Prosím o kontrolu logu
Napsal: 13 lis 2013 19:18
Prosím o kontrolu logu.
Nevím si rady.
Nevím si rady.
Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . ESafe není zrovna důvěryhodný antivir.
NApsalo to toto.Rudy píše:Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . ESafe není zrovna důvěryhodný antivir.
dodohuhu píše:NApsalo to toto.Rudy píše:Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . ESafe není zrovna důvěryhodný antivir.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2013
Ran by Uživatel (administrator) on U-ED0AF5758D5B4 on 13-11-2013 20:06:44
Running from C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\JLP0HJ8D
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\JLP0HJ8D\FRST[1].exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20065896 2012-04-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [mwavscan_autoscan] - C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com [2329160 2009-11-06] (MicroWorld Technologies Inc.) <===== ATTENTION
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-07-22] (Google Inc.)
HKCU\...\Run: [Adobe Reader Synchronizer] - C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1264360 2012-12-18] (Adobe Systems Incorporated)
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {23b21aa6-cf6e-4ded-85aa-76ebb36e384c} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKCU - {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKCU - {76859dfd-b169-4f33-b4cf-9c0f4958995b} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bb0a7ad-06d1-4065-8fd9-8e3e9944e0a9} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... .5.1.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @ei.FestiveBar_3g.com/Plugin - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
FF Plugin: @ei.GamingWonderland.com/Plugin - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
FF Plugin: @ei.Zwinky_5q.com/Plugin - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\staged
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\yasearch@yandex.ru
FF Extension: ftdownloader4 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ftdownloader4@ftdownloader.com.xpi
FF Extension: gophoto - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\gophoto@gophoto.it.xpi
FF Extension: trtv3 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\trtv3@trtv.com.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
Chrome:
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Unity Player) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll No File
CHR Plugin: (FestiveBar Installer Plugin Stub) - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
CHR Plugin: (GamingWonderland Installer Plugin Stub) - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Media Go Detector) - C:\Program Files\Sony\Media Go\npmediago.dll No File
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll No File
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (FTdownloader V4.0) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok\4.0_0
CHR Extension: (DefaultTab) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0
CHR Extension: (Google Wallet Service) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (GoPhoto.it) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.6_0
CHR HKLM\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files\FTDownloader.com\FTDownloader10.crx
CHR HKLM\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files\TornTV.com\torntv10.crx
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
========================== Services (Whitelisted) =================
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2013-01-18] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
==================== Drivers (Whitelisted) ====================
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 ATIAVAIW; C:\Windows\System32\DRIVERS\atinavt2.sys [170496 2009-02-04] (ATI Technologies Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-06] (DT Soft Ltd)
S3 FANTOM; C:\Windows\System32\DRIVERS\fantom.sys [39424 2007-11-09] (National Instruments Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2009-08-26] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S4 IntelIde; No ImagePath
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 18:46 - 2013-11-13 18:46 - 00952306 _____ C:\Documents and Settings\Uživatel\Plocha\log celek.rar
2013-11-13 18:45 - 2013-11-13 18:45 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log.ddd.rar
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:20 - 2013-11-13 18:20 - 19742279 _____ C:\Documents and Settings\Uživatel\Plocha\MWAV.LOG
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:41 - 2013-11-13 07:53 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\REGEDIT.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\R.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TASKMGR.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\T.COM
2013-11-13 07:41 - 2005-09-22 23:22 - 00000522 _____ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-13 00:11 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-13 07:33 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-10 19:33 - 2013-11-11 10:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:32 - 2013-11-11 10:56 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:05 - 2013-11-09 18:12 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:05 - 2013-11-09 18:07 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 17:54 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 17:54 - 2013-11-09 18:03 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-11-01 18:29 - 2013-11-13 18:46 - 19742509 _____ C:\Documents and Settings\Uživatel\Plocha\vir.txt
2013-10-30 23:12 - 2013-11-09 17:09 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-10-30 22:53 - 2013-11-09 17:09 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 18:39 - 2013-10-30 19:01 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:11 - 2013-11-09 17:12 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-27 19:11 - 2013-10-27 19:12 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:10 - 2013-10-27 19:11 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:06 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2013-10-27 19:02 - 2013-10-27 19:03 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-17 17:37 - 2013-11-13 07:41 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
==================== One Month Modified Files and Folders =======
2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 20:04 - 2012-07-12 13:29 - 00008192 ___SH C:\WINDOWS\Thumbs.db
2013-11-13 19:47 - 2012-07-22 12:12 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003UA.job
2013-11-13 19:45 - 2012-01-05 15:32 - 01922684 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-13 19:10 - 2012-10-07 10:40 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 19:09 - 2013-06-07 17:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-13 18:46 - 2013-11-13 18:46 - 00952306 _____ C:\Documents and Settings\Uživatel\Plocha\log celek.rar
2013-11-13 18:46 - 2013-11-01 18:29 - 19742509 _____ C:\Documents and Settings\Uživatel\Plocha\vir.txt
2013-11-13 18:46 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha
2013-11-13 18:45 - 2013-11-13 18:45 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log.ddd.rar
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:20 - 2013-11-13 18:20 - 19742279 _____ C:\Documents and Settings\Uživatel\Plocha\MWAV.LOG
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 13:12 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Oblíbené položky
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:53 - 2013-11-13 07:41 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2013-10-17 17:37 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-13 07:41 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-13 07:36 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty
2013-11-13 07:35 - 2012-01-05 16:24 - 01022040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 07:33 - 2013-11-12 20:48 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-13 07:33 - 2012-01-05 15:36 - 00000000 __RHD C:\Documents and Settings\Uživatel\Data aplikací
2013-11-13 07:32 - 2004-08-18 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-13 07:31 - 2012-10-07 10:40 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 07:31 - 2012-01-05 16:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-13 07:31 - 2012-01-05 16:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-13 07:31 - 2012-01-05 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-13 00:27 - 2012-01-05 15:58 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-11-13 00:27 - 2012-01-05 15:36 - 00000178 ___SH C:\Documents and Settings\Uživatel\ntuser.ini
2013-11-13 00:27 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel
2013-11-13 00:27 - 2012-01-05 15:35 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-13 00:11 - 2013-11-12 21:01 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-13 00:11 - 2012-07-12 09:52 - 00435806 _____ C:\WINDOWS\setupapi.log
2013-11-13 00:11 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2013-11-12 21:49 - 2012-01-06 17:46 - 00000000 ____D C:\bat2
2013-11-12 21:14 - 2012-01-05 15:36 - 00001599 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:09 - 2012-01-05 15:33 - 00001599 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-12 20:47 - 2012-07-22 12:12 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003Core.job
2013-11-11 17:00 - 2013-06-27 21:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Sony Mobile
2013-11-11 17:00 - 2013-06-27 21:35 - 00000000 ____D C:\Program Files\Sony Mobile
2013-11-11 16:59 - 2013-01-07 17:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2013-11-11 16:59 - 2013-01-07 17:06 - 00000000 ____D C:\Program Files\Sony Ericsson
2013-11-11 16:57 - 2012-02-07 17:25 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-11-11 16:56 - 2012-03-05 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
2013-11-11 16:56 - 2012-02-07 17:23 - 00000000 ____D C:\Program Files\Sony
2013-11-11 10:59 - 2012-05-14 16:55 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity
2013-11-11 10:56 - 2013-11-10 19:32 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-11 10:54 - 2013-11-10 19:33 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:53 - 2012-07-24 18:47 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\BitTorrent
2013-11-10 19:35 - 2012-07-24 20:59 - 00000000 ____D C:\toro
2013-11-10 19:35 - 2012-07-24 18:47 - 00000000 ____D C:\Program Files\BitTorrent
2013-11-10 19:33 - 2012-01-05 15:36 - 00000000 ___HD C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:12 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\Default User\Data aplikací
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-11-09 18:07 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 18:05 - 2013-11-09 17:54 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 18:05 - 2011-06-11 00:58 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-11-09 18:05 - 2011-06-11 00:58 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-11-09 18:03 - 2013-11-09 17:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:54 - 2012-01-06 10:02 - 00001032 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-11-09 17:54 - 2012-01-05 15:36 - 00001105 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Internet Explorer.lnk
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 17:12 - 2013-10-27 19:11 - 00000000 ____D C:\Program Files\Seznam.cz
2013-11-09 17:12 - 2013-01-13 18:21 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Corporation
2013-11-09 17:09 - 2013-10-30 23:12 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-11-09 17:09 - 2013-10-30 22:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-11-09 16:57 - 2012-01-06 17:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-08 14:31 - 2012-10-03 18:35 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-11-08 14:31 - 2012-10-03 18:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 19:01 - 2013-10-30 18:39 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:26 - 2012-01-07 10:56 - 00014846 _____ C:\WINDOWS\KB2510531-IE8.log
2013-10-27 19:26 - 2012-01-06 09:48 - 00249431 _____ C:\WINDOWS\updspapi.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01557937 _____ C:\WINDOWS\iis6.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01421273 _____ C:\WINDOWS\FaxSetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00688569 _____ C:\WINDOWS\ocgen.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00652447 _____ C:\WINDOWS\tsoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00487823 _____ C:\WINDOWS\comsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00449134 _____ C:\WINDOWS\msmqinst.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00293261 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00249388 _____ C:\WINDOWS\netfxocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00100201 _____ C:\WINDOWS\MedCtrOC.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00088712 _____ C:\WINDOWS\ocmsn.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00072358 _____ C:\WINDOWS\tabletoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00071167 _____ C:\WINDOWS\msgsocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-27 19:15 - 2012-01-06 09:50 - 00141449 _____ C:\WINDOWS\spupdsvc.log
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Obrázky
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Hudba
2013-10-27 19:14 - 2012-11-03 13:15 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2013-10-27 19:14 - 2012-01-06 10:27 - 00247190 _____ C:\WINDOWS\ie8_main.log
2013-10-27 19:14 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Help
2013-10-27 19:13 - 2013-10-10 23:22 - 00047334 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-27 19:13 - 2013-08-15 19:09 - 00048719 _____ C:\WINDOWS\KB2862772-IE8.log
2013-10-27 19:13 - 2012-09-22 13:04 - 00053338 _____ C:\WINDOWS\KB2744842-IE8.log
2013-10-27 19:13 - 2012-01-07 11:02 - 00055937 _____ C:\WINDOWS\KB2618444-IE8.log
2013-10-27 19:13 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:12 - 2013-10-27 19:11 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:12 - 2012-01-06 10:13 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-10-27 19:11 - 2013-10-27 19:10 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:11 - 2012-01-06 10:39 - 00099643 _____ C:\WINDOWS\ie8.log
2013-10-27 19:11 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Media
2013-10-27 19:03 - 2013-10-27 19:02 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-27 19:03 - 2012-01-07 10:55 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-17 17:28 - 2012-01-21 17:14 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Filmy
2013-10-17 17:28 - 2012-01-05 15:29 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Filmy
2013-10-17 17:27 - 2012-10-28 12:32 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-10-17 17:27 - 2012-10-28 12:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-17 17:27 - 2012-01-06 08:40 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-10-15 18:25 - 2013-09-08 19:21 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\so
2013-10-15 18:11 - 2012-04-14 17:44 - 00001739 _____ C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
2013-10-15 18:11 - 2012-01-05 15:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-15 18:11 - 2012-01-05 15:51 - 00892728 _____ C:\WINDOWS\DPINST.LOG
2013-10-14 16:59 - 2012-01-05 15:56 - 00000000 ____D C:\WINDOWS\Microsoft.NET
Files to move or delete:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com
Some content of TEMP:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\6_Offer_4.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avguidx.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avxdisk.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdc.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdcore.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib2k.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdupdateservice.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\CommonInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DEVCON.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\download.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DownloadManager.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7370014.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7380009.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7410004.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\eEmpty.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\encdec.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\esupdate.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\FSSync.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\Getvlist.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzscr01.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\htmlayout.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_pdf2txt_setup15 - CHIP Downloader[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\iGearedHelper.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ikave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ipc.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\JFS.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\JSM.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\kave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\kavvlg.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\KK.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid11189354.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid8664609.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\LuckyLeap.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MachineIdCreator.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\Medal of Honor_uninst.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcp80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcr80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvl64.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvlclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVL.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVReg.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\mwunzip.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\prLoader.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ptu12_tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\red32.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\reload.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\scan.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ScanningProcess.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setpriv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\test2.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\toolbar9284421.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ToolbarInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi14.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi6C.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\UnityWebPlayer7807625750650097017.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\unregx.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\viewtcp.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2004-08-18 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2004-08-18 13:00] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2004-08-18 13:00] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
Uložte uložte do adresáře, v němž je FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
C:\Documents and Settings\Uživatel\Local Settings\Temp
End
Rudy píše:Otevřte poznámkový blok a zkopírujte do něj:
Uložte uložte do adresáře, v němž je FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
C:\Documents and Settings\Uživatel\Local Settings\Temp
End
dodohuhu píše:Nejde mi spustit FRST.Rudy píše:Otevřte poznámkový blok a zkopírujte do něj:
Uložte uložte do adresáře, v němž je FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
C:\Documents and Settings\Uživatel\Local Settings\Temp
End
Rudy píše:Klikl jste na >Fix<? Tohle je normální log. Potřebuji ten log, co se vytvoří bezprostředně po fixnutí.
nevím kde to je -Uložte uložte do adresáře, v němž je FRST jako fixlist.txtRudy píše:To asi jo. Přečtěte si důkladně návod: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . Jinak nelze dál pokračovat.