Prosím o preventivní kontrolu logu- děkuji

Zpráva

Ecinazuz · #1 Příspěvek od **Ecinazuz** » 09 zář 2013 21:02

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013 01
Ran by Admin (administrator) on HOME-D958691FD9 on 09-09-2013 21:58:42
Running from C:\Documents and Settings\Admin\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(O&O Software GmbH) C:\WINDOWS\system32\oodtray.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciTrayApp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
() C:\Program Files\GIGABYTE\VGA Utility Manager\Utility.exe
() C:\Program Files\Aladdin\Aladdin SQL Server\AladdinSQL.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
() C:\Program Files\Sony\PlayMemories Home\dfs.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fb_inet_server.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [amd_dc_opt] - C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2007-07-23] (AMD)
HKLM\...\Run: [OODefragTray] - C:\WINDOWS\system32\oodtray.exe [2512392 2007-05-11] (O&O Software GmbH)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [TO2SSM_McciTrayApp] - C:\Program Files\TO2SSM\McciTrayApp.exe [1473536 2008-08-15] (Motive Communications, Inc.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [2145000 2010-04-07] (ESET)
HKLM\...\Run: [PMBVolumeWatcher] - C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DWQueuedReporting] - c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [39264 2007-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-19] (Google Inc.)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)
Startup: C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE VGA Utility.lnk
ShortcutTarget: GIGABYTE VGA Utility.lnk -> C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe (Macrovision Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default
FF user.js: detected! => C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\user.js
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp:/www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\WINDOWS\system32\C2MP\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Admin\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Admin\Data aplikací\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\centrumcz.xml
FF SearchPlugin: C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Visualisateur 3D de 20-20 - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\Extensions\2020Player@2020Technologies.com
FF Extension: Freecorder Community Toolbar - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\Extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
FF Extension: Seznam lištička - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (registryAccess) - C:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\aaaaobbmnblgjajpfaaolcmoenbmpgob\7.14.1.20071_0\background/registryAccess.dll No File
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Documents and Settings\Admin\Data aplikac\u00ED\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Documents and Settings\Admin\Data aplikac\u00ED\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX\u00AE Web Player) - C:\WINDOWS\system32\C2MP\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Atube Toolbar) - C:\DOCUME~1\Admin\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaaobbmnblgjajpfaaolcmoenbmpgob\7.15.4.24150_0
CHR Extension: (Foxit Toolbar) - C:\DOCUME~1\Admin\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaaoiagmlcohkmjodefppbmpjdiocmh\7.15.4.0_0
CHR Extension: (YouTube) - C:\DOCUME~1\Admin\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\Admin\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\DOCUME~1\Admin\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Gmail) - C:\DOCUME~1\Admin\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaaobbmnblgjajpfaaolcmoenbmpgob] - C:\Documents and Settings\Admin\Local Settings\Data aplikací\APN\GoogleCRXs\aaaaobbmnblgjajpfaaolcmoenbmpgob_7.14.1.0.crx
CHR HKLM\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Documents and Settings\Admin\Local Settings\Data aplikací\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.15.4.0.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 Aladdin SQL Server; C:\Program Files\Aladdin\Aladdin SQL Server\AladdinSQL.exe [140736 2012-08-17] ()
R2 CLCapSvc; C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [274520 2006-11-08] ()
R2 CLSched; C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [118870 2006-11-08] ()
R2 DeviceFinderService; C:\Program Files\Sony\PlayMemories Home\dfs.exe [149088 2012-11-27] ()
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [106496 2003-05-23] (Matsushita Electric Industrial Co., Ltd.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [33560 2010-04-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [810120 2010-04-07] (ESET)
R2 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432 2012-09-29] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [676936 2012-09-29] (Malwarebytes Corporation)
S3 McAfee ScanAndRepair Svc; C:\Program Files\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe [695640 2012-01-12] (McAfee, Inc.)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [262247 2006-11-08] ()
S3 wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [24636 2008-12-10] (Apache Software Foundation)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.1.33\bin\mysqld.exe [6562432 2009-03-16] ()

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-06-18] (Advanced Micro Devices)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [23936 1997-12-23] (Adaptec)
S3 BrScnUsb; C:\Windows\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [139192 2010-04-07] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [114984 2010-04-07] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [134488 2010-04-07] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [32584 2010-04-07] (ESET)
R1 epfwtdi; C:\Windows\System32\DRIVERS\epfwtdi.sys [55232 2010-04-07] (ESET)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2009-09-09] (Windows (R) 2000 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2012-09-29] (Malwarebytes Corporation)
R1 meiudf; C:\Windows\System32\Drivers\meiudf.sys [90416 2003-10-24] (Matsushita Electric Industrial Co.,Ltd.)
S3 MREMP50; C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S4 IntelIde; No ImagePath
U3 TlntSvr;
S3 TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-09 21:57 - 2013-09-09 16:55 - 01082349 _____ (Farbar) C:\Documents and Settings\Admin\Plocha\FRST.exe
2013-08-31 22:34 - 2013-08-31 22:36 - 00002710 _____ C:\Documents and Settings\Admin\Plocha\BRÝLE VTIPY.txt
2013-08-31 09:34 - 2013-08-31 09:34 - 00009891 _____ C:\Documents and Settings\Admin\Plocha\emaily sbs trade.txt
2013-08-28 21:49 - 2013-08-28 21:49 - 00000388 _____ C:\Documents and Settings\Admin\Dokumenty\cc_20130828_214945.reg
2013-08-28 08:01 - 2013-08-28 08:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-25 23:12 - 2013-08-31 09:59 - 00001134 _____ C:\Documents and Settings\Admin\Plocha\info.txt
2013-08-25 22:28 - 2013-08-25 22:28 - 00006054 _____ C:\Documents and Settings\Admin\Dokumenty\cc_20130825_222818.reg
2013-08-18 18:51 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-14 12:41 - 2013-08-14 12:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-12 22:54 - 2013-08-12 22:54 - 00004024 _____ C:\Documents and Settings\Admin\Dokumenty\cc_20130812_225420.reg
2013-08-11 16:33 - 2013-08-11 16:33 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\CHVÁLA BLÁZNOVSTVÍ
2013-08-11 15:22 - 2013-08-11 15:43 - 00000000 ___RD C:\Documents and Settings\Admin\Plocha\1. VŠECHNY KONTAKTY FCC, COLWAY, STIFORP

==================== One Month Modified Files and Folders =======

2013-09-09 21:58 - 2013-09-09 21:58 - 00000000 ____D C:\FRST
2013-09-09 21:57 - 2009-09-09 12:23 - 00000000 ___HD C:\DOCUME~1\Admin\LOCALS~1\Data aplikací
2013-09-09 21:57 - 2009-09-09 12:23 - 00000000 ____D C:\Documents and Settings\Admin\Plocha
2013-09-09 21:56 - 2009-09-10 19:02 - 00000000 ____D C:\Documents and Settings\Admin\Dokumenty\Stažené soubory
2013-09-09 21:54 - 2009-09-09 12:23 - 00000000 ____D C:\Documents and Settings\Admin
2013-09-09 21:43 - 2012-12-17 08:11 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-09 21:40 - 2013-02-16 19:20 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-09 20:00 - 2009-09-09 11:58 - 01238190 ____N C:\WINDOWS\WindowsUpdate.log
2013-09-09 19:04 - 2009-10-12 21:38 - 04579196 _____ C:\WINDOWS\system32\oodbs.lor
2013-09-09 19:04 - 2009-09-09 13:50 - 00000159 ____N C:\WINDOWS\wiadebug.log
2013-09-09 19:04 - 2009-09-09 13:50 - 00000048 ____N C:\WINDOWS\wiaservc.log
2013-09-09 19:04 - 2009-09-09 12:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-09 19:03 - 2012-07-20 22:34 - 00524288 _____ C:\WINDOWS\system32\config\Aladdin.Evt
2013-09-09 19:03 - 2009-09-09 12:22 - 00032606 ____N C:\WINDOWS\SchedLgU.Txt
2013-09-09 16:55 - 2013-09-09 21:57 - 01082349 _____ (Farbar) C:\Documents and Settings\Admin\Plocha\FRST.exe
2013-09-09 07:03 - 2008-04-14 14:00 - 00013720 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-08 13:40 - 2013-02-16 19:20 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-08 10:12 - 2013-07-21 15:50 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\DÁDA2013
2013-09-08 10:12 - 2010-02-27 16:45 - 00000000 ____D C:\Documents and Settings\Admin\Data aplikací\VSO
2013-09-07 21:40 - 2012-10-26 09:33 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\CITÁTY
2013-09-07 11:48 - 2009-11-11 15:41 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2013-08-31 22:36 - 2013-08-31 22:34 - 00002710 _____ C:\Documents and Settings\Admin\Plocha\BRÝLE VTIPY.txt
2013-08-31 20:51 - 2009-09-09 12:23 - 00000000 ___RD C:\Documents and Settings\Admin\Dokumenty\Obrázky
2013-08-31 09:59 - 2013-08-25 23:12 - 00001134 _____ C:\Documents and Settings\Admin\Plocha\info.txt
2013-08-31 09:34 - 2013-08-31 09:34 - 00009891 _____ C:\Documents and Settings\Admin\Plocha\emaily sbs trade.txt
2013-08-28 21:49 - 2013-08-28 21:49 - 00000388 _____ C:\Documents and Settings\Admin\Dokumenty\cc_20130828_214945.reg
2013-08-28 21:49 - 2009-09-09 12:23 - 00000000 ___RD C:\Documents and Settings\Admin\Dokumenty
2013-08-28 18:53 - 2013-04-14 16:19 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\ŠKOLKA
2013-08-28 08:01 - 2013-08-28 08:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-27 22:52 - 2009-09-13 22:21 - 00000000 ____D C:\Program Files\CCleaner
2013-08-27 07:14 - 2009-09-10 12:51 - 00002517 _____ C:\Documents and Settings\Admin\Plocha\Microsoft Office Excel 2003.lnk
2013-08-25 22:28 - 2013-08-25 22:28 - 00006054 _____ C:\Documents and Settings\Admin\Dokumenty\cc_20130825_222818.reg
2013-08-22 21:49 - 2012-05-06 07:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-22 10:43 - 2012-04-13 06:13 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-22 10:43 - 2011-06-15 06:17 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-08-22 10:17 - 2013-08-18 18:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-18 18:54 - 2009-09-10 12:51 - 00002561 _____ C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
2013-08-16 09:27 - 2013-02-27 13:15 - 00000000 ___RD C:\Documents and Settings\Admin\Plocha\ZUZÁKOVO Z PLOCHY
2013-08-15 21:46 - 2009-09-10 19:00 - 00000000 ____D C:\Documents and Settings\Admin\Data aplikací\Skype
2013-08-14 18:08 - 2010-08-12 19:31 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-14 12:46 - 2013-08-14 12:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 12:40 - 2009-09-12 15:37 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 12:36 - 2013-08-14 12:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-14 12:36 - 2009-09-10 13:20 - 00050186 _____ C:\WINDOWS\system32\TZLog.log
2013-08-13 08:02 - 2013-08-07 08:59 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\FOTKY TRAWEL
2013-08-12 22:54 - 2013-08-12 22:54 - 00004024 _____ C:\Documents and Settings\Admin\Dokumenty\cc_20130812_225420.reg
2013-08-12 20:47 - 2013-01-26 22:10 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\WORD WENTURES
2013-08-12 00:18 - 2013-02-02 19:13 - 00000000 ____D C:\Documents and Settings\Admin\Data aplikací\vlc
2013-08-11 16:33 - 2013-08-11 16:33 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\CHVÁLA BLÁZNOVSTVÍ
2013-08-11 15:46 - 2011-12-06 08:57 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\Zuzka
2013-08-11 15:43 - 2013-08-11 15:22 - 00000000 ___RD C:\Documents and Settings\Admin\Plocha\1. VŠECHNY KONTAKTY FCC, COLWAY, STIFORP
2013-08-11 14:49 - 2013-03-17 16:28 - 00000000 ____D C:\Documents and Settings\Admin\Plocha\ZÁLOHA 2013

Files to move or delete:
====================
C:\DOCUME~1\Admin\LOCALS~1\Temp\installhelper.dll
C:\DOCUME~1\Admin\LOCALS~1\Temp\SkypeSetup.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\vlc-2.0.7-win32.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1034240 ____N (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0507904 ____N (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____N (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:25] - 0111104 ____N (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0578560 ____N (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026112 ____N (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

==================== Alternate Data Streams (whitelisted) ====

==================== Loaded Modules (whitelisted) ============

2009-11-21 12:19 - 2008-04-21 22:00 - 00230912 _____ (CANON INC.) C:\WINDOWS\system32\CNMLM9C.DLL
2012-07-29 20:05 - 2012-06-30 08:46 - 00081920 _____ (pdfforge GbR) C:\WINDOWS\system32\pdfcmon.dll
2009-11-21 12:19 - 2008-04-21 22:00 - 00027136 _____ (CANON INC.) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD9C.DLL
2009-09-10 12:52 - 2003-06-19 01:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
2011-11-06 23:05 - 2008-07-06 14:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
2007-02-26 23:22 - 2007-02-26 23:22 - 00159744 _____ () C:\WINDOWS\system32\mmfinfo.dll
2007-02-26 23:21 - 2007-02-26 23:21 - 00023552 _____ () C:\WINDOWS\system32\mkunicode.dll
2007-06-29 19:16 - 2007-06-29 19:16 - 00099624 _____ (Nero AG) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
2009-10-05 22:18 - 2009-08-16 17:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2007-06-22 15:46 - 2007-06-22 15:46 - 01807656 _____ (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
2008-04-14 14:00 - 2008-04-14 14:00 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mui\0005\HHCTRLui.dll
2007-05-11 02:06 - 2007-05-11 02:06 - 00202248 _____ (O&O Software GmbH) C:\WINDOWS\system32\OODTRRS.DLL
2010-04-07 21:09 - 2010-04-07 21:09 - 00311600 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiScan.dll
2010-04-07 21:04 - 2010-04-07 21:04 - 00142680 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiAmon.dll
2010-04-07 21:06 - 2010-04-07 21:06 - 00109720 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiEmon.dll
2010-04-07 21:05 - 2010-04-07 21:05 - 00101480 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiDmon.dll
2010-04-07 21:07 - 2010-04-07 21:07 - 01028480 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiEpfw.dll
2010-04-07 21:10 - 2010-04-07 21:10 - 00171520 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiSmon.dll
2010-04-07 21:14 - 2010-04-07 21:14 - 00299240 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiUpdate.dll
2010-04-07 21:12 - 2010-04-07 21:12 - 00097360 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\eguiMailPlugins.dll
2012-11-27 22:13 - 2012-11-27 22:13 - 00020064 _____ (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\XpStorageDevice_WinXp2k.dll
2012-06-06 15:57 - 2012-06-06 15:57 - 00310840 _____ (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\Resources\en-US\PMBVolumeWatcherLOC.dll
2008-04-14 14:00 - 2008-04-14 14:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2007-01-08 07:57 - 2007-01-08 07:57 - 00022528 _____ () C:\Program Files\GIGABYTE\VGA Utility Manager\GBDRVUTIL.DLL
2007-03-13 12:15 - 2007-03-13 12:15 - 00208966 _____ () C:\Program Files\GIGABYTE\VGA Utility Manager\GBNVAPI.DLL
2007-01-29 06:08 - 2007-01-29 06:08 - 00643142 _____ () C:\Program Files\GIGABYTE\VGA Utility Manager\ATICLOCKLIB.DLL
2006-09-20 08:39 - 2006-09-20 08:39 - 00061440 _____ (EnTech Taiwan) C:\Program Files\GIGABYTE\VGA Utility Manager\TVICHW32.DLL
2007-05-11 00:03 - 2007-05-11 00:03 - 00352256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2009-09-09 15:51 - 2006-11-08 12:36 - 00237662 ____N () C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapEngine.dll
2009-09-09 15:51 - 2006-11-08 12:36 - 00032768 ____N () C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvcps.dll
2010-04-07 21:09 - 2010-04-07 21:09 - 00175640 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnScan.dll
2010-04-07 21:04 - 2010-04-07 21:04 - 00183880 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnAmon.dll
2010-04-07 21:06 - 2010-04-07 21:06 - 00117960 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnEmon.dll
2010-04-07 21:05 - 2010-04-07 21:05 - 00117960 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnDmon.dll
2010-04-07 21:07 - 2010-04-07 21:07 - 00554680 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnEpfw.dll
2010-04-07 21:10 - 2010-04-07 21:10 - 00229200 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnSmon.dll
2010-04-07 21:14 - 2010-04-07 21:14 - 00286880 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnUpdate.dll
2010-04-07 21:14 - 2010-04-07 21:14 - 00241560 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\updater.dll
2010-04-07 21:12 - 2010-04-07 21:12 - 00113840 _____ (ESET) C:\Program Files\ESET\ESET Smart Security\ekrnMailPlugins.dll
2007-05-11 02:06 - 2007-05-11 02:06 - 00015880 _____ (O&O Software GmbH) C:\WINDOWS\system32\OODAGRS.DLL
2009-09-09 15:51 - 2006-11-08 12:36 - 00114776 ____N () C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSchMgr.dll
2009-09-09 15:51 - 2006-11-08 12:36 - 00339968 ____N () C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLTinyDB.dll
2013-08-18 18:51 - 2013-08-18 18:52 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Scheduled Tasks (whitelisted) ===========

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Supplementary Scan (All) ================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\{1a3e09be-1e45-494b-9174-d7385b45bbf5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=dword:00000001
"NoDriveAutoRun"=dword:03ffffff
"NoDriveTypeAutoRun"=dword:00000143
"NoDrives"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\ICQ7.5\\ICQ.exe"="C:\\Program Files\\ICQ7.5\\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\ICQ7.5\\ICQ.exe"="C:\\Program Files\\ICQ7.5\\ICQ.exe:*:Enabled:ICQ7.5"
"C:\\Documents and Settings\\Admin\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe"="C:\\Documents and Settings\\Admin\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"="midimap.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msadpcm"="msadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.trspch"="tssoft32.acm"
"vidc.cvid"="iccvid.dll"
"vidc.I420"="msh263.drv"
"vidc.iv31"="ir32_32.dll"
"vidc.iv32"="ir32_32.dll"
"vidc.iv41"="ir41_32.ax"
"vidc.iyuv"="iyuv_32.dll"
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"vidc.uyvy"="msyuv.dll"
"vidc.yuy2"="msyuv.dll"
"vidc.yvu9"="tsbyuv.dll"
"vidc.yvyu"="msyuv.dll"
"wavemapper"="msacm32.drv"
"msacm.msg723"="msg723.acm"
"vidc.M263"="msh263.drv"
"vidc.M261"="msh261.drv"
"msacm.msaudio1"="msaud32.acm"
"msacm.sl_anet"="sl_anet.acm"
"msacm.iac2"="C:\\WINDOWS\\system32\\iac25_32.ax"
"vidc.iv50"="ir50_32.dll"
"msacm.l3acm"="l3codeca.acm"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"vidc.DIVX"="divx.dll"
"vidc.yv12"="divx.dll"
"msacm.ac3filter"="ac3filter.acm"
"vidc.xvid"="xvidvfw.dll"
"vidc.ffds"="ff_vfw.dll"
"vidc.vp60"="vp6vfw.dll"
"vidc.vp61"="vp6vfw.dll"
"vidc.vp62"="vp6vfw.dll"
"vidc.hfyu"="huffyuv.dll"
"msacm.ac3acm"="AC3ACM.acm"
"msacm.at3"="atrac3.acm"
"msacm.divxa32"="DivXa32.acm"
"msacm.lameacm"="LameACM.acm"
"VIDC.FMVC"="fmcodec.dll"
"msacm.l3codecp"="fmcodec.dll"
"vidc.mp4e"="MPEG4Evfw.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP]
"wave"="rdpsnd.dll"
"mixer"="rdpsnd.dll"
"MaxBandwidth"=dword:000056b9
"wavemapper"="msacm32.drv"
"EnableMP3Codec"=dword:00000001
"midimapper"="midimap.dll"

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:155.24 GB) (Free:71.85 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (DATA) (Fixed) (Total:77.64 GB) (Free:32.01 GB) NTFS

Available physical RAM: 1392.24 MB
Total physical RAM: 2047.48 MB
Percentage of memory in use: 32%

==================== End Of Log ==============================

#2 Příspěvek od **vyosek** » 11 zář 2013 08:18

Zdravim

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DWQueuedReporting] - c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [39264 2007-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-19] (Google Inc.)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)
Startup: C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE VGA Utility.lnk
ShortcutTarget: GIGABYTE VGA Utility.lnk -> C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe (Macrovision Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}

S4 IntelIde; No ImagePath
U3 TlntSvr;
S3 TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [x]

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Ecinazuz · #3 Příspěvek od **Ecinazuz** » 11 zář 2013 20:51

hezký večer, posílám log- doufám, že je to ono

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-09-2013 01
Ran by Admin at 2013-09-11 21:47:44 Run:1
Running from C:\Documents and Settings\Admin\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DWQueuedReporting] - c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [39264 2007-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-19] (Google Inc.)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)
Startup: C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE VGA Utility.lnk
ShortcutTarget: GIGABYTE VGA Utility.lnk -> C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe (Macrovision Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}

S4 IntelIde; No ImagePath
U3 TlntSvr;
S3 TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [x]

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\DWQueuedReporting => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE VGA Utility.lnk => Moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgress => Value deleted successfully.
IntelIde => Service deleted successfully.
TlntSvr => Service deleted successfully.
TVICHW32 => Service deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#4 Příspěvek od **vyosek** » 11 zář 2013 21:08

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Ecinazuz · #5 Příspěvek od **Ecinazuz** » 11 zář 2013 22:04

vše provedeno, proběhlo bez problému.
Děkuji mnohokráte za pomoc

#6 Příspěvek od **vyosek** » 11 zář 2013 22:11

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Prosím o preventivní kontrolu logu- děkuji

Prosím o preventivní kontrolu logu- děkuji

Re: Prosím o preventivní kontrolu logu- děkuji

Re: Prosím o preventivní kontrolu logu- děkuji

Re: Prosím o preventivní kontrolu logu- děkuji

Re: Prosím o preventivní kontrolu logu- děkuji

Re: Prosím o preventivní kontrolu logu- děkuji