C:\WINDOWS\ntdtcsetup.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00012206 _____ C:\WINDOWS\netfxocm.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00004341 _____ C:\WINDOWS\ocmsn.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00003959 _____ C:\WINDOWS\tabletoc.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00003855 _____ C:\WINDOWS\msgsocm.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00001393 _____ C:\WINDOWS\imsins.log
2016-12-15 10:03 - 2015-11-04 12:20 - 00001393 _____ C:\WINDOWS\imsins.BAK
2016-12-15 10:03 - 2015-11-04 12:15 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-12-15 10:03 - 2015-11-04 11:34 - 00005820 _____ C:\WINDOWS\medctroc.Log
2016-12-14 11:50 - 2015-11-04 12:19 - 00000000 ____D C:\Documents and Settings\All Users
2016-12-07 11:34 - 2016-12-03 15:09 - 00000418 _____ C:\Documents and Settings\Mi\Dokumenty\842.1.txt
==================== Files in the root of some directories =======
2016-08-06 08:33 - 2016-10-26 13:48 - 0005632 _____ () C:\Documents and Settings\Mi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-08-28 14:16 - 2009-08-28 14:16 - 0130238 ____R () C:\Documents and Settings\All Users\Data aplikací\DeviceManager.xml.rc4
2017-01-05 11:19 - 2017-01-05 11:19 - 0000016 _____ () C:\Documents and Settings\All Users\Data aplikací\mntemp
2017-01-05 11:19 - 2017-01-05 11:19 - 0005054 _____ () C:\Documents and Settings\All Users\Data aplikací\mudtcpaz.vzs
Some files in TEMP:
====================
C:\Documents and Settings\Mi\Local Settings\Temp\aect4e9q.dll
C:\Documents and Settings\Mi\Local Settings\Temp\free-media-converter.exe
C:\Documents and Settings\Mi\Local Settings\Temp\xmlUpdater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Mozilla, Opera, Explorer při startu načitají jinou stránku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
V prohlížečích se již zobrazují startovní stránky, které jsou nastavené.
Je potřeba ješte pro ujištění, že je vše v pořádku zkontrolovat něco dalšího?
# AdwCleaner v6.042 - Log vytvořen 07/01/2017 v 09:33:54
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-06.1 [Server]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Mi - MI-5AVBHJAGM3NL
# Spuštěno z : C:\Documents and Settings\Mi\Plocha\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\DOCUME~1\Mi\LOCALS~1\Temp\VideoConverter
[-] Složka smazána: C:\Documents and Settings\Mi\Data aplikací\browsers
***** [ Soubory ] *****
[#] Soubor smazán: C:\Documents and Settings\Mi\Data aplikací\Browsers\firefox.bat.exe
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1061 Bajty] - [07/01/2017 09:33:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [1528 Bajty] - [07/01/2017 09:33:06]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1207 Bajty] ##########
Je potřeba ješte pro ujištění, že je vše v pořádku zkontrolovat něco dalšího?
# AdwCleaner v6.042 - Log vytvořen 07/01/2017 v 09:33:54
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-06.1 [Server]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Mi - MI-5AVBHJAGM3NL
# Spuštěno z : C:\Documents and Settings\Mi\Plocha\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\DOCUME~1\Mi\LOCALS~1\Temp\VideoConverter
[-] Složka smazána: C:\Documents and Settings\Mi\Data aplikací\browsers
***** [ Soubory ] *****
[#] Soubor smazán: C:\Documents and Settings\Mi\Data aplikací\Browsers\firefox.bat.exe
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1061 Bajty] - [07/01/2017 09:33:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [1528 Bajty] - [07/01/2017 09:33:06]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1207 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Zde je:
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mi at 2017-01-07 11:46:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 68 GB (66%) free of 102 GB
Total RAM: 2047 MB (52% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:45, on 7.1.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Mi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mi_RSIT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 6618 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1453819583.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1463469744.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default
prefs.js - "browser.startup.homepage" - "about:home"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fdm_ffext@freedownloadmanager.org"=C:\Program Files\Free Download Manager\Firefox\Extension
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.185 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FlashGot Mass Downloader - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions.json
Microsoft .NET Framework Assistant - extension - {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Program Files\Free Download Manager\Firefox\Extension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Documents and Settings\All Users\Data aplikacÃ\Free Download Manager\Firefox\Extensions\2.1.13
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
FlashGot - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\pluginreg.dat
Plugin - Windows Media Player Plug-in Dynamic Link Library - 3.0.2.629 - C:\Program Files\Windows Media Player\npdsplay.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npwmsdrm.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npdrmv2.dll
Plugin - Windows Presentation Foundation - 3.5.30729.1 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin - Java(TM) Platform SE 7 U10 - 10.10.2.18 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.100.18 - 10.10.2.18 - C:\WINDOWS\system32\npDeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.185 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
Plugin - Foxit Reader Plugin for Mozilla - 2.2.5.107 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ligocpecgmjonmijmlompafnhnpgjccd]
"Path"=C:\Program Files\Lingea\Lexicon5\syst\LG_Chrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://search.live.com/results.aspx?q={ ... rer:source?}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-14 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2015-12-03 738384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-14 170416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-04 9080768]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]
"RTHDCPL"=RTHDCPL.EXE []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-12-01 15524712]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-12-01 108392]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2015-11-07 134792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"T-Mobile CManager"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe [2015-08-06 2162152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.xtor"=C:\WINDOWS\system32\DxtoryCodec.dll
======List of files/folders created in the last 1 month======
2017-01-07 11:01:55 ----D---- C:\Documents and Settings\Mi\Data aplikací\AVS4YOU
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files\AVSMedia
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\msxml3a.dll
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-01-07 11:00:50 ----D---- C:\Program Files\AVS4YOU
2017-01-07 11:00:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVS4YOU
2017-01-07 09:31:38 ----D---- C:\AdwCleaner
2017-01-07 09:28:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2017-01-06 11:04:10 ----D---- C:\FRST
2017-01-06 10:37:06 ----D---- C:\rsit
2017-01-06 10:37:06 ----D---- C:\Program Files\trend micro
2017-01-05 11:36:17 ----D---- C:\Documents and Settings\Mi\Data aplikací\SPI
2017-01-04 11:33:23 ----A---- C:\WINDOWS\ucrtbase.dll
2017-01-04 11:33:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-04 11:33:07 ----A---- C:\WINDOWS\avastSS.scr
2016-12-30 10:25:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Gemfor
2016-12-30 10:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\T-Mobile
2016-12-30 10:20:15 ----D---- C:\Documents and Settings\Mi\Data aplikací\T-Mobile
2016-12-30 10:20:06 ----D---- C:\Program Files\T-Mobile
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcecm.sys
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcacm.sys
2016-12-30 10:19:31 ----D---- C:\Program Files\Huawei
2016-12-21 20:24:40 ----A---- C:\WINDOWS\system32\DxtoryCodec.dll
2016-12-21 20:24:39 ----D---- C:\Program Files\ExKode
2016-12-20 14:12:22 ----D---- C:\Program Files\Mozilla Firefox
2016-12-15 10:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB945436$
2016-12-15 10:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959765$
2016-12-14 14:09:35 ----D---- C:\Program Files\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\Mi\Data aplikací\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2016-12-14 13:55:25 ----D---- C:\Program Files\Karen's Power Tools
2016-12-14 13:55:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Karen's Power Tools
======List of files/folders modified in the last 1 month======
2017-01-07 11:44:20 ----D---- C:\WINDOWS\Prefetch
2017-01-07 11:42:48 ----D---- C:\WINDOWS\system32\CatRoot2
2017-01-07 11:39:23 ----D---- C:\WINDOWS\Temp
2017-01-07 11:38:37 ----D---- C:\Program Files\Opera
2017-01-07 11:37:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-01-07 11:21:20 ----D---- C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2017-01-07 11:19:17 ----D---- C:\Downloads
2017-01-07 11:01:01 ----SHD---- C:\WINDOWS\Installer
2017-01-07 11:01:01 ----D---- C:\WINDOWS\WinSxS
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files
2017-01-07 11:00:51 ----D---- C:\WINDOWS\system32
2017-01-07 11:00:50 ----RD---- C:\Program Files
2017-01-07 10:46:21 ----D---- C:\WINDOWS\system32\drivers
2017-01-06 12:46:09 ----D---- C:\WINDOWS\system32\Macromed
2017-01-06 11:05:38 ----D---- C:\WINDOWS
2017-01-05 09:47:35 ----SD---- C:\WINDOWS\Tasks
2017-01-04 11:35:04 ----HD---- C:\WINDOWS\inf
2017-01-04 11:35:03 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-02 09:30:06 ----A---- C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2016-12-21 09:49:32 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-12-20 12:24:59 ----A---- C:\WINDOWS\win.ini
2016-12-20 09:46:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-15 10:03:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-12-15 10:03:03 ----A---- C:\WINDOWS\imsins.BAK
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-04 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-04 224752]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-04 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2017-01-04 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-04 735488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-04 433768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2015-11-07 540424]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-04 92256]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2017-01-04 184592]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2013-11-30 77824]
R3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 111872]
R3 hwusb_cdcecm;hwusb_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_cdcecm.sys [2014-09-30 117888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-19 6141584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-06-18 32384]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-04 34008]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2017-01-04 66688]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2014-02-07 249856]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 199296]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-04 197128]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-04-10 244392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2016-03-14 170408]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-12-01 164712]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2015-11-07 3722912]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2015-10-19 96272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-20 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mi at 2017-01-07 11:46:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 68 GB (66%) free of 102 GB
Total RAM: 2047 MB (52% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:45, on 7.1.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Mi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mi_RSIT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 6618 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1453819583.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1463469744.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default
prefs.js - "browser.startup.homepage" - "about:home"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fdm_ffext@freedownloadmanager.org"=C:\Program Files\Free Download Manager\Firefox\Extension
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.185 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FlashGot Mass Downloader - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions.json
Microsoft .NET Framework Assistant - extension - {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Program Files\Free Download Manager\Firefox\Extension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Documents and Settings\All Users\Data aplikacÃ\Free Download Manager\Firefox\Extensions\2.1.13
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
FlashGot - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\pluginreg.dat
Plugin - Windows Media Player Plug-in Dynamic Link Library - 3.0.2.629 - C:\Program Files\Windows Media Player\npdsplay.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npwmsdrm.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npdrmv2.dll
Plugin - Windows Presentation Foundation - 3.5.30729.1 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin - Java(TM) Platform SE 7 U10 - 10.10.2.18 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.100.18 - 10.10.2.18 - C:\WINDOWS\system32\npDeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.185 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
Plugin - Foxit Reader Plugin for Mozilla - 2.2.5.107 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ligocpecgmjonmijmlompafnhnpgjccd]
"Path"=C:\Program Files\Lingea\Lexicon5\syst\LG_Chrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://search.live.com/results.aspx?q={ ... rer:source?}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-14 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2015-12-03 738384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-14 170416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-04 9080768]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]
"RTHDCPL"=RTHDCPL.EXE []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-12-01 15524712]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-12-01 108392]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2015-11-07 134792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"T-Mobile CManager"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe [2015-08-06 2162152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.xtor"=C:\WINDOWS\system32\DxtoryCodec.dll
======List of files/folders created in the last 1 month======
2017-01-07 11:01:55 ----D---- C:\Documents and Settings\Mi\Data aplikací\AVS4YOU
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files\AVSMedia
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\msxml3a.dll
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-01-07 11:00:50 ----D---- C:\Program Files\AVS4YOU
2017-01-07 11:00:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVS4YOU
2017-01-07 09:31:38 ----D---- C:\AdwCleaner
2017-01-07 09:28:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2017-01-06 11:04:10 ----D---- C:\FRST
2017-01-06 10:37:06 ----D---- C:\rsit
2017-01-06 10:37:06 ----D---- C:\Program Files\trend micro
2017-01-05 11:36:17 ----D---- C:\Documents and Settings\Mi\Data aplikací\SPI
2017-01-04 11:33:23 ----A---- C:\WINDOWS\ucrtbase.dll
2017-01-04 11:33:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-04 11:33:07 ----A---- C:\WINDOWS\avastSS.scr
2016-12-30 10:25:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Gemfor
2016-12-30 10:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\T-Mobile
2016-12-30 10:20:15 ----D---- C:\Documents and Settings\Mi\Data aplikací\T-Mobile
2016-12-30 10:20:06 ----D---- C:\Program Files\T-Mobile
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcecm.sys
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcacm.sys
2016-12-30 10:19:31 ----D---- C:\Program Files\Huawei
2016-12-21 20:24:40 ----A---- C:\WINDOWS\system32\DxtoryCodec.dll
2016-12-21 20:24:39 ----D---- C:\Program Files\ExKode
2016-12-20 14:12:22 ----D---- C:\Program Files\Mozilla Firefox
2016-12-15 10:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB945436$
2016-12-15 10:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959765$
2016-12-14 14:09:35 ----D---- C:\Program Files\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\Mi\Data aplikací\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2016-12-14 13:55:25 ----D---- C:\Program Files\Karen's Power Tools
2016-12-14 13:55:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Karen's Power Tools
======List of files/folders modified in the last 1 month======
2017-01-07 11:44:20 ----D---- C:\WINDOWS\Prefetch
2017-01-07 11:42:48 ----D---- C:\WINDOWS\system32\CatRoot2
2017-01-07 11:39:23 ----D---- C:\WINDOWS\Temp
2017-01-07 11:38:37 ----D---- C:\Program Files\Opera
2017-01-07 11:37:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-01-07 11:21:20 ----D---- C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2017-01-07 11:19:17 ----D---- C:\Downloads
2017-01-07 11:01:01 ----SHD---- C:\WINDOWS\Installer
2017-01-07 11:01:01 ----D---- C:\WINDOWS\WinSxS
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files
2017-01-07 11:00:51 ----D---- C:\WINDOWS\system32
2017-01-07 11:00:50 ----RD---- C:\Program Files
2017-01-07 10:46:21 ----D---- C:\WINDOWS\system32\drivers
2017-01-06 12:46:09 ----D---- C:\WINDOWS\system32\Macromed
2017-01-06 11:05:38 ----D---- C:\WINDOWS
2017-01-05 09:47:35 ----SD---- C:\WINDOWS\Tasks
2017-01-04 11:35:04 ----HD---- C:\WINDOWS\inf
2017-01-04 11:35:03 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-02 09:30:06 ----A---- C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2016-12-21 09:49:32 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-12-20 12:24:59 ----A---- C:\WINDOWS\win.ini
2016-12-20 09:46:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-15 10:03:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-12-15 10:03:03 ----A---- C:\WINDOWS\imsins.BAK
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-04 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-04 224752]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-04 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2017-01-04 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-04 735488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-04 433768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2015-11-07 540424]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-04 92256]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2017-01-04 184592]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2013-11-30 77824]
R3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 111872]
R3 hwusb_cdcecm;hwusb_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_cdcecm.sys [2014-09-30 117888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-19 6141584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-06-18 32384]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-04 34008]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2017-01-04 66688]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2014-02-07 249856]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 199296]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-04 197128]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-04-10 244392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2016-03-14 170408]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-12-01 164712]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2015-11-07 3722912]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2015-10-19 96272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-20 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"KernelFaultCheck"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Zde:
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mi at 2017-01-08 10:37:31
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 67 GB (66%) free of 102 GB
Total RAM: 2047 MB (70% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:37:36, on 8.1.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Documents and Settings\Mi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mi_RSIT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 6300 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1453819583.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1463469744.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default
prefs.js - "browser.startup.homepage" - "about:home"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fdm_ffext@freedownloadmanager.org"=C:\Program Files\Free Download Manager\Firefox\Extension
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.185 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FlashGot Mass Downloader - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions.json
Microsoft .NET Framework Assistant - extension - {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Program Files\Free Download Manager\Firefox\Extension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Documents and Settings\All Users\Data aplikacÃ\Free Download Manager\Firefox\Extensions\2.1.13
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
FlashGot - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\pluginreg.dat
Plugin - Windows Media Player Plug-in Dynamic Link Library - 3.0.2.629 - C:\Program Files\Windows Media Player\npdsplay.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npwmsdrm.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npdrmv2.dll
Plugin - Windows Presentation Foundation - 3.5.30729.1 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin - Java(TM) Platform SE 7 U10 - 10.10.2.18 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.100.18 - 10.10.2.18 - C:\WINDOWS\system32\npDeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.185 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
Plugin - Foxit Reader Plugin for Mozilla - 2.2.5.107 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ligocpecgmjonmijmlompafnhnpgjccd]
"Path"=C:\Program Files\Lingea\Lexicon5\syst\LG_Chrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-14 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2015-12-03 738384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-14 170416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-04 9080768]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]
"RTHDCPL"=RTHDCPL.EXE []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-12-01 15524712]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-12-01 108392]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2015-11-07 134792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"T-Mobile CManager"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe [2015-08-06 2162152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.xtor"=C:\WINDOWS\system32\DxtoryCodec.dll
======List of files/folders created in the last 1 month======
2017-01-08 10:05:47 ----D---- C:\_OTM
2017-01-08 09:59:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2017-01-07 14:37:22 ----D---- C:\Documents and Settings\Mi\Data aplikací\AVS4YOU
2017-01-07 12:34:40 ----D---- C:\Program Files\WonderFox Soft
2017-01-07 11:54:42 ----D---- C:\Documents and Settings\Mi\Data aplikací\New Version Available
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files\AVSMedia
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\msxml3a.dll
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-01-07 11:00:50 ----D---- C:\Program Files\AVS4YOU
2017-01-07 11:00:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVS4YOU
2017-01-07 09:31:38 ----D---- C:\AdwCleaner
2017-01-06 11:04:10 ----D---- C:\FRST
2017-01-06 10:37:06 ----D---- C:\rsit
2017-01-06 10:37:06 ----D---- C:\Program Files\trend micro
2017-01-05 11:36:17 ----D---- C:\Documents and Settings\Mi\Data aplikací\SPI
2017-01-04 11:33:23 ----A---- C:\WINDOWS\ucrtbase.dll
2017-01-04 11:33:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-04 11:33:07 ----A---- C:\WINDOWS\avastSS.scr
2016-12-30 10:25:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Gemfor
2016-12-30 10:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\T-Mobile
2016-12-30 10:20:15 ----D---- C:\Documents and Settings\Mi\Data aplikací\T-Mobile
2016-12-30 10:20:06 ----D---- C:\Program Files\T-Mobile
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcecm.sys
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcacm.sys
2016-12-30 10:19:31 ----D---- C:\Program Files\Huawei
2016-12-21 20:24:40 ----A---- C:\WINDOWS\system32\DxtoryCodec.dll
2016-12-21 20:24:39 ----D---- C:\Program Files\ExKode
2016-12-20 14:12:22 ----D---- C:\Program Files\Mozilla Firefox
2016-12-15 10:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB945436$
2016-12-15 10:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959765$
2016-12-14 14:09:35 ----D---- C:\Program Files\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\Mi\Data aplikací\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2016-12-14 13:55:25 ----D---- C:\Program Files\Karen's Power Tools
2016-12-14 13:55:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Karen's Power Tools
======List of files/folders modified in the last 1 month======
2017-01-08 10:32:22 ----D---- C:\WINDOWS\Prefetch
2017-01-08 10:17:51 ----D---- C:\WINDOWS\Temp
2017-01-08 10:17:02 ----D---- C:\Program Files\Opera
2017-01-08 10:15:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-01-08 10:07:08 ----D---- C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2017-01-08 10:04:11 ----D---- C:\Downloads
2017-01-08 09:59:26 ----D---- C:\WINDOWS\system32\Macromed
2017-01-07 12:34:40 ----RD---- C:\Program Files
2017-01-07 11:56:32 ----SD---- C:\WINDOWS\Tasks
2017-01-07 11:42:48 ----D---- C:\WINDOWS\system32\CatRoot2
2017-01-07 11:01:01 ----SHD---- C:\WINDOWS\Installer
2017-01-07 11:01:01 ----D---- C:\WINDOWS\WinSxS
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files
2017-01-07 11:00:51 ----D---- C:\WINDOWS\system32
2017-01-07 10:46:21 ----D---- C:\WINDOWS\system32\drivers
2017-01-06 11:05:38 ----D---- C:\WINDOWS
2017-01-04 11:35:04 ----HD---- C:\WINDOWS\inf
2017-01-04 11:35:03 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-02 09:30:06 ----A---- C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2016-12-21 09:49:32 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-12-20 12:24:59 ----A---- C:\WINDOWS\win.ini
2016-12-20 09:46:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-15 10:03:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-12-15 10:03:03 ----A---- C:\WINDOWS\imsins.BAK
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-04 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-04 224752]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-04 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2017-01-04 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-04 735488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-04 433768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2015-11-07 540424]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-04 92256]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2017-01-04 184592]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2013-11-30 77824]
R3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 111872]
R3 hwusb_cdcecm;hwusb_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_cdcecm.sys [2014-09-30 117888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-19 6141584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-06-18 32384]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-04 34008]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2017-01-04 66688]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2014-02-07 249856]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 199296]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-04 197128]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-04-10 244392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2016-03-14 170408]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-12-01 164712]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2015-11-07 3722912]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2015-10-19 96272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-20 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mi at 2017-01-08 10:37:31
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 67 GB (66%) free of 102 GB
Total RAM: 2047 MB (70% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:37:36, on 8.1.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Documents and Settings\Mi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mi_RSIT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 6300 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1453819583.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1463469744.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default
prefs.js - "browser.startup.homepage" - "about:home"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fdm_ffext@freedownloadmanager.org"=C:\Program Files\Free Download Manager\Firefox\Extension
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.185 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FlashGot Mass Downloader - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions.json
Microsoft .NET Framework Assistant - extension - {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Program Files\Free Download Manager\Firefox\Extension
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\Documents and Settings\All Users\Data aplikacÃ\Free Download Manager\Firefox\Extensions\2.1.13
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
FlashGot - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Flashblock - extension - {3d7eb24f-2740-49df-8937-200b1cc08f8a} - C:\Documents and Settings\Mi\Data aplikacÃ\Mozilla\Firefox\Profiles\qc9jlnep.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\qc9jlnep.default\pluginreg.dat
Plugin - Windows Media Player Plug-in Dynamic Link Library - 3.0.2.629 - C:\Program Files\Windows Media Player\npdsplay.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npwmsdrm.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npdrmv2.dll
Plugin - Windows Presentation Foundation - 3.5.30729.1 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin - Java(TM) Platform SE 7 U10 - 10.10.2.18 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.100.18 - 10.10.2.18 - C:\WINDOWS\system32\npDeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.185 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll
Plugin - Foxit Reader Plugin for Mozilla - 2.2.5.107 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ligocpecgmjonmijmlompafnhnpgjccd]
"Path"=C:\Program Files\Lingea\Lexicon5\syst\LG_Chrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-14 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-04 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2015-12-03 738384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-14 170416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-04 9080768]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]
"RTHDCPL"=RTHDCPL.EXE []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-12-01 15524712]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-12-01 108392]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2015-11-07 134792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"T-Mobile CManager"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe [2015-08-06 2162152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe"="C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe:*:Enabled:True Vector"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.xtor"=C:\WINDOWS\system32\DxtoryCodec.dll
======List of files/folders created in the last 1 month======
2017-01-08 10:05:47 ----D---- C:\_OTM
2017-01-08 09:59:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2017-01-07 14:37:22 ----D---- C:\Documents and Settings\Mi\Data aplikací\AVS4YOU
2017-01-07 12:34:40 ----D---- C:\Program Files\WonderFox Soft
2017-01-07 11:54:42 ----D---- C:\Documents and Settings\Mi\Data aplikací\New Version Available
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files\AVSMedia
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\msxml3a.dll
2017-01-07 11:00:51 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-01-07 11:00:50 ----D---- C:\Program Files\AVS4YOU
2017-01-07 11:00:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVS4YOU
2017-01-07 09:31:38 ----D---- C:\AdwCleaner
2017-01-06 11:04:10 ----D---- C:\FRST
2017-01-06 10:37:06 ----D---- C:\rsit
2017-01-06 10:37:06 ----D---- C:\Program Files\trend micro
2017-01-05 11:36:17 ----D---- C:\Documents and Settings\Mi\Data aplikací\SPI
2017-01-04 11:33:23 ----A---- C:\WINDOWS\ucrtbase.dll
2017-01-04 11:33:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-04 11:33:07 ----A---- C:\WINDOWS\avastSS.scr
2016-12-30 10:25:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Gemfor
2016-12-30 10:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\T-Mobile
2016-12-30 10:20:15 ----D---- C:\Documents and Settings\Mi\Data aplikací\T-Mobile
2016-12-30 10:20:06 ----D---- C:\Program Files\T-Mobile
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcecm.sys
2016-12-30 10:19:36 ----A---- C:\WINDOWS\system32\drivers\ew_cdcacm.sys
2016-12-30 10:19:31 ----D---- C:\Program Files\Huawei
2016-12-21 20:24:40 ----A---- C:\WINDOWS\system32\DxtoryCodec.dll
2016-12-21 20:24:39 ----D---- C:\Program Files\ExKode
2016-12-20 14:12:22 ----D---- C:\Program Files\Mozilla Firefox
2016-12-15 10:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB945436$
2016-12-15 10:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959765$
2016-12-14 14:09:35 ----D---- C:\Program Files\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\Mi\Data aplikací\ConMet
2016-12-14 14:09:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2016-12-14 13:55:25 ----D---- C:\Program Files\Karen's Power Tools
2016-12-14 13:55:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Karen's Power Tools
======List of files/folders modified in the last 1 month======
2017-01-08 10:32:22 ----D---- C:\WINDOWS\Prefetch
2017-01-08 10:17:51 ----D---- C:\WINDOWS\Temp
2017-01-08 10:17:02 ----D---- C:\Program Files\Opera
2017-01-08 10:15:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-01-08 10:07:08 ----D---- C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2017-01-08 10:04:11 ----D---- C:\Downloads
2017-01-08 09:59:26 ----D---- C:\WINDOWS\system32\Macromed
2017-01-07 12:34:40 ----RD---- C:\Program Files
2017-01-07 11:56:32 ----SD---- C:\WINDOWS\Tasks
2017-01-07 11:42:48 ----D---- C:\WINDOWS\system32\CatRoot2
2017-01-07 11:01:01 ----SHD---- C:\WINDOWS\Installer
2017-01-07 11:01:01 ----D---- C:\WINDOWS\WinSxS
2017-01-07 11:01:01 ----D---- C:\Program Files\Common Files
2017-01-07 11:00:51 ----D---- C:\WINDOWS\system32
2017-01-07 10:46:21 ----D---- C:\WINDOWS\system32\drivers
2017-01-06 11:05:38 ----D---- C:\WINDOWS
2017-01-04 11:35:04 ----HD---- C:\WINDOWS\inf
2017-01-04 11:35:03 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-02 09:30:06 ----A---- C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2016-12-21 09:49:32 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-12-20 12:24:59 ----A---- C:\WINDOWS\win.ini
2016-12-20 09:46:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-15 10:03:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-12-15 10:03:03 ----A---- C:\WINDOWS\imsins.BAK
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-04 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-04 224752]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-04 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2017-01-04 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-04 735488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-04 433768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2015-11-07 540424]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-04 92256]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2017-01-04 184592]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2013-11-30 77824]
R3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 111872]
R3 hwusb_cdcecm;hwusb_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_cdcecm.sys [2014-09-30 117888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-19 6141584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-06-18 32384]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-04 34008]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2017-01-04 66688]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2014-02-07 249856]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 199296]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-04 197128]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-04-10 244392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2016-03-14 170408]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-12-01 164712]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2015-11-07 3722912]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2015-10-19 96272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-20 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Dvouklikem na soubor C:\Program Files\trend micro\Mi_RSIT.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
OK. provedeno. Je-li to vše mnohokráte děkuji za pomoc a přeji příjemné prožití neděle.
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Pokud problém zmizel, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Ano problém zmizel. Snad se neobjeví něco jiného.
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Mozilla, Opera, Explorer při startu načitají jinou strán
Doufejte, že ne. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?