Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
joj
Návštěvník
Návštěvník
Příspěvky: 151
Registrován: 10 říj 2013 13:01

Prosím o kontrolu

#1 Příspěvek od joj »

Prosím o kontrolu. Díky moc.


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by lenka at 13:46:36 on 2013-10-10
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2013.872 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\PROGRA~1\MediaKey\MediaKey.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Philips Display\SmartControl\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
C:\Program Files\Portrait Displays\Pivot Pro Plugin\floater.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: {f34c9277-6577-4dff-b2d7-7d58092f272f} - <orphaned>
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [NokiaSuite.exe] c:\program files\nokia\nokia suite\NokiaSuite.exe -tray
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [MediaKey] c:\progra~1\mediakey\MediaKey.EXE
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe
mRun: [DeviceDiscovery] c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [PivotSoftware] "c:\program files\portrait displays\pivot pro plugin\Pivot_startup.exe" -delay=10
mRun: [DT PLP] c:\program files\common files\portrait displays\shared\DT_startup.exe -PLP
mRun: [Omnipage] c:\program files\scansoft\omnipagese\opware32.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Otevřít obrázek v aplikaci &Microsoft PhotoDraw - c:\progra~1\micros~2\office\1029\phdintl.dll/phdContext.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.75.0.254 10.0.0.3 10.0.0.2
TCP: Interfaces\{76BC75D0-CB1A-489A-A9A9-BC91C891C314} : DHCPNameServer = 10.75.0.254 10.0.0.3 10.0.0.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\lenka\data aplikací\mozilla\firefox\profiles\2eoj0vf2.default\
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-10 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-10 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-14 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-14 369584]
R2 602XML Updater;602Updater;c:\program files\common files\soft602\602updsvc\602updsvc.exe [2010-4-14 85344]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-14 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-4-10 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-14 46808]
R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2012-2-21 109168]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis;c:\program files\acronis\diskdirector\oss\reinstall_svc.exe [2010-7-7 2156952]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
S1 hola_net;Hola Fast Internet Adapter;c:\windows\system32\drivers\hola_net.sys [2013-3-12 72688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-1-14 1684736]
S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\data aplikací\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\naveng.sys --> c:\documents and settings\all users\data aplikací\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVENG.SYS [?]
S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\data aplikací\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\navex15.sys --> c:\documents and settings\all users\data aplikací\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVEX15.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-10-09 10:48:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 10:48:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-30 07:48:13 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48:12 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48:11 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47:40 41664 ----a-w- c:\windows\avastSS.scr
2013-08-22 17:09:56 217176 ----a-w- c:\windows\system32\unrar.dll
2013-07-30 15:17:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-30 15:17:19 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-30 15:17:18 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-30 15:17:18 789416 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 13:48:09,60 ===============
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Dejte log z FRSTL http://forum.viry.cz/viewtopic.php?f=30&t=133101
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
joj
Návštěvník
Návštěvník
Příspěvky: 151
Registrován: 10 říj 2013 13:01

Re: Prosím o kontrolu

#3 Příspěvek od joj »

# AdwCleaner v3.007 - Report created 11/10/2013 at 15:48:17
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : lenka - FERDA
# Running from : C:\Documents and Settings\lenka\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\blekko toolbars
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Desk 365
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Documents and Settings\lenka\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\DOCUME~1\lenka\LOCALS~1\Temp\AskSearch
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\adawaretb
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Desk 365
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\file scout
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\ilividtoolbarguid
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\searchresultstb
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\SwvUpdater
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Systweak
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\adawaretb
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\ilividtoolbarguid
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\jetpack
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{C50CA3C4-5656-43C2-A061-13E717F73FC8}
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Folder Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\plugin@getwebcake.com
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\invalidprefs.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\searchplugins\Askcom.xml
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\searchplugins\BitGuard.xml
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\searchplugins\yahoo-zugo.xml
File Deleted : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\user.js
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BrowserProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKCU\Software\5ae8cdbe63bb840
Key Deleted : HKLM\SOFTWARE\5ae8cdbe63bb840
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F34C9277-6577-4DFF-B2D7-7D58092F272F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividtoolbarguid

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "qvo6");
Line Deleted : user_pref("browser.search.order.1", "qvo6");
Line Deleted : user_pref("browser.search.selectedEngine", "qvo6");
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "edefa216-3520-4345-a7e1-a35246832dbc");

*************************

AdwCleaner[R0].txt - [10632 octets] - [11/10/2013 15:47:10]
AdwCleaner[S0].txt - [10570 octets] - [11/10/2013 15:48:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10631 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu

#4 Příspěvek od vyosek »

Jeste poprosim o ten FRSTL
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
joj
Návštěvník
Návštěvník
Příspěvky: 151
Registrován: 10 říj 2013 13:01

Re: Prosím o kontrolu

#5 Příspěvek od joj »

Omlouvám se.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by lenka (administrator) on FERDA on 11-10-2013 16:26:30
Running from C:\Documents and Settings\lenka\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Dritek System Inc.) C:\PROGRA~1\MediaKey\MediaKey.EXE
() C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
(ScanSoft, Inc) C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Portrait Displays, Inc) C:\Program Files\Philips Display\SmartControl\DTHtml.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\floater.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Outlook Express\msimn.exe
(forum.viry.cz) C:\Documents and Settings\lenka\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [17567744 2009-03-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [MediaKey] - C:\PROGRA~1\MediaKey\MediaKey.EXE [135168 2001-01-15] (Dritek System Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [49152 2002-12-17] ()
HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [172032 2003-03-11] (HP)
HKLM\...\Run: [DeviceDiscovery] - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [40960 2002-12-02] (Hewlett-Packard)
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [PivotSoftware] - C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM\...\Run: [DT PLP] - C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-05-17] ()
HKLM\...\Run: [Omnipage] - C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [49152 2002-06-03] (ScanSoft, Inc)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
MountPoints2: {85892c03-924e-11e2-bb00-002618d43576} - F:\NokiaPCIA_Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.75.0.254 10.0.0.3 10.0.0.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: No Name - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\artur.dubovoy@gmail.com
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF Extension: No Name - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\staged
FF Extension: Youtube Video Center - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{34878998-c8be-40bc-bc13-9243a2844976}(2)
FF Extension: Ad-Aware Security Add-on - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF Extension: DownloadHelper - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: 2conv - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\2conv@hotger.com.xpi
FF Extension: artur.dubovoy - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\artur.dubovoy@gmail.com.xpi
FF Extension: jid1-4P0kohSJxU1qGg - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi
FF Extension: torntv - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\torntv@torntv.com.xpi
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-05-17] ()
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [109168 2010-04-16] (Portrait Displays, Inc.)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
S2 hpdj; C:\DOCUME~1\lenka\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 3500 series -product= [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-07-21] (Elaborate Bytes AG)
S1 hola_net; C:\Windows\System32\DRIVERS\hola_net.sys [72688 2013-03-29] (Hola Networks Ltd.)
R3 KBFiltr; C:\Windows\System32\Drivers\KBFiltr.sys [13620 2000-04-08] ()
R3 L1e; C:\Windows\System32\DRIVERS\l1e51x86.sys [38400 2008-09-23] (Atheros Communications, Inc.)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [17136 2010-04-16] (Portrait Displays, Inc.)
S1 Pivot; C:\Windows\System32\drivers\pivot.sys [17465 2010-05-13] (Portrait Displays, Inc.)
S3 pivotmou; C:\WINDOWS\System32\drivers\pivotmou.sys [11323 2010-05-13] (Portrait Displays, Inc.)
S4 IntelIde; No ImagePath
S3 NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [x]
S3 NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S1 SRTSP; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS [x]
S1 SRTSPX; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-11 16:26 - 2013-10-11 16:26 - 00000000 ____D C:\FRST
2013-10-11 16:24 - 2013-10-11 16:24 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\lenka\Plocha\FRSTLauncher.exe
2013-10-11 16:23 - 2013-10-11 16:23 - 01087213 _____ (Farbar) C:\Documents and Settings\lenka\Plocha\FRST.exe
2013-10-11 15:46 - 2013-10-11 15:48 - 00000000 ____D C:\AdwCleaner
2013-10-11 15:46 - 2013-10-11 15:46 - 01048960 _____ C:\Documents and Settings\lenka\Plocha\adwcleaner.exe
2013-10-10 16:22 - 2013-10-10 16:37 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\WMTools Downloaded Files
2013-10-10 13:48 - 2013-10-10 13:48 - 00013881 _____ C:\Documents and Settings\lenka\Plocha\attach.txt
2013-10-10 13:48 - 2013-10-10 13:48 - 00011091 _____ C:\Documents and Settings\lenka\Plocha\dds.txt
2013-10-10 13:46 - 2013-10-10 13:46 - 00000000 ___RD C:\Documents and Settings\lenka\Nabídka Start\Programy\Nástroje pro správu
2013-10-10 13:45 - 2013-10-10 13:45 - 00688992 ____R (Swearware) C:\Documents and Settings\lenka\Plocha\dds.exe
2013-10-05 15:40 - 2013-10-05 15:40 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\K-Lite Codec Pack
2013-09-21 09:29 - 2013-09-21 09:30 - 43801793 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace 2013.03.21.London Islington My Way Only.mp4
2013-09-21 09:25 - 2013-09-21 09:26 - 22687845 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace - 'Never A Loser In Love' (Bungle in main role).mp4
2013-09-21 09:23 - 2013-09-21 09:25 - 84356233 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace Bournemouth 'I Will Make A Wish' 14 Jan 2011.mp4
2013-09-21 09:23 - 2013-09-21 09:24 - 24145078 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace sings Songbird.mp4
2013-09-21 09:20 - 2013-09-21 09:23 - 62570244 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace.avi
2013-09-21 09:15 - 2013-09-21 09:18 - 36856928 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace.mp4
2013-09-21 09:15 - 2013-09-21 09:17 - 54356010 _____ C:\Documents and Settings\lenka\Plocha\Heather peace stamford 190111( u do something 2 me).MP4.mp4

==================== One Month Modified Files and Folders =======

2013-10-11 16:26 - 2013-10-11 16:26 - 00000000 ____D C:\FRST
2013-10-11 16:25 - 2012-01-14 15:10 - 00000000 ___HD C:\Documents and Settings\lenka\Local Settings\Data aplikací
2013-10-11 16:25 - 2012-01-14 15:10 - 00000000 ____D C:\Documents and Settings\lenka\Plocha
2013-10-11 16:24 - 2013-10-11 16:24 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\lenka\Plocha\FRSTLauncher.exe
2013-10-11 16:23 - 2013-10-11 16:23 - 01087213 _____ (Farbar) C:\Documents and Settings\lenka\Plocha\FRST.exe
2013-10-11 16:16 - 2013-04-10 16:47 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-10-11 15:50 - 2012-02-22 17:07 - 00001505 _____ C:\Documents and Settings\lenka\Plocha\SmartControl.lnk
2013-10-11 15:50 - 2012-01-14 15:04 - 01961901 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-11 15:49 - 2013-04-10 21:34 - 00000316 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-10-11 15:49 - 2012-01-14 15:59 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-11 15:49 - 2012-01-14 15:59 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-11 15:49 - 2012-01-14 15:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-11 15:48 - 2013-10-11 15:46 - 00000000 ____D C:\AdwCleaner
2013-10-11 15:48 - 2013-04-07 15:06 - 00032518 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-11 15:48 - 2012-04-10 17:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-11 15:48 - 2012-01-14 15:56 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-10-11 15:48 - 2012-01-14 15:10 - 00000178 ___SH C:\Documents and Settings\lenka\ntuser.ini
2013-10-11 15:48 - 2012-01-14 15:10 - 00000000 __RHD C:\Documents and Settings\lenka\Data aplikací
2013-10-11 15:46 - 2013-10-11 15:46 - 01048960 _____ C:\Documents and Settings\lenka\Plocha\adwcleaner.exe
2013-10-11 15:01 - 2006-03-02 14:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-10 21:57 - 2012-01-14 15:10 - 00000000 ___RD C:\Documents and Settings\lenka\Oblíbené položky
2013-10-10 17:14 - 2013-07-28 12:58 - 00000466 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{041B0788-0E13-468E-A67D-32205049EA38}.job
2013-10-10 16:37 - 2013-10-10 16:22 - 00000000 ____D C:\Documents and Settings\lenka\Local Settings\Data aplikací\WMTools Downloaded Files
2013-10-10 16:29 - 2012-02-27 18:28 - 00000155 _____ C:\WINDOWS\NeroDigital.ini
2013-10-10 16:22 - 2012-08-01 16:45 - 00000000 ___RD C:\Documents and Settings\lenka\Dokumenty\Filmy
2013-10-10 16:10 - 2013-05-14 17:47 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\vlc
2013-10-10 13:48 - 2013-10-10 13:48 - 00013881 _____ C:\Documents and Settings\lenka\Plocha\attach.txt
2013-10-10 13:48 - 2013-10-10 13:48 - 00011091 _____ C:\Documents and Settings\lenka\Plocha\dds.txt
2013-10-10 13:47 - 2013-02-21 18:14 - 00226304 ___SH C:\Documents and Settings\lenka\Plocha\Thumbs.db
2013-10-10 13:46 - 2013-10-10 13:46 - 00000000 ___RD C:\Documents and Settings\lenka\Nabídka Start\Programy\Nástroje pro správu
2013-10-10 13:46 - 2012-01-14 15:10 - 00000000 ___RD C:\Documents and Settings\lenka\Nabídka Start\Programy
2013-10-10 13:45 - 2013-10-10 13:45 - 00688992 ____R (Swearware) C:\Documents and Settings\lenka\Plocha\dds.exe
2013-10-09 17:43 - 2012-01-20 20:31 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\BitTorrent
2013-10-09 12:48 - 2012-04-10 17:56 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 12:48 - 2012-01-14 19:23 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-08 19:16 - 2012-01-14 15:10 - 00000000 ____D C:\Documents and Settings\lenka
2013-10-08 11:46 - 2012-01-14 20:13 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-06 19:16 - 2012-01-14 15:04 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-10-06 18:53 - 2012-01-14 19:35 - 00000000 ____D C:\Documents and Settings\lenka\Data aplikací\Skype
2013-10-06 18:21 - 2012-01-14 19:35 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-10-06 17:19 - 2012-01-14 15:10 - 00000000 ___RD C:\Documents and Settings\lenka\Dokumenty
2013-10-06 12:00 - 2012-12-04 22:47 - 00000944 _____ C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2013-10-05 15:44 - 2012-01-14 15:04 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2013-10-05 15:40 - 2013-10-05 15:40 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\K-Lite Codec Pack
2013-10-05 15:40 - 2012-01-15 19:49 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-10-05 15:40 - 2012-01-14 15:56 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-10-04 19:23 - 2012-01-15 17:32 - 00088064 _____ C:\Documents and Settings\lenka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-02 18:21 - 2013-04-10 18:20 - 00010102 _____ C:\WINDOWS\wmsetup.log
2013-09-25 15:51 - 2012-02-19 11:58 - 00000038 _____ C:\WINDOWS\AviSplitter.INI
2013-09-21 13:27 - 2013-05-28 21:27 - 00777878 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1957994488-764733703-839522115-1003-0.dat
2013-09-21 13:27 - 2013-05-28 21:27 - 00229118 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2013-09-21 09:30 - 2013-09-21 09:29 - 43801793 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace 2013.03.21.London Islington My Way Only.mp4
2013-09-21 09:26 - 2013-09-21 09:25 - 22687845 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace - 'Never A Loser In Love' (Bungle in main role).mp4
2013-09-21 09:25 - 2013-09-21 09:23 - 84356233 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace Bournemouth 'I Will Make A Wish' 14 Jan 2011.mp4
2013-09-21 09:24 - 2013-09-21 09:23 - 24145078 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace sings Songbird.mp4
2013-09-21 09:23 - 2013-09-21 09:20 - 62570244 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace.avi
2013-09-21 09:18 - 2013-09-21 09:15 - 36856928 _____ C:\Documents and Settings\lenka\Plocha\Heather Peace.mp4
2013-09-21 09:17 - 2013-09-21 09:15 - 54356010 _____ C:\Documents and Settings\lenka\Plocha\Heather peace stamford 190111( u do something 2 me).MP4.mp4

Some content of TEMP:
====================
C:\Documents and Settings\lenka\Local Settings\Temp\BundleSweetIMSetup.exe
C:\Documents and Settings\lenka\Local Settings\Temp\installhelper.dll
C:\Documents and Settings\lenka\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\lenka\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe
C:\Documents and Settings\lenka\Local Settings\Temp\mediaget-uninstaller.exe
C:\Documents and Settings\lenka\Local Settings\Temp\MybabylonTB.exe
C:\Documents and Settings\lenka\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\lenka\Local Settings\Temp\NOSEventMessages.dll
C:\Documents and Settings\lenka\Local Settings\Temp\propsys.dll
C:\Documents and Settings\lenka\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\lenka\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\lenka\Local Settings\Temp\SRAssetsHelper.dll
C:\Documents and Settings\lenka\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\lenka\Local Settings\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2006-03-02 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2006-03-02 14:00] - [2008-04-14 09:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2006-03-02 14:00] - [2008-04-14 09:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 14:00] - [2008-04-14 08:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1





===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (SYSTEM) (Fixed) (Total:97.65 GB) (Free:45.13 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (SKLAD) (Fixed) (Total:368.1 GB) (Free:23.5 GB) NTFS

Available physical RAM: 1268.26 MB
Total physical RAM: 2013.04 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 466 GB) (Disk ID: 0D7649D2)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{041B0788-0E13-468E-A67D-32205049EA38}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\WINDOWS:2A805584367E9337
AlternateDataStreams: C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\lenka\Plocha" je 4518 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\TRANSLAT\\WEBTRANS.EXE"="C:\\TRANSLAT\\WEBTRANS.EXE:*:Enabled:WebTrans"
"C:\\Program Files\\BitTorrent\\BitTorrent.exe"="C:\\Program Files\\BitTorrent\\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe"="C:\\Program Files\\Xi\\NetXfer\\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"C:\\Program Files\\Common Files\\soft602\\langserv.exe"="C:\\Program Files\\Common Files\\soft602\\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\\Program Files\\DC++\\DCPlusPlus.exe"="C:\\Program Files\\DC++\\DCPlusPlus.exe:*:Enabled:DC++"
"C:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"="C:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\\Documents and Settings\\lenka\\Local Settings\\Data aplikac\\MediaGet2\\mediaget.exe"="C:\\Documents and Settings\\lenka\\Local Settings\\Data aplikac\\MediaGet2\\mediaget.exe:*:Enabled:MediaGet torrent client"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4662:TCP"="4662:TCP:*:Enabled:emule1"
"4672:TCP"="4672:TCP:*:Enabled:emule2"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu

#6 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [49152 2002-12-17] ()
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
MountPoints2: {85892c03-924e-11e2-bb00-002618d43576} - F:\NokiaPCIA_Autorun.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.

FF Extension: jid1-4P0kohSJxU1qGg - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi
FF Extension: torntv - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\torntv@torntv.com.xpi

S2 hpdj; C:\DOCUME~1\lenka\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 3500 series -product= [x]

C:\Documents and Settings\lenka\Local Settings\Temp\BundleSweetIMSetup.exe
C:\Documents and Settings\lenka\Local Settings\Temp\installhelper.dll
C:\Documents and Settings\lenka\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\lenka\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe
C:\Documents and Settings\lenka\Local Settings\Temp\mediaget-uninstaller.exe
C:\Documents and Settings\lenka\Local Settings\Temp\MybabylonTB.exe
C:\Documents and Settings\lenka\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\lenka\Local Settings\Temp\NOSEventMessages.dll
C:\Documents and Settings\lenka\Local Settings\Temp\propsys.dll
C:\Documents and Settings\lenka\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\lenka\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\lenka\Local Settings\Temp\SRAssetsHelper.dll
C:\Documents and Settings\lenka\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\lenka\Local Settings\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll

Task: C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{041B0788-0E13-468E-A67D-32205049EA38}.job => C:\WINDOWS\system32\msfeedssync.exe

AlternateDataStreams: C:\WINDOWS:2A805584367E9337
AlternateDataStreams: C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

Hosts:
CMD: shutdown /r /f /t 2
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
joj
Návštěvník
Návštěvník
Příspěvky: 151
Registrován: 10 říj 2013 13:01

Re: Prosím o kontrolu

#7 Příspěvek od joj »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by lenka at 2013-10-11 19:31:33 Run:1
Running from C:\Documents and Settings\lenka\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [49152 2002-12-17] ()
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
MountPoints2: {85892c03-924e-11e2-bb00-002618d43576} - F:\NokiaPCIA_Autorun.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.

FF Extension: jid1-4P0kohSJxU1qGg - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi
FF Extension: torntv - C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\torntv@torntv.com.xpi

S2 hpdj; C:\DOCUME~1\lenka\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 3500 series -product= [x]

C:\Documents and Settings\lenka\Local Settings\Temp\BundleSweetIMSetup.exe
C:\Documents and Settings\lenka\Local Settings\Temp\installhelper.dll
C:\Documents and Settings\lenka\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\lenka\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe
C:\Documents and Settings\lenka\Local Settings\Temp\mediaget-uninstaller.exe
C:\Documents and Settings\lenka\Local Settings\Temp\MybabylonTB.exe
C:\Documents and Settings\lenka\Local Settings\Temp\NEventMessages.dll
C:\Documents and Settings\lenka\Local Settings\Temp\NOSEventMessages.dll
C:\Documents and Settings\lenka\Local Settings\Temp\propsys.dll
C:\Documents and Settings\lenka\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\lenka\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\lenka\Local Settings\Temp\SRAssetsHelper.dll
C:\Documents and Settings\lenka\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\lenka\Local Settings\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll

Task: C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{041B0788-0E13-468E-A67D-32205049EA38}.job => C:\WINDOWS\system32\msfeedssync.exe

AlternateDataStreams: C:\WINDOWS:2A805584367E9337
AlternateDataStreams: C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

Hosts:
CMD: shutdown /r /f /t 2
End

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85892c03-924e-11e2-bb00-002618d43576} => Key deleted successfully.
HKCR\CLSID\{85892c03-924e-11e2-bb00-002618d43576} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi => Moved successfully.
C:\Documents and Settings\lenka\Data aplikací\Mozilla\Firefox\Profiles\2eoj0vf2.default\Extensions\torntv@torntv.com.xpi => Moved successfully.
hpdj => Service deleted successfully.
Could not move "C:\Documents and Settings\lenka\Local Settings\Temp\BundleSweetIMSetup.exe" => Scheduled to move on reboot.
C:\Documents and Settings\lenka\Local Settings\Temp\installhelper.dll => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\listicka-partner-16194-1.1.8-offline.exe => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\mediaget-uninstaller.exe => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\MybabylonTB.exe => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\NEventMessages.dll => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\NOSEventMessages.dll => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\propsys.dll => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\SkypeSetup.exe => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\SRAssetsHelper.dll => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\uninst1.exe => Moved successfully.
C:\Documents and Settings\lenka\Local Settings\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll => Moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{041B0788-0E13-468E-A67D-32205049EA38}.job => Moved successfully.
C:\WINDOWS => ":2A805584367E9337" ADS removed successfully.
C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv => ":SummaryInformation" ADS removed successfully.
C:\Documents and Settings\lenka\Plocha\Adele - Someone like you.flv.flv => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu

#8 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
joj
Návštěvník
Návštěvník
Příspěvky: 151
Registrován: 10 říj 2013 13:01

Re: Prosím o kontrolu

#9 Příspěvek od joj »

Díky. Díky. Díky.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu

#10 Příspěvek od vyosek »

Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“