VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=133972

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 10 lis 2013 18:27
od architektsk
Dobrý den
Prosím o kontrolu logu ....v poslednom čase mi PC ide strašne pomaličky...už som odinštaloval všetko čo podľa mňa nepotrebujem a vyčistil programom CC.
Som v tomto lamka takže ma už nič ine nenapada...
Rád by som vedel aj čo všetko môžem zrušiť čo nepotrebujem a PC spomaluje.....
Ďakujem predom



log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013
Ran by Administrator (administrator) on BRANO-PC on 10-11-2013 18:24:58
Running from C:\Documents and Settings\Administrator\My Documents\Preberanie
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(SafetyNut Inc.) C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
() C:\WINDOWS\system32\CmUCReye.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SafetyNut Inc.) C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc.) C:\Program Files\Movies Toolbar\SafetyNut\safetynut.exe
(Samsung Electronics Co., Ltd.) D:\Kies Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Samsung) D:\Kies Samsung\Kies\Kies.exe
(Samsung) D:\Kies Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Farbar) C:\Documents and Settings\Administrator\My Documents\Preberanie\FRST(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [CmUCRRun] - C:\WINDOWS\system32\CmUCREye.exe [241664 2005-10-12] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [] - [x]
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [JMB36X IDE Setup] - C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [36X Raid Configurer] - C:\WINDOWS\system32\xRaidSetup.exe [1970176 2007-11-19] (JMicron Technology Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - D:\Kies Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1707472 2013-11-08] (APN)
HKCU\...\Run: [KiesPreload] - D:\Kies Samsung\Kies\Kies.exe [1511792 2013-03-28] (Samsung)
HKCU\...\Run: [] - D:\Kies Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-03-28] (Samsung)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Policies\system: [HideLegacyLogonScripts] 0
HKCU\...\Policies\system: [HideLogoffScripts] 0
HKCU\...\Policies\system: [HideStartupScripts] 0
HKCU\...\Policies\system: [RunLogonScriptSync] 1
HKCU\...\Policies\system: [RunStartupScriptSync] 0
MountPoints2: {02f5efa8-3eb6-11dd-ae83-001bfc0d2a07} - I:\LaunchU3.exe -a
MountPoints2: {3b84ad4e-28b4-11de-af4a-001bfc0d2a07} - G:\LaunchU3.exe -a
MountPoints2: {a28f5cae-e393-11df-b0c5-001bfc0d2a07} - "G:\WD SmartWare.exe" autoplay=true
HKU\Guest\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\SAFETY~1\SAFETY~2.DLL [ 2013-09-25] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\safetynut\x64\safetycrt.dll
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll [485384 2013-09-25] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 1&tsp=4931
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A44A67E4A6DCE01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={10 ... 1BFC0D2A07}
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 1BFC0D2A07}
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 1BFC0D2A07}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 1&tsp=4931
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL =
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Pracovné programy\AUTOCAD\AcDcToday.ocx
DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file://C:\Pracovné programy\AUTOCAD\InstBanr.ocx
DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file://C:\Pracovné programy\AUTOCAD\InstFred.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Pracovné programy\AUTOCAD\AcPreview.ocx
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2EA6DDB2-4D8B-41BE-A285-4DB93B48B465}: [NameServer]217.118.96.203,217.118.96.226

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546
FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\user.js
FF SearchEngineOrder.1: Ask.com
FF Homepage: http://www.google.sk
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=105&systemid=473&v=a9397-146&apn_dtid=BND473&apn_ptnrs=AG1&apn_uid=5407427443104224&o=APN10640&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\searchplugins\Ask.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Movies Toolbar (Dist. by Somoto Ltd.) - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
FF Extension: toolbar_KMPV7 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\Extensions\toolbar_KMPV7@apn.ask.com.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR RestoreOnStartup: "sync":{"suppress_start"
CHR Extension: (SweetIM for Facebook) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0
CHR Extension: (SweetPacks Chrome Extension) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0
CHR Extension: (GoPhoto.it) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0
CHR HKLM\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files\TornTV.com\torn10.crx
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files\FTDownloader.com\FTDownloader10.crx
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx

========================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-11-08] (APN LLC.)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 MSFtpsvc; C:\Windows\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 SafetyNutManager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3419144 2013-09-25] (SafetyNut Inc.)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 ADIDTSFiltService; C:\Windows\System32\drivers\adidts.sys [139776 2006-12-08] (Analog Devices, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2007-10-18] ()
R3 CMISTOR; C:\Windows\System32\DRIVERS\cmiucr.SYS [72320 2005-10-04] (C-Media Corporation)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [93096 2009-07-18] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2007-10-18] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R1 MpKslecb973dc; C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E6DEA2FA-85A8-453E-AFE8-9D2F0E8CD9BE}\MpKslecb973dc.sys [40392 2013-11-10] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org)
S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [13120 2013-08-25] ()
R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [248832 2006-08-22] (Marvell)
S3 ALSysIO; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ALSysIO.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 mcdbus; system32\DRIVERS\mcdbus.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-10 17:58 - 2013-11-10 17:58 - 00001940 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175815.reg
2013-11-10 17:58 - 2013-11-10 17:58 - 00000556 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175829.reg
2013-11-10 17:57 - 2013-11-10 17:58 - 00174974 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175733.reg
2013-11-10 16:44 - 2013-11-10 16:44 - 00000000 ____D C:\FRST
2013-10-31 14:31 - 2013-11-03 11:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-31 06:50 - 2013-10-31 08:23 - 00000000 ____D C:\Documents and Settings\All Users\Documents\CrashDump
2013-10-30 17:37 - 2013-10-31 08:27 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-25 07:50 - 2013-10-25 07:50 - 00290784 _____ C:\Documents and Settings\Administrator\Desktop\strecha.dwg
2013-10-25 06:48 - 2013-11-10 18:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SafetyNut
2013-10-22 09:09 - 2013-10-22 09:09 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\searchresultstb
2013-10-17 16:24 - 2013-10-17 16:24 - 00000206 _____ C:\Documents and Settings\Administrator\My Documents\acad.err
2013-10-16 06:01 - 2013-10-16 06:02 - 01188383 _____ C:\WINDOWS\system32\USB2
2013-10-16 05:59 - 2013-10-16 06:20 - 01184357 _____ C:\WINDOWS\system32\USB
2013-10-16 02:12 - 2013-11-10 17:42 - 00000400 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-10-15 00:19 - 2013-11-10 15:42 - 01640360 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-10-13 21:31 - 2013-10-13 21:31 - 00116289 _____ C:\Documents and Settings\Administrator\My Documents\MFM%20Zadanie%20rosoft%20súpis%20a%20odpočet.xls_0.ods
2013-10-13 20:42 - 2013-10-13 20:42 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\ABBYY
2013-10-13 20:37 - 2013-11-10 17:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ABBYY
2013-10-13 20:37 - 2013-11-10 17:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY
2013-10-13 20:35 - 2013-10-13 20:35 - 00000000 ____D C:\Program Files\MSXML 6.0
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 01:38 - 2013-10-11 01:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 01:37 - 2013-10-11 01:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$

==================== One Month Modified Files and Folders =======

2013-11-10 18:24 - 2013-03-22 14:56 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Preberanie
2013-11-10 18:23 - 2013-10-25 06:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SafetyNut
2013-11-10 18:12 - 2012-12-14 19:10 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-10 18:12 - 2010-05-13 09:49 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 17:58 - 2013-11-10 17:58 - 00001940 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175815.reg
2013-11-10 17:58 - 2013-11-10 17:58 - 00000556 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175829.reg
2013-11-10 17:58 - 2013-11-10 17:57 - 00174974 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175733.reg
2013-11-10 17:56 - 2007-09-14 16:12 - 00000000 ____D C:\Documents and Settings\Administrator
2013-11-10 17:53 - 2007-09-14 16:06 - 01358751 ____N C:\WINDOWS\WindowsUpdate.log
2013-11-10 17:51 - 2008-09-03 10:23 - 00000000 ____D C:\Program Files\QuickTime
2013-11-10 17:51 - 2007-09-14 17:27 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2013-11-10 17:47 - 2013-09-20 02:55 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Rich Media Player
2013-11-10 17:44 - 2013-05-03 13:24 - 00003429 _____ C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2013-11-10 17:43 - 2013-05-03 13:27 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2013-11-10 17:43 - 2007-09-14 17:27 - 00000000 ____D C:\WINDOWS\twain_32
2013-11-10 17:42 - 2013-10-16 02:12 - 00000400 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-10 17:42 - 2010-12-08 14:09 - 00000174 ____N C:\WINDOWS\wiadebug.log
2013-11-10 17:40 - 2013-05-03 13:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP
2013-11-10 17:38 - 2013-09-26 09:21 - 00000000 ____D C:\Program Files\Minibar
2013-11-10 17:37 - 2013-10-13 20:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ABBYY
2013-11-10 17:37 - 2013-10-13 20:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY
2013-11-10 17:33 - 2010-12-08 14:09 - 00000052 ____N C:\WINDOWS\wiaservc.log
2013-11-10 17:33 - 2006-02-28 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-10 17:32 - 2012-07-19 21:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2698365$
2013-11-10 17:32 - 2010-05-13 09:49 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 17:32 - 2007-10-18 10:13 - 00179105 _____ C:\WINDOWS\system32\nvapps.xml
2013-11-10 17:32 - 2007-09-14 16:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-10 17:31 - 2007-09-14 16:12 - 00032602 ____N C:\WINDOWS\SchedLgU.Txt
2013-11-10 17:31 - 2007-09-14 16:12 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-11-10 17:12 - 2007-09-14 17:15 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-10 17:11 - 2013-05-03 13:26 - 00000000 ____D C:\Program Files\HP
2013-11-10 16:44 - 2013-11-10 16:44 - 00000000 ____D C:\FRST
2013-11-10 16:31 - 2008-01-11 15:49 - 00000000 ____D C:\WINDOWS\system32\Logfiles
2013-11-10 16:26 - 2007-12-13 10:04 - 00000000 ____D C:\Program Files\ElcomSoft
2013-11-10 16:19 - 2007-09-18 10:24 - 00000000 ____D C:\AUTOSAVE
2013-11-10 15:42 - 2013-10-15 00:19 - 01640360 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-11-06 21:19 - 2008-01-15 12:36 - 00143872 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-05 08:05 - 2013-01-11 11:39 - 00047320 _____ C:\Documents and Settings\Administrator\My Documents\plot.log
2013-11-04 21:19 - 2008-01-25 16:32 - 00101376 ___SH C:\Documents and Settings\Administrator\My Documents\Thumbs.db
2013-11-04 21:18 - 2013-05-03 13:49 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\My Scans
2013-11-03 11:06 - 2013-10-31 14:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-03 09:46 - 2012-04-25 13:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-31 08:27 - 2013-10-30 17:37 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-31 08:23 - 2013-10-31 06:50 - 00000000 ____D C:\Documents and Settings\All Users\Documents\CrashDump
2013-10-31 08:19 - 2013-05-29 21:43 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\SelfMV
2013-10-27 09:33 - 2007-09-14 17:37 - 00598420 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-25 07:50 - 2013-10-25 07:50 - 00290784 _____ C:\Documents and Settings\Administrator\Desktop\strecha.dwg
2013-10-25 06:49 - 2013-09-26 09:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Wincert
2013-10-22 09:09 - 2013-10-22 09:09 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\searchresultstb
2013-10-22 09:09 - 2013-09-26 09:20 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\somotomoviestoolbar1
2013-10-17 16:24 - 2013-10-17 16:24 - 00000206 _____ C:\Documents and Settings\Administrator\My Documents\acad.err
2013-10-16 06:20 - 2013-10-16 05:59 - 01184357 _____ C:\WINDOWS\system32\USB
2013-10-16 06:02 - 2013-10-16 06:01 - 01188383 _____ C:\WINDOWS\system32\USB2
2013-10-16 02:02 - 2012-05-02 14:51 - 00001698 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
2013-10-16 02:02 - 2011-01-31 12:30 - 00001917 ____C C:\WINDOWS\epplauncher.mif
2013-10-16 02:01 - 2011-01-31 12:28 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-14 02:52 - 2008-09-03 14:41 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-13 21:31 - 2013-10-13 21:31 - 00116289 _____ C:\Documents and Settings\Administrator\My Documents\MFM%20Zadanie%20rosoft%20súpis%20a%20odpočet.xls_0.ods
2013-10-13 20:43 - 2007-09-21 11:51 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2013-10-13 20:42 - 2013-10-13 20:42 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\ABBYY
2013-10-13 20:35 - 2013-10-13 20:35 - 00000000 ____D C:\Program Files\MSXML 6.0
2013-10-13 20:28 - 2013-02-17 17:03 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2013-10-11 06:16 - 2011-05-04 19:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 06:16 - 2007-09-14 17:36 - 00273376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 01:43 - 2013-08-07 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 01:39 - 2011-05-04 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-11 01:39 - 2007-10-18 10:59 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-11 01:38 - 2013-10-11 01:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 01:37 - 2013-10-11 01:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$

Files to move or delete:
====================
C:\Documents and Settings\Administrator\psbB91.dll
C:\Documents and Settings\Administrator\ptsA52.dll


Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\appshat-distribution.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\bi_cleaner.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\MoviesToolbarSetup_Somoto.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\oi_{E1D68687-F96A-4AE7-9EDB-2E59C2DE99E4}.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\PIPInstaller_PTV_.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\UNINSTALL.EXE
C:\Documents and Settings\Administrator\Local Settings\Temp\UpdateCheckerSetup.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\_TinDel.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-e2573639.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Re: Prosím o kontrolu logu

Napsal: 10 lis 2013 19:00
od vyosek
Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: Prosím o kontrolu logu

Napsal: 10 lis 2013 19:19
od architektsk
Dobrý den
Tak som spravil bod č.1
tu je log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on ne 10.11.2013 at 19:02:44,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] APNMCP
Successfully deleted: [Service] APNMCP



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1844237615-1364589140-682003330-500\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1844237615-1364589140-682003330-500\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ftdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2f603a45-d956-496b-81b5-50d782424976}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b85c4cb2-b352-4bd8-818c-bce353599107}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551174}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\apn"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\tarma installer"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\wincert"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\babsolution"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\opencandy"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\searchresultstb"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files\minibar"
Failed to delete: [Folder] "C:\Program Files\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files\askpartnernetwork"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\ask.xml"
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\sj8d9zta.default-1361980096546\user.js
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\sj8d9zta.default-1361980096546\invalidprefs.js
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\sj8d9zta.default-1361980096546\searchplugins\ask.xml
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\sj8d9zta.default-1361980096546\searchplugins\babylon.xml
Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\sj8d9zta.default-1361980096546\searchplugins\delta.xml
Successfully deleted the following from C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\sj8d9zta.default-1361980096546\prefs.js

user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "801150ad000000000000001bfc0d434c");
user_pref("extensions.delta.instlDay", "15888");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.523:11:54");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=119781&tsp=4931");
user_pref("extensions.delta_i.srcExt", "ss");
user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=105&systemid=473&v=a9397-146&apn_dtid=BND473&apn_ptnrs=AG1&apn_uid=5407427443104224&o=APN10640&q=")





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 10.11.2013 at 19:06:47,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Prosím o kontrolu logu

Napsal: 10 lis 2013 19:19
od architektsk
bod číslo 2
tu je log:

# AdwCleaner v3.011 - Report created 10/11/2013 at 19:13:19
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - BRANO-PC
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : SafetyNutManager

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SafetyNut
Folder Deleted : C:\Program Files\Gophoto.it
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Bundled software uninstaller
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\PutLockerDownloader
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\somotomoviestoolbar1
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\somotomoviestoolbar1
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
File Deleted : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Ask.xml
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\searchplugins\BrowserDefender.xml
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard.1
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\dtUser.exe]
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\somotomoviestoolbar1
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\docume~1\alluse~1\applic~1\wincert\win32c~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0 (sk)

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

*************************

AdwCleaner[R0].txt - [6576 octets] - [10/11/2013 19:09:09]
AdwCleaner[S0].txt - [6269 octets] - [10/11/2013 19:13:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6329 octets] ##########

Re: Prosím o kontrolu logu

Napsal: 10 lis 2013 22:52
od vyosek
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: Prosím o kontrolu logu

Napsal: 10 lis 2013 23:25
od architektsk
Dobrý večer
Ospravedlňujem sa ...ten Launcher som si prvý krát nevšimol...hádam je to teraz vporiadku
Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Administrator (administrator) on BRANO-PC on 10-11-2013 23:22:02
Running from C:\Documents and Settings\Administrator\Desktop
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\WINDOWS\system32\CmUCReye.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Samsung Electronics Co., Ltd.) D:\Kies Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Samsung) D:\Kies Samsung\Kies\Kies.exe
(Samsung) D:\Kies Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\Administrator\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [CmUCRRun] - C:\WINDOWS\system32\CmUCREye.exe [241664 2005-10-12] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [] - [x]
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [JMB36X IDE Setup] - C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [36X Raid Configurer] - C:\WINDOWS\system32\xRaidSetup.exe [1970176 2007-11-19] (JMicron Technology Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - D:\Kies Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKCU\...\Run: [KiesPreload] - D:\Kies Samsung\Kies\Kies.exe [1511792 2013-03-28] (Samsung)
HKCU\...\Run: [] - D:\Kies Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-03-28] (Samsung)
HKCU\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKCU\...\Policies\system: [HideLegacyLogonScripts] 0
HKCU\...\Policies\system: [HideLogoffScripts] 0
HKCU\...\Policies\system: [HideStartupScripts] 0
HKCU\...\Policies\system: [RunLogonScriptSync] 1
HKCU\...\Policies\system: [RunStartupScriptSync] 0
MountPoints2: {02f5efa8-3eb6-11dd-ae83-001bfc0d2a07} - I:\LaunchU3.exe -a
MountPoints2: {3b84ad4e-28b4-11de-af4a-001bfc0d2a07} - G:\LaunchU3.exe -a
MountPoints2: {a28f5cae-e393-11df-b0c5-001bfc0d2a07} - "G:\WD SmartWare.exe" autoplay=true
HKU\Guest\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
AppInit_DLLs: c:\progra~1\movies~1\safety~1\safety~2.dll [ 2008-04-14] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A44A67E4A6DCE01
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Pracovné programy\AUTOCAD\AcDcToday.ocx
DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file://C:\Pracovné programy\AUTOCAD\InstBanr.ocx
DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file://C:\Pracovné programy\AUTOCAD\InstFred.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Pracovné programy\AUTOCAD\AcPreview.ocx
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2EA6DDB2-4D8B-41BE-A285-4DB93B48B465}: [NameServer]217.118.96.203,217.118.96.226

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: toolbar_KMPV7 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\Extensions\toolbar_KMPV7@apn.ask.com.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======

========================== Services (Whitelisted) =================

R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 MSFtpsvc; C:\Windows\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 ADIDTSFiltService; C:\Windows\System32\drivers\adidts.sys [139776 2006-12-08] (Analog Devices, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2007-10-18] ()
R3 CMISTOR; C:\Windows\System32\DRIVERS\cmiucr.SYS [72320 2005-10-04] (C-Media Corporation)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [93096 2009-07-18] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2007-10-18] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R1 MpKsl62e9e357; C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E4492130-337A-4D97-A873-C1BB6749F667}\MpKsl62e9e357.sys [40392 2013-11-10] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org)
S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [13120 2013-08-25] ()
R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [248832 2006-08-22] (Marvell)
S3 ALSysIO; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ALSysIO.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 mcdbus; system32\DRIVERS\mcdbus.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-10 23:21 - 2013-11-10 23:21 - 01090275 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2013-11-10 23:18 - 2013-11-10 23:18 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Desktop\FRSTLauncher.exe
2013-11-10 19:08 - 2013-11-10 19:13 - 00000000 ____D C:\AdwCleaner
2013-11-10 19:08 - 2013-11-10 19:08 - 01073262 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
2013-11-10 19:07 - 2013-11-10 19:07 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT1.txt
2013-11-10 19:06 - 2013-11-10 19:06 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT.txt
2013-11-10 19:02 - 2013-11-10 19:02 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-10 19:01 - 2013-11-10 19:01 - 01034531 _____ (Thisisu) C:\Documents and Settings\Administrator\Desktop\JRT.exe
2013-11-10 17:58 - 2013-11-10 17:58 - 00001940 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175815.reg
2013-11-10 17:58 - 2013-11-10 17:58 - 00000556 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175829.reg
2013-11-10 17:57 - 2013-11-10 17:58 - 00174974 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175733.reg
2013-11-10 16:44 - 2013-11-10 16:44 - 00000000 ____D C:\FRST
2013-10-31 14:31 - 2013-11-03 11:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-31 06:50 - 2013-10-31 08:23 - 00000000 ____D C:\Documents and Settings\All Users\Documents\CrashDump
2013-10-30 17:37 - 2013-10-31 08:27 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-25 07:50 - 2013-10-25 07:50 - 00290784 _____ C:\Documents and Settings\Administrator\Desktop\strecha.dwg
2013-10-17 16:24 - 2013-10-17 16:24 - 00000206 _____ C:\Documents and Settings\Administrator\My Documents\acad.err
2013-10-16 06:01 - 2013-10-16 06:02 - 01188383 _____ C:\WINDOWS\system32\USB2
2013-10-16 05:59 - 2013-10-16 06:20 - 01184357 _____ C:\WINDOWS\system32\USB
2013-10-16 02:12 - 2013-11-10 22:39 - 00000400 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-10-15 00:19 - 2013-11-10 15:42 - 01640360 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-10-13 21:31 - 2013-10-13 21:31 - 00116289 _____ C:\Documents and Settings\Administrator\My Documents\MFM%20Zadanie%20rosoft%20súpis%20a%20odpočet.xls_0.ods
2013-10-13 20:42 - 2013-10-13 20:42 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\ABBYY
2013-10-13 20:37 - 2013-11-10 17:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ABBYY
2013-10-13 20:37 - 2013-11-10 17:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY
2013-10-13 20:35 - 2013-10-13 20:35 - 00000000 ____D C:\Program Files\MSXML 6.0
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 01:38 - 2013-10-11 01:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 01:37 - 2013-10-11 01:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$

==================== One Month Modified Files and Folders =======

2013-11-10 23:21 - 2013-11-10 23:21 - 01090275 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2013-11-10 23:21 - 2013-03-22 14:56 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Preberanie
2013-11-10 23:18 - 2013-11-10 23:18 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Desktop\FRSTLauncher.exe
2013-11-10 23:12 - 2012-12-14 19:10 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-10 23:12 - 2010-05-13 09:49 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 22:48 - 2007-09-14 16:06 - 01384418 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-10 22:42 - 2007-09-14 17:27 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2013-11-10 22:39 - 2013-10-16 02:12 - 00000400 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-10 19:16 - 2010-12-08 14:09 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-10 19:16 - 2010-12-08 14:09 - 00000052 _____ C:\WINDOWS\wiaservc.log
2013-11-10 19:16 - 2010-05-13 09:49 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 19:16 - 2007-10-18 10:13 - 00179105 _____ C:\WINDOWS\system32\nvapps.xml
2013-11-10 19:16 - 2006-02-28 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-10 19:15 - 2007-09-14 16:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-10 19:14 - 2007-09-14 16:12 - 00032602 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-10 19:14 - 2007-09-14 16:12 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-11-10 19:13 - 2013-11-10 19:08 - 00000000 ____D C:\AdwCleaner
2013-11-10 19:08 - 2013-11-10 19:08 - 01073262 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
2013-11-10 19:07 - 2013-11-10 19:07 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT1.txt
2013-11-10 19:06 - 2013-11-10 19:06 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT.txt
2013-11-10 19:02 - 2013-11-10 19:02 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-10 19:01 - 2013-11-10 19:01 - 01034531 _____ (Thisisu) C:\Documents and Settings\Administrator\Desktop\JRT.exe
2013-11-10 17:58 - 2013-11-10 17:58 - 00001940 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175815.reg
2013-11-10 17:58 - 2013-11-10 17:58 - 00000556 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175829.reg
2013-11-10 17:58 - 2013-11-10 17:57 - 00174974 _____ C:\Documents and Settings\Administrator\My Documents\cc_20131110_175733.reg
2013-11-10 17:56 - 2007-09-14 16:12 - 00000000 ____D C:\Documents and Settings\Administrator
2013-11-10 17:51 - 2008-09-03 10:23 - 00000000 ____D C:\Program Files\QuickTime
2013-11-10 17:47 - 2013-09-20 02:55 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Rich Media Player
2013-11-10 17:44 - 2013-05-03 13:24 - 00003429 _____ C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2013-11-10 17:43 - 2013-05-03 13:27 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2013-11-10 17:43 - 2007-09-14 17:27 - 00000000 ____D C:\WINDOWS\twain_32
2013-11-10 17:40 - 2013-05-03 13:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP
2013-11-10 17:37 - 2013-10-13 20:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ABBYY
2013-11-10 17:37 - 2013-10-13 20:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY
2013-11-10 17:32 - 2012-07-19 21:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2698365$
2013-11-10 17:12 - 2007-09-14 17:15 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-10 17:11 - 2013-05-03 13:26 - 00000000 ____D C:\Program Files\HP
2013-11-10 16:44 - 2013-11-10 16:44 - 00000000 ____D C:\FRST
2013-11-10 16:31 - 2008-01-11 15:49 - 00000000 ____D C:\WINDOWS\system32\Logfiles
2013-11-10 16:26 - 2007-12-13 10:04 - 00000000 ____D C:\Program Files\ElcomSoft
2013-11-10 16:19 - 2007-09-18 10:24 - 00000000 ____D C:\AUTOSAVE
2013-11-10 15:42 - 2013-10-15 00:19 - 01640360 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-11-06 21:19 - 2008-01-15 12:36 - 00143872 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-05 08:05 - 2013-01-11 11:39 - 00047320 _____ C:\Documents and Settings\Administrator\My Documents\plot.log
2013-11-04 21:19 - 2008-01-25 16:32 - 00101376 ___SH C:\Documents and Settings\Administrator\My Documents\Thumbs.db
2013-11-04 21:18 - 2013-05-03 13:49 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\My Scans
2013-11-03 11:06 - 2013-10-31 14:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-03 09:46 - 2012-04-25 13:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-31 08:27 - 2013-10-30 17:37 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-31 08:23 - 2013-10-31 06:50 - 00000000 ____D C:\Documents and Settings\All Users\Documents\CrashDump
2013-10-31 08:19 - 2013-05-29 21:43 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\SelfMV
2013-10-27 09:33 - 2007-09-14 17:37 - 00598420 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-25 07:50 - 2013-10-25 07:50 - 00290784 _____ C:\Documents and Settings\Administrator\Desktop\strecha.dwg
2013-10-17 16:24 - 2013-10-17 16:24 - 00000206 _____ C:\Documents and Settings\Administrator\My Documents\acad.err
2013-10-16 06:20 - 2013-10-16 05:59 - 01184357 _____ C:\WINDOWS\system32\USB
2013-10-16 06:02 - 2013-10-16 06:01 - 01188383 _____ C:\WINDOWS\system32\USB2
2013-10-16 02:02 - 2012-05-02 14:51 - 00001698 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
2013-10-16 02:02 - 2011-01-31 12:30 - 00001917 ____C C:\WINDOWS\epplauncher.mif
2013-10-16 02:01 - 2011-01-31 12:28 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-14 02:52 - 2008-09-03 14:41 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-13 21:31 - 2013-10-13 21:31 - 00116289 _____ C:\Documents and Settings\Administrator\My Documents\MFM%20Zadanie%20rosoft%20súpis%20a%20odpočet.xls_0.ods
2013-10-13 20:43 - 2007-09-21 11:51 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2013-10-13 20:42 - 2013-10-13 20:42 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\ABBYY
2013-10-13 20:35 - 2013-10-13 20:35 - 00000000 ____D C:\Program Files\MSXML 6.0
2013-10-13 20:28 - 2013-02-17 17:03 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2013-10-11 06:16 - 2011-05-04 19:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 06:16 - 2007-09-14 17:36 - 00273376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 01:43 - 2013-10-11 01:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 01:43 - 2013-08-07 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 01:39 - 2011-05-04 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-11 01:39 - 2007-10-18 10:59 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-11 01:38 - 2013-10-11 01:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 01:37 - 2013-10-11 01:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 01:36 - 2013-10-11 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$

Files to move or delete:
====================
C:\Documents and Settings\Administrator\psbB91.dll
C:\Documents and Settings\Administrator\ptsA52.dll


Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\appshat-distribution.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\bi_cleaner.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\MoviesToolbarSetup_Somoto.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\oi_{E1D68687-F96A-4AE7-9EDB-2E59C2DE99E4}.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\PIPInstaller_PTV_.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\UpdateCheckerSetup.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-e2573639.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:74.52 GB) (Free:14.9 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:802.03 GB) NTFS
Drive g: (Disc) (CDROM) (Total:0.42 GB) (Free:0 GB) CDFS
Drive i: (Záloha) (Fixed) (Total:931.51 GB) (Free:391.5 GB) NTFS

Available physical RAM: 1227.18 MB
Total physical RAM: 2047.11 MB
Percentage of memory in use: 40%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: E592E592)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
Disk: 1 (Size: 932 GB) (Disk ID: 1DC01DC0)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
Disk: 4 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 764822BA)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

==================== Security Center ==================

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials (Disabled - Up to date) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Administrator\Desktop" je 78 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk
C:\windows\INSTAL~1\{AC76B~2\_SC_AC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk
C:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\DrivingSpeed2\\DrivingSpeed.exe"="C:\\Program Files\\DrivingSpeed2\\DrivingSpeed.exe:*:Disabled:Driving Speed Application"
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe:*:Enabled:Google Earth"
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"="C:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"="C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe:*:Enabled:Google Earth"
"C:\\WINDOWS\\system32\\msiexec.exe"="C:\\WINDOWS\\system32\\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\\Program Files\\Xfire\\Xfire.exe"="C:\\Program Files\\Xfire\\Xfire.exe:*:Enabled:Xfire"
"C:\\Valve\\Condition Zero\\hltv.exe"="C:\\Valve\\Condition Zero\\hltv.exe:*:Enabled:HLTV Launcher"
"C:\\Games\\World_of_Tanks\\WorldOfTanks.exe"="C:\\Games\\World_of_Tanks\\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Games\\World_of_Tanks\\WOTLauncher.exe"="C:\\Games\\World_of_Tanks\\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"C:\\totalcmd\\TOTALCMD.EXE"="C:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"="C:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe:*:Enabled:PanProcess"
"C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"="C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009"
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"26675:TCP"="26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"26675:TCP"="26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o kontrolu logu

Napsal: 11 lis 2013 09:00
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - D:\Kies Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKCU\...\Run: [KiesPreload] - D:\Kies Samsung\Kies\Kies.exe [1511792 2013-03-28] (Samsung)
HKCU\...\Run: [] - D:\Kies Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-03-28] (Samsung)
HKCU\...\Policies\system: [HideLegacyLogonScripts] 0
HKCU\...\Policies\system: [HideLogoffScripts] 0
HKCU\...\Policies\system: [HideStartupScripts] 0
HKCU\...\Policies\system: [RunLogonScriptSync] 1
HKCU\...\Policies\system: [RunStartupScriptSync] 0
MountPoints2: {02f5efa8-3eb6-11dd-ae83-001bfc0d2a07} - I:\LaunchU3.exe -a
MountPoints2: {3b84ad4e-28b4-11de-af4a-001bfc0d2a07} - G:\LaunchU3.exe -a
MountPoints2: {a28f5cae-e393-11df-b0c5-001bfc0d2a07} - "G:\WD SmartWare.exe" autoplay=true
HKU\Guest\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
AppInit_DLLs: c:\progra~1\movies~1\safety~1\safety~2.dll [ 2008-04-14] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A44A67E4A6DCE01
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: toolbar_KMPV7 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\Extensions\toolbar_KMPV7@apn.ask.com.xpi

2013-11-10 23:18 - 2013-11-10 23:18 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Desktop\FRSTLauncher.exe
2013-11-10 19:08 - 2013-11-10 19:13 - 00000000 ____D C:\AdwCleaner
2013-11-10 19:08 - 2013-11-10 19:08 - 01073262 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
2013-11-10 19:07 - 2013-11-10 19:07 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT1.txt
2013-11-10 19:06 - 2013-11-10 19:06 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT.txt
2013-11-10 19:01 - 2013-11-10 19:01 - 01034531 _____ (Thisisu) C:\Documents and Settings\Administrator\Desktop\JRT.exe
C:\Documents and Settings\Administrator\psbB91.dll
C:\Documents and Settings\Administrator\ptsA52.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\appshat-distribution.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\bi_cleaner.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\MoviesToolbarSetup_Somoto.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\oi_{E1D68687-F96A-4AE7-9EDB-2E59C2DE99E4}.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\PIPInstaller_PTV_.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\UpdateCheckerSetup.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-e2573639.exe

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk" /f

Hosts:

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Prosím o kontrolu logu

Napsal: 11 lis 2013 10:17
od architektsk
Dobrý den
všetko som spravil ale niesom si istý či ten log som po reštarte nemal spraviť znovu a tem sem dať...toto je log čo sa vytvoril po oprave ešte pred reštartom...

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2013 01
Ran by Administrator at 2013-11-11 10:09:51 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - D:\Kies Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKCU\...\Run: [KiesPreload] - D:\Kies Samsung\Kies\Kies.exe [1511792 2013-03-28] (Samsung)
HKCU\...\Run: [] - D:\Kies Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-03-28] (Samsung)
HKCU\...\Policies\system: [HideLegacyLogonScripts] 0
HKCU\...\Policies\system: [HideLogoffScripts] 0
HKCU\...\Policies\system: [HideStartupScripts] 0
HKCU\...\Policies\system: [RunLogonScriptSync] 1
HKCU\...\Policies\system: [RunStartupScriptSync] 0
MountPoints2: {02f5efa8-3eb6-11dd-ae83-001bfc0d2a07} - I:\LaunchU3.exe -a
MountPoints2: {3b84ad4e-28b4-11de-af4a-001bfc0d2a07} - G:\LaunchU3.exe -a
MountPoints2: {a28f5cae-e393-11df-b0c5-001bfc0d2a07} - "G:\WD SmartWare.exe" autoplay=true
HKU\Guest\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
AppInit_DLLs: c:\progra~1\movies~1\safety~1\safety~2.dll [ 2008-04-14] ()
IMEO\bitguard.exe: [Debugger] tasklist.exe
IMEO\bprotect.exe: [Debugger] tasklist.exe
IMEO\browserdefender.exe: [Debugger] tasklist.exe
IMEO\browserprotect.exe: [Debugger] tasklist.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A44A67E4A6DCE01
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: toolbar_KMPV7 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\Extensions\toolbar_KMPV7@apn.ask.com.xpi

2013-11-10 23:18 - 2013-11-10 23:18 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Desktop\FRSTLauncher.exe
2013-11-10 19:08 - 2013-11-10 19:13 - 00000000 ____D C:\AdwCleaner
2013-11-10 19:08 - 2013-11-10 19:08 - 01073262 _____ C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
2013-11-10 19:07 - 2013-11-10 19:07 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT1.txt
2013-11-10 19:06 - 2013-11-10 19:06 - 00010285 _____ C:\Documents and Settings\Administrator\Desktop\JRT.txt
2013-11-10 19:01 - 2013-11-10 19:01 - 01034531 _____ (Thisisu) C:\Documents and Settings\Administrator\Desktop\JRT.exe
C:\Documents and Settings\Administrator\psbB91.dll
C:\Documents and Settings\Administrator\ptsA52.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\appshat-distribution.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\bi_cleaner.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\MoviesToolbarSetup_Somoto.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\oi_{E1D68687-F96A-4AE7-9EDB-2E59C2DE99E4}.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\PIPInstaller_PTV_.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\UpdateCheckerSetup.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-e2573639.exe

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk" /f

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HideLegacyLogonScripts => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HideLogoffScripts => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HideStartupScripts => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\RunLogonScriptSync => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\RunStartupScriptSync => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02f5efa8-3eb6-11dd-ae83-001bfc0d2a07} => Key deleted successfully.
HKCR\CLSID\{02f5efa8-3eb6-11dd-ae83-001bfc0d2a07} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b84ad4e-28b4-11de-af4a-001bfc0d2a07} => Key deleted successfully.
HKCR\CLSID\{3b84ad4e-28b4-11de-af4a-001bfc0d2a07} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a28f5cae-e393-11df-b0c5-001bfc0d2a07} => Key deleted successfully.
HKCR\CLSID\{a28f5cae-e393-11df-b0c5-001bfc0d2a07} => Key not found.
HKU\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKCR\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer => Key deleted successfully.
C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll not found.
C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml => Moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\sj8d9zta.default-1361980096546\Extensions\toolbar_KMPV7@apn.ask.com.xpi => Moved successfully.
C:\Documents and Settings\Administrator\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe => Moved successfully.
"C:\Documents and Settings\Administrator\Desktop\JRT1.txt" => File/Directory not found.
"C:\Documents and Settings\Administrator\Desktop\JRT.txt" => File/Directory not found.
C:\Documents and Settings\Administrator\Desktop\JRT.exe => Moved successfully.
C:\Documents and Settings\Administrator\psbB91.dll => Moved successfully.
C:\Documents and Settings\Administrator\ptsA52.dll => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\appshat-distribution.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\bi_cleaner.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzmsi01.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\hpzscr01.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\MoviesToolbarSetup_Somoto.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\oi_{E1D68687-F96A-4AE7-9EDB-2E59C2DE99E4}.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\PIPInstaller_PTV_.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\UpdateCheckerSetup.exe => Moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-e2573639.exe => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => Moved successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":D1B5B4F1" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f =========


Operácie skončila úspešne.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk" /f =========


Operácie skončila úspešne.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk" /f =========


Operácie skončila úspešne.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Re: Prosím o kontrolu logu

Napsal: 11 lis 2013 10:19
od vyosek
Je to v poradku :thumbsup:

Jak se chova PC :???:

Re: Prosím o kontrolu logu

Napsal: 11 lis 2013 10:26
od architektsk
Dobrý den
No už včera to bolo oveľa svižnejšie a štartuje to oveľa rýchlejšie ...mám z toho dobrý pocit...dosť mi blbol aj ventilátor (neviem či na procáku alebo ten velký čo mám na boku krabice) a bol hlučný a teraz ide potichu (ale to asi bude len náhoda či nie? )
ešte jedna otázka....mal som tam nejakú háveď?? dávam si pozor ale človek nikdy nevie...
Dobrá práca...veľmi pekne ďakujem...
ps: za každú prácu treba aj plácu takže posielam príspevok na chod fora cez internet banking

Re: Prosím o kontrolu logu

Napsal: 11 lis 2013 10:32
od vyosek
:arrow: Bylo tam hodne reklaminiho nezadouciho SW, chce to cist co se instaluje jako doprovod - vice zde http://www.viry.cz/pozor-na-to-co-vsech ... -pocitace/

:arrow: Take tam bylo dost zbytecnosti spoustenych po startu, ty jsme omezili, takze nam PC nyni nabiha rychleji. Ja razim strategii, ze po startu se ma spustit akorat antivir a pripadne mailovy klient. Vse dalsi HNED nepotrebuju a spoustim si podle potreby...

:arrow: Ten ventilator mohl mit souvislt s bezicimi zbytecnostmi a reklamnim SW - musel se tim zabyvat = zpracovavat = zahrival se.


Nemate zac, rad jsem pomohl :worship: Dekuji za skvelou spolupraci :fr:

Za podporu fora jmenem celeho tymu dekuji :thumbsup: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz