VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu - Malwarebytes Anti-Malware

https://forum.viry.cz:443/viewtopic.php?t=133114

Stránka 1 z 1

Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 01 říj 2013 13:53
od Mamlas01
Dobrý den, vyhledávač od Google na mě dneska vybafl že bych mohl mít v počítači Malware. Stáhnul jsem si výše uvedený program a spustil kontrolu. Po skončení kontroly mi tento program každou chvilku vyhazuje hlášku že zablokoval přístup na podezřelou stránku 111.111.111.111
Nevím co přesně tato hláška znamená a prosím o kontrolu logu z tohoto programu.
Vzhledem k tomu, že se mi sem ten log nechce vejít, přikládám ho v dokumentu v PDF.
Děkuji.

Re: Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 01 říj 2013 17:54
od Rudy
Zdravím!
Vše, co MBAM nalezl, smažte. IP 111.111.111.111 patří Japonsku: http://whois.domaintools.com/111.111.111.111 . Takže je možné, že se na ni nalézají závadné weby. Dejte pro jistotu log FRST:
Stáhněte FRST: http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe a uložte na plochu. Spusťte a klikněte na >Scan<. Po skončení skenu se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 01 říj 2013 23:56
od Mamlas01
Doufám, že se mi to povedlo a vkládám log z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01
Ran by Boža (administrator) on BOŽA on 02-10-2013 00:42:52
Running from C:\Documents and Settings\Boža\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(ASUSTeK COMPUTER INC.) C:\WINDOWS\ATKKBService.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
(The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
() C:\Documents and Settings\All Users\Data aplikací\HiSuiteOuc\HiSuiteOuc.exe
() C:\Documents and Settings\All Users\Data aplikací\HandSetService\HuaweiHiSuiteService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
(The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(SkypEmoticons) C:\Documents and Settings\Boža\Data aplikací\SkypEmoticons\SE.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(LemurLeap) C:\Program Files\LemurLeap\updateLemurLeap.exe
() C:\Documents and Settings\Boža\Data aplikací\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [577536 2007-04-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [AlcoholAutomount] - D:\Audio video\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [se] - C:\Documents and Settings\Boža\Data aplikací\SkypEmoticons\SE.exe [5842336 2013-09-18] (SkypEmoticons)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Documents and Settings\Boža\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Documents and Settings\Boža\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Default User\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2007-06-27] (Nero AG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379540236
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files\LemurLeap\LemurLeapbho.dll (LemurLeap)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default
FF user.js: detected! => C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\user.js
FF NewTab: hxxp://home.brandthunder.com/nasathemes/?newtab
FF DefaultSearchEngine: Centrum.cz - Hledání v internetu
FF SearchEngineOrder.1: qvo6
FF Homepage: hxxp://www.centrum.cz/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3228856&SearchSource=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - D:\Přehravače\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: No Name - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\btpersonas@brandthunder.com
FF Extension: Centrum doménový pomocník - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\centrumpomocnik@centrum.cz
FF Extension: No Name - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\nostmp
FF Extension: Cooliris - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\piclens@cooliris.com
FF Extension: Firefox Synchronisation Extension - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\synchronize@nokia.suite
FF Extension: savensHaree - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\xzvei7a@eeoeuu-aooa.org
FF Extension: WebTran - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF Extension: FreemakeVideoConverterTB Community Toolbar - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{81fae9c9-cfbd-4cb3-8322-412e72f55f65}
FF Extension: Seznam lištička - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Centrum.cz nastavení - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: FoxLingo - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: DivXWebPlayer - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: No Name - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{166745b8-8d4a-4c86-9120-696de51a77aa}.xpi
FF Extension: No Name - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
FF Extension: No Name - C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379540236

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=16194
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=w ... 1379540236"]},"sync":{"keep_everything_synced":false,"preferences":false,"search_engines":false,"suppress_start":true},"webkit":{"webprefs":{"allow_running_insecure_content"
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (LemurLeap) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof\1.0.0_0
CHR Extension: (savensHaree ) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kmilnpoiaahbllakcdnaakfbbnnaakin\5.10
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (Gmail) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ATKKeyboardService; C:\WINDOWS\ATKKBService.exe [253952 2005-08-07] (ASUSTeK COMPUTER INC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [850432 2009-02-27] ()
R3 BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [98407 2009-02-27] ()
R2 BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467 2009-02-27] ()
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project)
R2 HiSuiteOuc.exe; C:\Documents and Settings\All Users\Data aplikací\HiSuiteOuc\HiSuiteOuc.exe [116032 2013-07-11] ()
R2 HuaweiHiSuiteService.exe; C:\Documents and Settings\All Users\Data aplikací\HandSetService\HuaweiHiSuiteService.exe [158208 2013-05-02] ()
S3 Installer Service; C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{7C41450A-4442-43F4-8DCA-BE04CC70A5EE}\Installer\InstallerService.exe [119296 2013-05-31] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NBService; D:\Audio video\Nero 7\Nero BackItUp\NBService.exe [800040 2007-06-29] (Nero AG)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120 2011-10-08] (NVIDIA Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S2 StarWindServiceAE; D:\Audio video\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 Update LemurLeap; C:\Program Files\LemurLeap\updateLemurLeap.exe [206624 2013-09-26] (LemurLeap)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 ALCXSENS; C:\Windows\System32\drivers\ALCXSENS.SYS [400384 2004-02-24] (Sensaura)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
R1 aslm75; C:\WINDOWS\system32\drivers\aslm75.sys [6272 1997-04-22] ()
S1 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [12416 2005-07-08] (ASUSTeK Computer Inc.)
R1 asuskbnt; C:\Windows\System32\drivers\atkkbnt.sys [23040 2005-06-09] (ASUSTeK COMPUTER INC.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [33800 2008-11-25] (IVT Corporation.)
S3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27528 2008-11-25] (IVT Corporation.)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [14088 2008-12-07] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [39304 2009-01-03] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [20744 2009-01-07] (IVT Corporation.)
S0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
S0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2008-12-07] ()
S3 BTNetFilter; C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [22416 2006-11-22] (IVT Corporation.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R2 EIO; C:\WINDOWS\system32\drivers\EIO.sys [11264 2005-08-01] (ASUSTeK Computer Inc.)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2012-12-15] (Duplex Secure Ltd.)
S3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [14856 2008-01-21] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [31880 2009-01-08] (IVT Corporation.)
S3 Video3D; C:\Windows\System32\Drivers\Video3D.sys [44544 2004-07-06] (ASUSTeK COMPUTER INC.)
R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [299424 2012-01-25] (Marvell)
U3 ag3zdvyq; C:\Windows\System32\Drivers\ag3zdvyq.sys [0 ] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-02 00:42 - 2013-10-02 00:42 - 00000000 ____D C:\FRST
2013-10-02 00:41 - 2013-10-02 00:41 - 00000000 ____D C:\Documents and Settings\Boža\Local Settings\Data aplikací\qb38396E.40
2013-10-02 00:41 - 2013-09-27 20:27 - 01086873 _____ (Farbar) C:\Documents and Settings\Boža\Plocha\FRST.exe
2013-10-02 00:11 - 2013-10-02 00:11 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-02 00:09 - 2013-10-02 00:12 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\Seznam.cz
2013-10-02 00:09 - 2013-10-02 00:10 - 00000000 ____D C:\Program Files\LemurLeap
2013-10-02 00:08 - 2013-10-02 00:08 - 00000386 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2013-10-02 00:08 - 2013-10-02 00:08 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\SwvUpdater
2013-10-01 23:52 - 2013-10-02 00:38 - 00029696 _____ C:\Documents and Settings\Boža\Local Settings\Data aplikací\MSGBOX.EXE
2013-10-01 11:27 - 2013-10-01 11:27 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-10-01 11:27 - 2013-10-01 11:27 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-01 11:27 - 2013-10-01 11:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-10-01 11:27 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-01 11:20 - 2013-10-01 11:20 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\Malwarebytes
2013-10-01 11:20 - 2013-10-01 11:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-09-19 22:57 - 2013-09-19 22:57 - 00000088 _____ C:\Documents and Settings\Boža\7098176685019684841.log
2013-09-19 22:49 - 2013-09-19 22:49 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\337
2013-09-19 22:48 - 2013-10-01 22:13 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\Omiga Plus
2013-09-19 22:48 - 2013-09-19 22:52 - 00000000 ____D C:\Program Files\Omiga Plus
2013-09-18 23:38 - 2013-10-01 22:13 - 00000000 ____D C:\Program Files\Common Files\337
2013-09-18 23:38 - 2013-09-19 23:02 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\eSafe
2013-09-18 23:38 - 2013-09-18 23:39 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\SkypEmoticons
2013-09-18 23:38 - 2013-09-18 23:38 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\SkypEmoticons
2013-09-18 23:36 - 2013-09-18 23:43 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-09-18 23:35 - 2013-09-20 06:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\savensHaree
2013-09-18 23:35 - 2013-09-18 23:38 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\SummerSoft
2013-09-18 23:34 - 2013-09-18 23:43 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-09-18 22:02 - 2013-09-18 22:02 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\TeamViewer 8
2013-09-17 21:41 - 2013-09-18 00:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-17 08:08 - 2013-09-17 08:08 - 00114071 _____ C:\Documents and Settings\Boža\Plocha\Boháč mi dluží za práci a vysmívá se. Nebojte se bránit, radí advokát - iDNES.cz.htm
2013-09-17 08:08 - 2013-09-17 08:08 - 00000000 ____D C:\Documents and Settings\Boža\Plocha\Boháč mi dluží za práci a vysmívá se. Nebojte se bránit, radí advokát - iDNES.cz_soubory
2013-09-12 23:15 - 2013-09-12 23:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-12 23:15 - 2013-09-12 23:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-12 23:15 - 2013-09-12 23:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-05 10:22 - 2013-09-05 10:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-02 23:37 - 2013-09-02 23:37 - 00007168 ___SH C:\WINDOWS\Thumbs.db

==================== One Month Modified Files and Folders =======

2013-10-02 00:44 - 2012-10-28 14:53 - 00000000 ____D C:\Documents and Settings\Boža\Plocha
2013-10-02 00:43 - 2012-10-29 09:43 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\Skype
2013-10-02 00:42 - 2013-10-02 00:42 - 00000000 ____D C:\FRST
2013-10-02 00:41 - 2013-10-02 00:41 - 00000000 ____D C:\Documents and Settings\Boža\Local Settings\Data aplikací\qb38396E.40
2013-10-02 00:41 - 2012-10-28 14:53 - 00000000 ___HD C:\Documents and Settings\Boža\Local Settings\Data aplikací
2013-10-02 00:38 - 2013-10-01 23:52 - 00029696 _____ C:\Documents and Settings\Boža\Local Settings\Data aplikací\MSGBOX.EXE
2013-10-02 00:26 - 2012-10-29 02:18 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-02 00:12 - 2013-10-02 00:09 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\Seznam.cz
2013-10-02 00:11 - 2013-10-02 00:11 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-02 00:10 - 2013-10-02 00:09 - 00000000 ____D C:\Program Files\LemurLeap
2013-10-02 00:09 - 2012-10-28 14:53 - 00000000 __RHD C:\Documents and Settings\Boža\Data aplikací
2013-10-02 00:08 - 2013-10-02 00:08 - 00000386 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2013-10-02 00:08 - 2013-10-02 00:08 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\SwvUpdater
2013-10-01 23:56 - 2012-10-29 01:42 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-01 23:48 - 2012-10-29 01:42 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-10-01 23:41 - 2012-10-28 15:42 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-10-01 23:41 - 2012-10-28 15:42 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-10-01 23:41 - 2009-02-27 17:04 - 00001280 _____ C:\WINDOWS\system32\bscs.ini
2013-10-01 23:40 - 2012-10-29 11:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974392$
2013-10-01 23:40 - 2012-10-29 01:42 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-01 23:40 - 2012-10-28 14:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-01 23:39 - 2012-10-29 19:47 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-10-01 23:39 - 2012-10-28 14:53 - 00000178 ___SH C:\Documents and Settings\Boža\ntuser.ini
2013-10-01 23:39 - 2012-10-28 14:53 - 00000000 ____D C:\Documents and Settings\Boža
2013-10-01 23:39 - 2012-10-28 14:52 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-01 23:39 - 2012-10-28 14:47 - 01978872 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-01 22:13 - 2013-09-19 22:48 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\Omiga Plus
2013-10-01 22:13 - 2013-09-18 23:38 - 00000000 ____D C:\Program Files\Common Files\337
2013-10-01 19:28 - 2012-10-29 23:42 - 00000000 ____D C:\Documents and Settings\Boža\Dokumenty\Soubory aplikace Outlook
2013-10-01 14:46 - 2012-10-29 23:41 - 00002547 _____ C:\Documents and Settings\Boža\Plocha\Microsoft Word 2010 (2).lnk
2013-10-01 11:27 - 2013-10-01 11:27 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-10-01 11:27 - 2013-10-01 11:27 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-01 11:27 - 2013-10-01 11:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-10-01 11:27 - 2012-10-28 15:39 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-10-01 11:27 - 2012-10-28 15:39 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-10-01 11:20 - 2013-10-01 11:20 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\Malwarebytes
2013-10-01 11:20 - 2013-10-01 11:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-10-01 11:20 - 2012-10-28 15:37 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-30 16:41 - 2012-10-31 00:29 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\.minecraft
2013-09-29 20:13 - 2002-12-05 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-27 20:27 - 2013-10-02 00:41 - 01086873 _____ (Farbar) C:\Documents and Settings\Boža\Plocha\FRST.exe
2013-09-27 02:31 - 2012-12-13 01:02 - 00001088 _____ C:\Documents and Settings\Boža\Local Settings\Data aplikací\SRDownloader.nast
2013-09-22 22:57 - 2012-10-29 19:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-09-20 21:05 - 2012-10-29 01:43 - 00002095 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-09-20 06:31 - 2013-09-18 23:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\savensHaree
2013-09-19 23:24 - 2012-12-14 01:46 - 08114176 _____ C:\Documents and Settings\Boža\NTUSER.rhk
2013-09-19 23:24 - 2012-12-14 01:46 - 00311296 _____ C:\Documents and Settings\NetworkService\NTUSER.rhk
2013-09-19 23:24 - 2012-12-14 01:46 - 00278528 _____ C:\WINDOWS\system32\config\default.rhk
2013-09-19 23:24 - 2012-12-14 01:46 - 00241664 _____ C:\Documents and Settings\UpdatusUser\NTUSER.rhk
2013-09-19 23:24 - 2012-12-14 01:46 - 00241664 _____ C:\Documents and Settings\LocalService\NTUSER.rhk
2013-09-19 23:24 - 2012-12-14 01:46 - 00028672 _____ C:\WINDOWS\system32\config\SAM.rhk
2013-09-19 23:24 - 2012-12-14 01:45 - 38371328 _____ C:\WINDOWS\system32\config\software.rhk
2013-09-19 23:24 - 2012-10-28 14:51 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-09-19 23:24 - 2012-10-28 14:51 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-09-19 23:23 - 2012-12-14 01:45 - 00057344 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2013-09-19 23:05 - 2012-10-29 22:22 - 00000000 ____D C:\Documents and Settings\Boža\Dokumenty\Záloha CCleaner
2013-09-19 23:02 - 2013-09-18 23:38 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\eSafe
2013-09-19 22:57 - 2013-09-19 22:57 - 00000088 _____ C:\Documents and Settings\Boža\7098176685019684841.log
2013-09-19 22:52 - 2013-09-19 22:48 - 00000000 ____D C:\Program Files\Omiga Plus
2013-09-19 22:49 - 2013-09-19 22:49 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\337
2013-09-19 22:48 - 2011-02-20 00:03 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-09-18 23:43 - 2013-09-18 23:36 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-09-18 23:43 - 2013-09-18 23:34 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-09-18 23:39 - 2013-09-18 23:38 - 00000000 ____D C:\Documents and Settings\Boža\Data aplikací\SkypEmoticons
2013-09-18 23:38 - 2013-09-18 23:38 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\SkypEmoticons
2013-09-18 23:38 - 2013-09-18 23:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\SummerSoft
2013-09-18 23:37 - 2012-10-29 02:12 - 00001006 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2013-09-18 23:37 - 2012-10-28 14:53 - 00001085 _____ C:\Documents and Settings\Boža\Nabídka Start\Programy\Internet Explorer.lnk
2013-09-18 22:02 - 2013-09-18 22:02 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\TeamViewer 8
2013-09-18 22:02 - 2013-05-07 14:52 - 00000815 _____ C:\Documents and Settings\All Users\Plocha\TeamViewer 8.lnk
2013-09-18 01:06 - 2012-10-30 16:32 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2013-09-18 00:53 - 2012-10-29 02:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-18 00:07 - 2013-09-17 21:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-17 15:07 - 2013-08-25 23:57 - 00002781 _____ C:\Documents and Settings\Boža\Local Settings\Data aplikací\SRDownloader.err
2013-09-17 11:55 - 2012-10-30 01:17 - 00030046 _____ C:\Documents and Settings\Boža\Plocha\DVD.xlsx
2013-09-17 08:08 - 2013-09-17 08:08 - 00114071 _____ C:\Documents and Settings\Boža\Plocha\Boháč mi dluží za práci a vysmívá se. Nebojte se bránit, radí advokát - iDNES.cz.htm
2013-09-17 08:08 - 2013-09-17 08:08 - 00000000 ____D C:\Documents and Settings\Boža\Plocha\Boháč mi dluží za práci a vysmívá se. Nebojte se bránit, radí advokát - iDNES.cz_soubory
2013-09-14 15:25 - 2012-10-28 14:48 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-09-12 23:21 - 2012-10-28 15:36 - 00271784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-12 23:15 - 2013-09-12 23:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-12 23:15 - 2013-09-12 23:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-12 23:15 - 2013-09-12 23:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-12 23:15 - 2012-10-29 11:26 - 00000000 ____D C:\WINDOWS\ie8updates
2013-09-12 23:14 - 2013-08-15 00:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-12 22:58 - 2012-10-29 11:11 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-12 09:30 - 2012-11-11 12:39 - 00002347 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader XI.lnk
2013-09-12 06:06 - 2012-10-29 23:37 - 00000000 ____D C:\WINDOWS\AutoKMS
2013-09-11 11:17 - 2012-11-11 14:38 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-09-11 00:27 - 2012-10-29 02:18 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-11 00:27 - 2012-10-29 02:18 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-05 10:22 - 2013-09-05 10:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-04 00:00 - 2013-05-24 00:33 - 00000000 ____D C:\Documents and Settings\Boža\Plocha\ARCHITEKTONICKO-STAVEBNÍ ČÁST
2013-09-02 23:37 - 2013-09-02 23:37 - 00007168 ___SH C:\WINDOWS\Thumbs.db

Some content of TEMP:
====================
C:\Documents and Settings\Boža\Local Settings\Temp\LiveSupport_setup.exe
C:\Documents and Settings\Boža\Local Settings\Temp\sSetup-se.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 07:52] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 07:52] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 06:42] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== Alternate Data Streams (whitelisted) ====

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:39413AC3

==================== Loaded Modules (whitelisted) ============

2013-10-01 19:23 - 2013-10-01 15:27 - 02102784 _____ () C:\Program Files\AVAST Software\Avast\defs\13100102\algo.dll
2009-02-27 16:41 - 2009-02-27 16:41 - 00122976 _____ () C:\WINDOWS\system32\BsMobileSDK.dll
2009-02-27 16:44 - 2009-02-27 16:44 - 00622693 _____ () C:\WINDOWS\system32\BsShell.dll
2008-03-07 13:54 - 2008-03-07 13:54 - 17907824 _____ () C:\WINDOWS\system32\BsLangInDepRes.dll
2012-10-29 02:00 - 2005-10-07 16:05 - 00125440 _____ () C:\Program Files\WinRAR\rarext.dll
2012-10-29 02:00 - 2007-10-02 16:41 - 00319488 _____ () C:\Program Files\WinRAR\rarlng.dll
2007-06-16 17:18 - 2007-06-16 17:18 - 00032768 _____ () D:\Audio video\Media Player Utilities\AMVConverter\AmvTransform.dll
2013-10-02 00:11 - 2013-03-29 13:37 - 00059384 _____ () C:\Documents and Settings\Boža\Data aplikací\Seznam.cz\bin\25156libfoxloader.dll
2008-12-26 16:44 - 2008-12-26 16:44 - 00237568 _____ () C:\Program Files\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll
2008-12-26 16:45 - 2008-12-26 16:45 - 00061440 _____ () C:\Program Files\IVT Corporation\BlueSoleil\Mobile\ExtraLib.dll
2003-05-01 17:23 - 2003-05-01 17:23 - 00041472 _____ () C:\Program Files\IVT Corporation\BlueSoleil\Mobile\cscvt.dll
2008-04-14 07:51 - 2008-04-14 07:51 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-09-17 21:41 - 2013-09-17 21:41 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-09-11 00:27 - 2013-09-11 00:27 - 16177544 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
2013-10-02 00:10 - 2013-03-25 16:39 - 00894968 _____ () C:\Documents and Settings\Boža\Data aplikací\Seznam.cz\bin\lightspeed.dll
2013-10-02 00:11 - 2013-04-24 12:31 - 00081992 _____ () C:\Documents and Settings\Boža\Data aplikací\Seznam.cz\bin\libchinst.dll
2013-10-02 00:10 - 2012-10-24 16:42 - 00247352 _____ () C:\Documents and Settings\Boža\Data aplikací\Seznam.cz\bin\unlockInstance.dll
2012-12-05 00:14 - 2012-10-22 12:15 - 01277952 _____ () C:\Program Files\PANDORA.TV\PanService\avformat-53.dll
2012-12-05 00:13 - 2012-07-09 18:57 - 02090496 _____ () C:\Program Files\PANDORA.TV\PanService\avcodec-53.dll
2012-12-05 00:14 - 2011-12-06 17:19 - 00133632 _____ () C:\Program Files\PANDORA.TV\PanService\avutil-51.dll
2012-12-05 00:14 - 2012-03-23 11:07 - 00224768 _____ () C:\Program Files\PANDORA.TV\PanService\libupnp.dll

==================== Scheduled Tasks (whitelisted) ===========

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Documents and Settings\Bo~a\Data aplikací\SwvUpdater\Updater.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Supplementary Scan (All) ================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher
C:\Program Files\ASUS\Probe\AsusProb.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe
"C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor
C:\Program Files\HiSuite\HiSuite.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameFace Messenger
"C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Partner
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor
Reim ECHO je vypnut.



[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=dword:00000001
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\vbc.exe"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"
"J:\\Hry programy\\Far Cry\\Bin32\\FarCry.exe"="J:\\Hry programy\\Far Cry\\Bin32\\FarCry.exe:*:Enabled:Far Cry"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Program Files\\Common Files\\soft602\\langserv.exe"="C:\\Program Files\\Common Files\\soft602\\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"="C:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"="C:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe:*:Enabled:PanProcess"
"C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"="C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"="midimap.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msadpcm"="msadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.trspch"="tssoft32.acm"
"vidc.cvid"="iccvid.dll"
"VIDC.I420"="msh263.drv"
"vidc.iv31"="ir32_32.dll"
"vidc.iv32"="ir32_32.dll"
"vidc.iv41"="ir41_32.ax"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVU9"="tsbyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"wavemapper"="msacm32.drv"
"msacm.msg723"="msg723.acm"
"vidc.M263"="msh263.drv"
"vidc.M261"="msh261.drv"
"msacm.msaudio1"="msaud32.acm"
"msacm.sl_anet"="sl_anet.acm"
"msacm.iac2"="C:\\WINDOWS\\system32\\iac25_32.ax"
"vidc.iv50"="ir50_32.dll"
"msacm.l3acm"="C:\\WINDOWS\\system32\\l3codeca.acm"
"vidc.asv2"="asusasv2.dll"
"MSVideo8"="VfWWDM32.dll"
"msacm.l3fhg"="mp3fhg.acm"
"VIDC.XVID"="xvidvfw.dll"
"VIDC.YV12"="yv12vfw.dll"
"msacm.ac3acm"="ac3acm.acm"
"VIDC.FFDS"="ff_vfw.dll"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"vidc.DIVX"="DivX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP]
"wave"="rdpsnd.dll"
"mixer"="rdpsnd.dll"
"MaxBandwidth"=dword:000056b9
"wavemapper"="msacm32.drv"
"EnableMP3Codec"=dword:00000001
"midimapper"="midimap.dll"


==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:34.18 GB) (Free:3.25 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Programy) (Fixed) (Total:34.18 GB) (Free:25.54 GB) NTFS
Drive e: (Data) (Fixed) (Total:43.42 GB) (Free:13.33 GB) NTFS
Drive i: (AUDIO VIDEO) (Fixed) (Total:151.37 GB) (Free:6.05 GB) NTFS
Drive j: () (Fixed) (Total:151.37 GB) (Free:16.09 GB) NTFS
Drive k: () (Fixed) (Total:163.02 GB) (Free:65.28 GB) NTFS

Available physical RAM: 223.65 MB
Total physical RAM: 1023.23 MB
Percentage of memory in use: 78%

==================== MBR and Partition Table =================

Disk: 0 (Size: 112 GB) (Disk ID: AEFEAEFE)
Partition 1: (Active) - (Size=34 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=OF Extended)
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 83227AE2)
Partition 1: (Not Active) - (Size=151 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=163 GB) - (Type=07 NTFS)


==================== End Of Log ==============================

Re: Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 02 říj 2013 17:47
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKCU\...\Run: [] - [x]
HKCU\...\Run: [] - [x]
HKU\Default User\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379540236
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF ProfilePath: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default
FF NewTab: hxxp://home.brandthunder.com/nasathemes/?newtab
FF SearchEngineOrder.1: qvo6
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379540236
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=w ... 1379540236"]},"sync":{"keep_everything_synced":false,"preferences":false,"search_engines":false,"suppress_start":true},"webkit":{"webprefs":{"allow_running_insecure_content"
CHR Extension: (savensHaree ) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kmilnpoiaahbllakcdnaakfbbnnaakin\5.10
C:\WINDOWS\Tasks\AmiUpdXp.job
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 03 říj 2013 08:56
od Mamlas01
Udělal jsem vše podle návodu a vkládám druhý log z FRST.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by Boža at 2013-10-03 09:51:21 Run:1
Running from C:\Documents and Settings\Boža\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [] - [x]
HKCU\...\Run: [] - [x]
HKU\Default User\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379540236
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF ProfilePath: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default
FF NewTab: hxxp://home.brandthunder.com/nasathemes/?newtab
FF SearchEngineOrder.1: qvo6
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379540236
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=w ... 1379540236"]},"sync":{"keep_everything_synced":false,"preferences":false,"search_engines":false,"suppress_start":true},"webkit":{"webprefs":{"allow_running_insecure_content"
CHR Extension: (savensHaree ) - C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kmilnpoiaahbllakcdnaakfbbnnaakin\5.10
C:\WINDOWS\Tasks\AmiUpdXp.job
End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_3 => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_3 => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
=> Should not be moved.
Firefox newtab deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\askcom.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\conduit.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-1.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-10.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-11.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-12.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-13.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-14.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-2.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-3.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-4.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-5.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-6.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-7.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-8.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin-9.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\icqplugin.xml => Moved successfully.
C:\Documents and Settings\Boža\Data aplikací\Mozilla\Firefox\Profiles\4d29trmw.default\searchplugins\searchplugins-backup => Moved successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml => Moved successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml => Moved successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml => Moved successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml => Moved successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=w ... 1379540236"]},"sync":{"keep_everything_synced":false,"preferences":false,"search_engines":false,"suppress_start":true},"webkit":{"webprefs":{"allow_running_insecure_content" ==> The Chrome "Settings" can be used to fix the entry.
C:\DOCUME~1\BOA~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kmilnpoiaahbllakcdnaakfbbnnaakin => Moved successfully.
C:\WINDOWS\Tasks\AmiUpdXp.job => Moved successfully.

==== End of Fixlog ====

Re: Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 03 říj 2013 17:29
od Rudy
Smazáno. Je ještě nějaký problém?

Re: Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 04 říj 2013 09:12
od Mamlas01
Zatím PC funguje jak má, zdá se že je to vše. Moc děkuji za pomoc.

Re: Prosím o kontrolu logu - Malwarebytes Anti-Malware

Napsal: 04 říj 2013 18:23
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz