VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

zmizelý profil uživatele + chybějící modul + zčernalá obrazo

https://forum.viry.cz:443/viewtopic.php?t=140212

Stránka 1 z 1

zmizelý profil uživatele + chybějící modul + zčernalá obrazo

Napsal: 12 zář 2014 21:51
od nereide
Dobrý den,

obracím se na Vás po dlouhé době s žádostí o pomoc. Tentokrát se jedná o PC mých rodičů. Zmizel jim uživatelský profil a vytvořil se jakýsi dočasný, po pokusu se do něj přihlásit - černá obrazovka. Chybová hláška, že chybí modul /hview.dll atp. + mají takové ty fake reklamy (typu jste tisící návštěvník... vyhráváte...) velmi časté. Tudíž se domnívám, že tam něco schovaného bude.

Přiládám log z FRST a děkuji za případnou odpověď.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Jirka Martínek (administrator) on OSITMACHINE on 12-09-2014 22:47:03
Running from C:\Documents and Settings\Jirka Martínek\Dokumenty\Stažené soubory
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Portrait Displays, Inc) C:\Program Files\Acer Display\eDisplay Management\dthtml.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files\Verbatim GREEN BUTTON\GREEN BUTTON.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Portrait Displays, Inc) C:\Program Files\Acer Display\eDisplay Management\dthtml.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [PivotSoftware] => C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM\...\Run: [DT ACR] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-06-30] ()
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1632360 2011-05-05] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [826896 2011-05-26] (GlavSoft LLC.)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [33792 2004-12-20] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-10] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\.DEFAULT\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\Run: [EPSON Stylus DX4400 Series] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [180736 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\Policies\Explorer: []
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\MountPoints2: {b95a6abd-2036-11dd-8a2d-001e8cce015d} - F:\TrueCrypt\TrueCrypt.exe /q /a /e /m rm /v "Mount"
HKU\S-1-5-21-57989841-1500820517-725345543-1026\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-57989841-1500820517-725345543-1026\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-06-01] (Nero AG)
Startup: C:\Documents and Settings\Jirka Martínek\Nabídka Start\Programy\Po spuštění\Verbatim GREEN BUTTON.lnk
ShortcutTarget: Verbatim GREEN BUTTON.lnk -> C:\Program Files\Verbatim GREEN BUTTON\GREEN BUTTON.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: Správa překryvné ikony digitálních podpisů AutoCADu -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... A74801B0E5
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredimail.com//?search ... eyogCQb0kx
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Jirka Martínek\Data aplikací\Mozilla\Firefox\Profiles\d6hhcrrp.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.cz/
FF Keyword.URL: hxxp://mystart.incredimail.com//?loc=ff_address_bar&a=1eyogCQb0kx&search=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Documents and Settings\Jirka Martínek\Data aplikací\Mozilla\Firefox\Profiles\d6hhcrrp.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-30]

Chrome:
=======
CHR HomePage: Default -> https://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR DefaultSearchKeyword: Default -> search.seznam.cz
CHR DefaultSearchProvider: Default -> Seznam
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?sourceid=quick ... earchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Unity Player) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR CustomProfile: C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-26]
CHR Extension: (LoU Tweak) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\iglgjgbiphjfbkbdgaffpdplhhbmpmkb [2011-07-30]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2008-05-13] (Autodesk) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-10] (AVAST Software)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-06-30] ()
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-12-07] (Flexera Software, Inc.)
S2 MSSQL$AUTODESKVAULT; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-25] (NVIDIA Corporation)
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [109168 2010-04-16] (Portrait Displays, Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [826896 2011-05-26] (GlavSoft LLC.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADIHdAudAddService; C:\WINDOWS\System32\drivers\ADIHdAud.sys [293888 2007-01-16] (Analog Devices, Inc.) [File not signed]
R3 AEAudio; C:\WINDOWS\System32\drivers\AEAudio.sys [93952 2006-08-07] (Andrea Electronics Corporation) [File not signed]
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [19915 2011-07-30] (Meetinghouse Data Communications) [File not signed]
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12664 2006-10-18] ()
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-01] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-08-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-01] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-08-10] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [252872 2014-08-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-08-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-10] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-01] ()
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [265728 2003-07-17] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.SYS [20400 1999-10-21] (EnTech Taiwan) [File not signed]
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 PdiPorts; C:\WINDOWS\System32\Drivers\PdiPorts.sys [17136 2010-04-16] (Portrait Displays, Inc.)
S1 Pivot; C:\WINDOWS\System32\drivers\pivot.sys [17465 2010-05-13] (Portrait Displays, Inc.) [File not signed]
S3 pivotmou; C:\WINDOWS\System32\drivers\pivotmou.sys [11323 2010-05-13] (Portrait Displays, Inc.) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2004-12-20] (Sonic Solutions) [File not signed]
R3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [176128 2006-06-16] (Realtek Semiconductor Corporation )
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura) [File not signed]
S3 SjyPkt; C:\WINDOWS\System32\Drivers\SjyPkt.sys [13532 2006-03-31] (Windows (R) 2000 DDK provider) [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [265856 2007-08-15] (Marvell)
S3 C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS [X]
S4 IntelIde; No ImagePath
U2 MSSQLSERVER; No ImagePath
S3 RTCore; \??\G:\Nastroje-SERVIS\_TESTY\_PAMĚŤ\RightMark memory analyzer\RTCore.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U2 W3SVC; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 22:44 - 2014-09-12 22:47 - 00000000 ____D () C:\FRST
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ___SD () C:\Documents and Settings\TEMP.OSITMACHINE
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ___HD () C:\Documents and Settings\TEMP.OSITMACHINE\Data aplikací(2)
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Šablony(2)
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Oblíbené položky(2)
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Local Settings(2)
2014-09-12 19:46 - 2011-07-30 14:47 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\IETldCache(2)
2014-09-12 19:46 - 2008-05-12 22:40 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Cookies(2)
2014-09-06 21:12 - 2014-09-06 21:12 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-25 18:19 - 2014-08-25 19:07 - 00000000 ____D () C:\TOPO_Czech_2
2014-08-15 19:39 - 2014-08-15 19:39 - 00001610 _____ () C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
2014-08-15 19:39 - 2014-08-15 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
2014-08-15 19:39 - 2014-08-15 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2014-08-15 19:38 - 2014-08-15 19:38 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-15 19:38 - 2014-08-15 19:38 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-08-13 22:40 - 2014-08-25 18:11 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Garmin
2014-08-13 22:39 - 2014-08-25 18:11 - 00000000 ____D () C:\Garmin
2014-08-13 22:39 - 2014-08-13 22:40 - 00000000 ____D () C:\Program Files\Garmin
2014-08-13 22:39 - 2014-08-13 22:39 - 00000000 ____D () C:\Program Files\DIFX
2014-08-13 16:04 - 2014-08-13 16:04 - 00000000 ____D () C:\Program Files\Garmin GPS Plugin
2014-08-13 16:03 - 2014-08-25 19:19 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Data aplikací\Garmin
2014-08-13 15:49 - 2014-08-13 15:49 - 151800029 _____ (Igor Pavlov) C:\TOPO_Czech_2.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 22:47 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST
2014-09-12 22:47 - 2011-11-28 11:51 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Dokumenty\Stažené soubory
2014-09-12 22:47 - 2008-05-13 18:02 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Local Settings\Temp
2014-09-12 22:40 - 2012-06-09 11:02 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-12 22:28 - 2012-09-22 22:32 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-12 22:04 - 2012-02-26 11:45 - 00000178 __SHC () C:\Documents and Settings\Alenka\ntuser.ini
2014-09-12 22:04 - 2012-02-26 11:45 - 00000000 ____D () C:\Documents and Settings\Alenka
2014-09-12 22:03 - 2012-02-26 11:45 - 00000000 ____D () C:\Documents and Settings\Alenka\Local Settings\Temp
2014-09-12 22:03 - 2007-10-29 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-12 21:56 - 2011-08-25 13:40 - 00000000 ____D () C:\Documents and Settings\Zita\Local Settings\Temp
2014-09-12 21:23 - 2011-07-30 12:15 - 00000484 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{E89B1460-8DD0-4028-9911-65D15D089B24}.job
2014-09-12 20:56 - 2012-07-06 20:58 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-09-12 20:31 - 2011-07-30 11:50 - 00001819 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-09-12 20:22 - 2009-08-04 19:59 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-09-12 19:57 - 2008-05-12 22:38 - 01715533 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-12 19:54 - 2014-03-24 21:21 - 00000240 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-09-12 19:54 - 2012-09-22 22:32 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 19:54 - 2008-05-13 00:12 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2014-09-12 19:54 - 2008-05-13 00:12 - 00000049 ____C () C:\WINDOWS\wiaservc.log
2014-09-12 19:54 - 2008-05-12 22:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-12 19:54 - 2008-05-12 22:42 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2014-09-12 19:53 - 2011-08-25 13:40 - 00000000 ____D () C:\Documents and Settings\Zita
2014-09-12 19:53 - 2008-09-10 16:33 - 00000000 ____D () C:\Documents and Settings\Barbora
2014-09-12 19:53 - 2008-05-13 18:02 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek
2014-09-12 19:53 - 2008-05-12 22:47 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-09-12 19:53 - 2008-05-12 22:46 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-09-12 19:53 - 2008-05-12 22:42 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ___SD () C:\Documents and Settings\TEMP.OSITMACHINE
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ___HD () C:\Documents and Settings\TEMP.OSITMACHINE\Data aplikací(2)
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Šablony(2)
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Oblíbené položky(2)
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Local Settings(2)
2014-09-12 19:52 - 2008-05-13 18:02 - 00000178 ___SH () C:\Documents and Settings\Jirka Martínek\ntuser.ini
2014-09-12 19:52 - 2008-05-12 22:46 - 00032502 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-12 19:52 - 2008-05-12 22:37 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-12 17:40 - 2012-06-09 11:02 - 00701104 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-12 17:40 - 2011-11-28 11:52 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-12 15:26 - 2013-08-15 22:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 15:18 - 2008-05-12 18:14 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-11 22:35 - 2014-08-10 13:21 - 00033542 _____ () C:\WINDOWS\setupapi.log
2014-09-11 20:59 - 2012-03-14 16:07 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-11 20:59 - 2011-07-30 16:03 - 00000000 ____D () C:\Program Files\TightVNC
2014-09-11 20:59 - 2011-07-30 11:58 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-09-11 20:57 - 2014-08-10 13:21 - 00001745 _____ () C:\Documents and Settings\All Users\Plocha\avast! Internet Security.lnk
2014-09-11 20:57 - 2014-08-10 12:52 - 00001805 _____ () C:\Documents and Settings\All Users\Plocha\avast! SafeZone.lnk
2014-09-10 22:42 - 2012-02-26 12:20 - 00000725 _____ () C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
2014-09-10 22:42 - 2012-02-26 12:20 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
2014-09-10 22:41 - 2011-09-10 09:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-08 16:47 - 2012-09-16 11:18 - 00019995 _____ () C:\WINDOWS\setupact.log
2014-09-08 16:16 - 2014-03-24 21:21 - 00000234 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-09-07 21:46 - 2011-08-25 13:40 - 00000178 ___SH () C:\Documents and Settings\Zita\ntuser.ini
2014-09-07 00:01 - 2011-08-26 12:51 - 00000000 ____D () C:\Documents and Settings\Zita\Data aplikací\Skype
2014-09-06 21:12 - 2014-09-06 21:12 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-06 21:12 - 2011-08-26 12:32 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-08-31 17:44 - 2014-03-03 23:21 - 00002515 _____ () C:\Documents and Settings\Zita\Plocha\Microsoft Office Word 2007.lnk
2014-08-28 09:01 - 2012-09-22 22:11 - 00000000 ____D () C:\Documents and Settings\Zita\Dokumenty\Úřadování
2014-08-26 20:00 - 2008-05-13 18:02 - 00000000 ___RD () C:\Documents and Settings\Jirka Martínek\Oblíbené položky
2014-08-26 19:40 - 2011-08-25 13:40 - 00000000 ___RD () C:\Documents and Settings\Zita\Dokumenty
2014-08-25 19:19 - 2014-08-13 16:03 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Data aplikací\Garmin
2014-08-25 19:19 - 2008-05-13 17:17 - 00000069 ____C () C:\WINDOWS\NeroDigital.ini
2014-08-25 19:15 - 2008-05-13 18:02 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Plocha
2014-08-25 19:07 - 2014-08-25 18:19 - 00000000 ____D () C:\TOPO_Czech_2
2014-08-25 18:11 - 2014-08-13 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Garmin
2014-08-25 18:11 - 2014-08-13 22:39 - 00000000 ____D () C:\Garmin
2014-08-25 16:55 - 2008-05-13 18:02 - 00000000 __RHD () C:\Documents and Settings\Jirka Martínek\Data aplikací
2014-08-25 16:24 - 2008-05-13 18:02 - 00000000 ___RD () C:\Documents and Settings\Jirka Martínek\Nabídka Start\Programy\Po spuštění
2014-08-25 16:24 - 2008-05-13 18:02 - 00000000 ___RD () C:\Documents and Settings\Jirka Martínek\Nabídka Start\Programy
2014-08-20 19:38 - 2013-06-01 21:40 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Drive
2014-08-15 19:39 - 2014-08-15 19:39 - 00001610 _____ () C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
2014-08-15 19:39 - 2014-08-15 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
2014-08-15 19:39 - 2014-08-15 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2014-08-15 19:39 - 2013-08-12 17:45 - 00000000 ____D () C:\Program Files\QuickTime
2014-08-15 19:39 - 2008-05-13 00:09 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-08-15 19:39 - 2008-05-13 00:09 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-08-15 19:39 - 2008-05-13 00:08 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-08-15 19:38 - 2014-08-15 19:38 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-15 19:38 - 2014-08-15 19:38 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-08-14 18:14 - 2008-05-12 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-08-13 22:40 - 2014-08-13 22:39 - 00000000 ____D () C:\Program Files\Garmin
2014-08-13 22:39 - 2014-08-13 22:39 - 00000000 ____D () C:\Program Files\DIFX
2014-08-13 16:04 - 2014-08-13 16:04 - 00000000 ____D () C:\Program Files\Garmin GPS Plugin
2014-08-13 15:49 - 2014-08-13 15:49 - 151800029 _____ (Igor Pavlov) C:\TOPO_Czech_2.exe

Some content of TEMP:
====================
C:\Documents and Settings\Alenka\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Zita\Local Settings\Temp\contentDATs.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 13 zář 2014 17:30
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 13 zář 2014 22:52
od nereide
Dobrý večer! Děkuji za reakci, mezitím jsem již provedla částečný úklid skrze ccleaner a vitsoft, tak log by snad měl být o něco lepší. Budu ještě odinstalovávat hromadu zbytečností. Ale domnívám se, že tam někde je něco schovaného. Moc díky za Váš čas, pak zase přispěji :)

log je zde:

# AdwCleaner v3.310 - Report created 13/09/2014 at 23:42:09
# Updated 12/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jirka Martínek - OSITMACHINE
# Running from : C:\Documents and Settings\Jirka Martínek\Dokumenty\Stažené soubory\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\icqtoolbar
Folder Deleted : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\AskToolbar
Folder Deleted : C:\Documents and Settings\Jirka Martínek\Data aplikací\Solvusoft
Folder Deleted : C:\Documents and Settings\Zita\Local Settings\Data aplikací\AskToolbar
Folder Deleted : C:\Program Files\Software
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\Jirka Martínek\Data aplikací\Mozilla\Firefox\Profiles\d6hhcrrp.default\searchplugins\MyStart Search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v32.0.1 (x86 cs)

[ File : C:\Documents and Settings\Alenka\Data aplikací\Mozilla\Firefox\Profiles\9q6hoqiz.default\prefs.js ]


[ File : C:\Documents and Settings\Jirka Martínek\Data aplikací\Mozilla\Firefox\Profiles\d6hhcrrp.default\prefs.js ]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("keyword.URL", "hxxp://mystart.incredimail.com//?loc=ff_address_bar&a=1eyogCQb0kx&search=");

[ File : C:\Documents and Settings\Zita\Data aplikací\Mozilla\Firefox\Profiles\m39erajc.default\prefs.js ]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

-\\ Google Chrome v37.0.2062.120

[ File : C:\Documents and Settings\Alenka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=STT&o=102866&locale=en_US&apn_uid=3B72FB67-4D26-432B-9242-3A2C48E2389C&apn_ptnrs=5N&apn_sauid=471FA6DD-81F9-47E8-ACB6-A3C7A3EA750F&apn_dtid=YYYYYYYYCZ&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={2E0E73A1-9196-4A56-9DF7-68049F688B80}&mid=11b2ec750c1947d0a456b914059c4e7a-4184c4d6f682dd4aba130e84e3dab2774d222bc4&lang=cs&ds=AVG&pr=fr&d=2012-10-19 20:57:29&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.nkp.cz/search?SearchableText={searchTerms}
Deleted [Startup_urls] : hxxp://start.icq.com/
Deleted [Homepage] : hxxp://www.ask.com/?l=dis&o=102866cr&gct=hp

[ File : C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Zita\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [6804 octets] - [13/09/2014 23:40:19]
AdwCleaner[S0].txt - [6835 octets] - [13/09/2014 23:42:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6895 octets] ##########

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 10:37
od Rudy
Dejte nový log FRST.

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 11:36
od nereide
Dobré odpoledne, aktuální je:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Jirka Martínek (administrator) on OSITMACHINE on 14-09-2014 12:35:50
Running from C:\Documents and Settings\Jirka Martínek\Dokumenty\Stažené soubory
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [PivotSoftware] => C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM\...\Run: [DT ACR] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-06-30] ()
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1632360 2011-05-05] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [826896 2011-05-26] (GlavSoft LLC.)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-10] (AVAST Software)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\.DEFAULT\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\Run: [EPSON Stylus DX4400 Series] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [180736 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\Policies\Explorer: []
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\MountPoints2: {b95a6abd-2036-11dd-8a2d-001e8cce015d} - F:\TrueCrypt\TrueCrypt.exe /q /a /e /m rm /v "Mount"
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers: Správa překryvné ikony digitálních podpisů AutoCADu -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Jirka Martínek\Data aplikací\Mozilla\Firefox\Profiles\d6hhcrrp.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-30]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR DefaultSearchKeyword: Default -> search.seznam.cz
CHR DefaultSearchProvider: Default -> Seznam
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?sourceid=quick ... earchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Unity Player) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR CustomProfile: C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-26]
CHR Extension: (LoU Tweak) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\iglgjgbiphjfbkbdgaffpdplhhbmpmkb [2011-07-30]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2008-05-13] (Autodesk) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-10] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-12-07] (Flexera Software, Inc.)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-25] (NVIDIA Corporation)
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [109168 2010-04-16] (Portrait Displays, Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [826896 2011-05-26] (GlavSoft LLC.)
S2 DTSRVC; C:\Program Files\Portrait Displays, Inc.\Acer eDisplay Management\dtsrvc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADIHdAudAddService; C:\WINDOWS\System32\drivers\ADIHdAud.sys [293888 2007-01-16] (Analog Devices, Inc.) [File not signed]
R3 AEAudio; C:\WINDOWS\System32\drivers\AEAudio.sys [93952 2006-08-07] (Andrea Electronics Corporation) [File not signed]
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [19915 2011-07-30] (Meetinghouse Data Communications) [File not signed]
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12664 2006-10-18] ()
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-01] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-08-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-01] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-08-10] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [252872 2014-08-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-08-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-10] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-01] ()
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [265728 2003-07-17] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.SYS [20400 1999-10-21] (EnTech Taiwan) [File not signed]
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 PdiPorts; C:\WINDOWS\System32\Drivers\PdiPorts.sys [17136 2010-04-16] (Portrait Displays, Inc.)
S1 Pivot; C:\WINDOWS\System32\drivers\pivot.sys [17465 2010-05-13] (Portrait Displays, Inc.) [File not signed]
S3 pivotmou; C:\WINDOWS\System32\drivers\pivotmou.sys [11323 2010-05-13] (Portrait Displays, Inc.) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2004-12-20] (Sonic Solutions) [File not signed]
R3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [176128 2006-06-16] (Realtek Semiconductor Corporation )
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura) [File not signed]
S3 SjyPkt; C:\WINDOWS\System32\Drivers\SjyPkt.sys [13532 2006-03-31] (Windows (R) 2000 DDK provider) [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [265856 2007-08-15] (Marvell)
S3 C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS [X]
S4 IntelIde; No ImagePath
U2 MSSQLSERVER; No ImagePath
S3 RTCore; \??\G:\Nastroje-SERVIS\_TESTY\_PAMĚŤ\RightMark memory analyzer\RTCore.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U2 W3SVC; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 12:29 - 2014-09-14 12:29 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Data aplikací\TightVNC
2014-09-13 23:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-09-13 23:40 - 2014-09-13 23:43 - 00000000 ____D () C:\AdwCleaner
2014-09-13 09:54 - 2014-09-13 09:55 - 00000884 _____ () C:\Documents and Settings\Jirka Martínek\Plocha\Vit Registry Fix.lnk
2014-09-12 23:04 - 2014-09-12 23:04 - 00000688 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2014-09-12 23:04 - 2014-09-12 23:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 22:44 - 2014-09-14 12:35 - 00000000 ____D () C:\FRST
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ___SD () C:\Documents and Settings\TEMP.OSITMACHINE
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ___HD () C:\Documents and Settings\TEMP.OSITMACHINE\Data aplikací(2)
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Šablony(2)
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Oblíbené položky(2)
2014-09-12 19:46 - 2014-09-12 19:52 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Local Settings(2)
2014-09-12 19:46 - 2011-07-30 14:47 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\IETldCache(2)
2014-09-12 19:46 - 2008-05-12 22:40 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Cookies(2)
2014-09-06 21:12 - 2014-09-06 21:12 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-25 18:19 - 2014-08-25 19:07 - 00000000 ____D () C:\TOPO_Czech_2
2014-08-15 19:38 - 2014-08-15 19:38 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 12:36 - 2008-05-13 18:02 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Local Settings\Temp
2014-09-14 12:35 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST
2014-09-14 12:35 - 2011-11-28 11:51 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Dokumenty\Stažené soubory
2014-09-14 12:31 - 2008-05-13 18:02 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek
2014-09-14 12:31 - 2008-05-12 22:38 - 01762626 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-14 12:29 - 2014-09-14 12:29 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Data aplikací\TightVNC
2014-09-14 12:29 - 2014-03-24 21:21 - 00000240 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-09-14 12:29 - 2012-09-22 22:32 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 12:29 - 2012-07-06 20:58 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-09-14 12:29 - 2011-07-30 12:05 - 00000000 __RHD () C:\Documents and Settings\UpdatusUser\Data aplikací
2014-09-14 12:29 - 2008-05-13 00:12 - 00000157 ____C () C:\WINDOWS\wiadebug.log
2014-09-14 12:29 - 2008-05-13 00:12 - 00000049 ____C () C:\WINDOWS\wiaservc.log
2014-09-14 12:29 - 2007-10-29 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-14 12:28 - 2008-05-12 22:46 - 00032422 ____N () C:\WINDOWS\SchedLgU.Txt
2014-09-14 12:28 - 2008-05-12 22:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-14 12:27 - 2008-05-13 18:02 - 00000178 ___SH () C:\Documents and Settings\Jirka Martínek\ntuser.ini
2014-09-14 12:21 - 2008-05-13 19:10 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-09-14 12:21 - 2008-05-13 19:09 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-09-14 12:21 - 2008-05-13 00:09 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-09-14 12:20 - 2008-05-13 00:09 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-14 12:19 - 2008-05-12 22:37 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-14 12:16 - 2008-05-13 00:08 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-09-14 12:13 - 2008-05-13 00:09 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-09-14 12:09 - 2008-05-13 18:02 - 00000000 __RHD () C:\Documents and Settings\Jirka Martínek\Data aplikací
2014-09-14 12:03 - 2008-05-13 00:09 - 01715434 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-14 12:03 - 2008-05-13 00:01 - 00000000 ____D () C:\WINDOWS\Help
2014-09-14 12:03 - 2008-05-12 22:37 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Hry
2014-09-14 11:59 - 2008-05-13 18:02 - 00000000 ___RD () C:\Documents and Settings\Jirka Martínek\Nabídka Start\Programy
2014-09-14 11:57 - 2014-08-13 22:39 - 00000000 ____D () C:\Garmin
2014-09-14 11:54 - 2008-05-13 00:01 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-09-14 11:51 - 2008-12-08 00:59 - 00000000 ____D () C:\Program Files\Winamp
2014-09-14 11:48 - 2012-09-14 17:04 - 00000000 ____D () C:\Program Files\Logitech
2014-09-14 11:48 - 2011-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací\Google
2014-09-14 11:40 - 2012-06-09 11:02 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-14 11:32 - 2008-05-12 17:19 - 00000000 _____ () C:\WINDOWS\RTacDbg.txt
2014-09-14 11:28 - 2012-09-22 22:32 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 09:46 - 2011-07-30 12:15 - 00000484 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{E89B1460-8DD0-4028-9911-65D15D089B24}.job
2014-09-14 09:42 - 2008-05-12 22:42 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2014-09-14 00:21 - 2012-12-07 23:19 - 00531962 ____C () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-57989841-1500820517-725345543-1003-0.dat
2014-09-14 00:21 - 2012-12-07 15:29 - 00224322 ____C () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2014-09-14 00:14 - 2008-05-13 18:02 - 00000000 ___HD () C:\Documents and Settings\Jirka Martínek\Local Settings\Data aplikací
2014-09-14 00:13 - 2008-05-12 22:55 - 00000000 ____D () C:\Program Files\AquaMark3
2014-09-14 00:11 - 2008-05-13 18:02 - 00000000 ___RD () C:\Documents and Settings\Jirka Martínek\Nabídka Start\Programy\Po spuštění
2014-09-14 00:10 - 2013-08-12 17:45 - 00000000 ____D () C:\Program Files\QuickTime
2014-09-13 23:43 - 2014-09-13 23:40 - 00000000 ____D () C:\AdwCleaner
2014-09-13 23:42 - 2011-08-25 13:40 - 00000000 ___HD () C:\Documents and Settings\Zita\Local Settings\Data aplikací
2014-09-13 23:42 - 2011-07-30 12:05 - 00000178 __SHC () C:\Documents and Settings\UpdatusUser\ntuser.ini
2014-09-13 22:28 - 2011-08-25 13:40 - 00000178 ___SH () C:\Documents and Settings\Zita\ntuser.ini
2014-09-13 22:28 - 2011-08-25 13:40 - 00000000 ____D () C:\Documents and Settings\Zita
2014-09-13 22:05 - 2011-08-25 13:40 - 00000000 ____D () C:\Documents and Settings\Zita\Local Settings\Temp
2014-09-13 10:01 - 2009-04-20 17:09 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Intel(R) Matrix Storage Manager
2014-09-13 09:55 - 2014-09-13 09:54 - 00000884 _____ () C:\Documents and Settings\Jirka Martínek\Plocha\Vit Registry Fix.lnk
2014-09-13 09:54 - 2012-09-14 20:32 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Nabídka Start\Programy\VITSOFT
2014-09-13 09:54 - 2008-05-13 18:02 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Plocha
2014-09-12 23:08 - 2011-08-26 12:33 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Data aplikací\Skype
2014-09-12 23:08 - 2008-09-06 21:44 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-12 23:04 - 2014-09-12 23:04 - 00000688 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2014-09-12 23:04 - 2014-09-12 23:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 22:04 - 2012-02-26 11:45 - 00000178 __SHC () C:\Documents and Settings\Alenka\ntuser.ini
2014-09-12 22:04 - 2012-02-26 11:45 - 00000000 ____D () C:\Documents and Settings\Alenka
2014-09-12 22:03 - 2012-02-26 11:45 - 00000000 ____D () C:\Documents and Settings\Alenka\Local Settings\Temp
2014-09-12 20:31 - 2011-07-30 11:50 - 00001819 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-09-12 19:53 - 2008-09-10 16:33 - 00000000 ____D () C:\Documents and Settings\Barbora
2014-09-12 19:53 - 2008-05-12 22:47 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-09-12 19:53 - 2008-05-12 22:46 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-09-12 19:53 - 2008-05-12 22:42 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ___SD () C:\Documents and Settings\TEMP.OSITMACHINE
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ___HD () C:\Documents and Settings\TEMP.OSITMACHINE\Data aplikací(2)
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Šablony(2)
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Oblíbené položky(2)
2014-09-12 19:52 - 2014-09-12 19:46 - 00000000 ____D () C:\Documents and Settings\TEMP.OSITMACHINE\Local Settings(2)
2014-09-12 17:40 - 2012-06-09 11:02 - 00701104 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-12 17:40 - 2011-11-28 11:52 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-12 15:26 - 2013-08-15 22:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 15:18 - 2008-05-12 18:14 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-11 20:59 - 2012-03-14 16:07 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-11 20:59 - 2011-07-30 16:03 - 00000000 ____D () C:\Program Files\TightVNC
2014-09-11 20:59 - 2011-07-30 11:58 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-09-11 20:57 - 2014-08-10 13:21 - 00001745 _____ () C:\Documents and Settings\All Users\Plocha\avast! Internet Security.lnk
2014-09-11 20:57 - 2014-08-10 12:52 - 00001805 _____ () C:\Documents and Settings\All Users\Plocha\avast! SafeZone.lnk
2014-09-08 16:16 - 2014-03-24 21:21 - 00000234 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-09-07 00:01 - 2011-08-26 12:51 - 00000000 ____D () C:\Documents and Settings\Zita\Data aplikací\Skype
2014-09-06 21:12 - 2014-09-06 21:12 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-06 21:12 - 2011-08-26 12:32 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-08-31 17:44 - 2014-03-03 23:21 - 00002515 _____ () C:\Documents and Settings\Zita\Plocha\Microsoft Office Word 2007.lnk
2014-08-28 09:01 - 2012-09-22 22:11 - 00000000 ____D () C:\Documents and Settings\Zita\Dokumenty\Úřadování
2014-08-26 20:00 - 2008-05-13 18:02 - 00000000 ___RD () C:\Documents and Settings\Jirka Martínek\Oblíbené položky
2014-08-26 19:40 - 2011-08-25 13:40 - 00000000 ___RD () C:\Documents and Settings\Zita\Dokumenty
2014-08-25 19:19 - 2014-08-13 16:03 - 00000000 ____D () C:\Documents and Settings\Jirka Martínek\Data aplikací\Garmin
2014-08-25 19:19 - 2008-05-13 17:17 - 00000069 ____C () C:\WINDOWS\NeroDigital.ini
2014-08-25 19:07 - 2014-08-25 18:19 - 00000000 ____D () C:\TOPO_Czech_2
2014-08-25 18:11 - 2014-08-13 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Garmin
2014-08-15 19:38 - 2014-08-15 19:38 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla

Some content of TEMP:
====================
C:\Documents and Settings\Alenka\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Jirka Martínek\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Zita\Local Settings\Temp\contentDATs.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 12:23
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\Policies\Explorer: []
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\MountPoints2: {b95a6abd-2036-11dd-8a2d-001e8cce015d} - F:\TrueCrypt\TrueCrypt.exe /q /a /e /m rm /v "Mount"
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
S4 IntelIde; No ImagePath
U2 MSSQLSERVER; No ImagePath
U2 W3SVC; No ImagePath
U1 WS2IFSL; No ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\Alenka\Local Settings\Temp
End
Uložte do C:\Documents and Settings\Jirka Martínek\Dokumenty\Stažené soubory jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 13:10
od nereide
Tady je aktuální log :)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-09-2014
Ran by Jirka Martínek at 2014-09-14 14:09:10 Run:1
Running from C:\Documents and Settings\Jirka Martínek\Dokumenty\Stažené soubory
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\Policies\Explorer: []
HKU\S-1-5-21-57989841-1500820517-725345543-1003\...\MountPoints2: {b95a6abd-2036-11dd-8a2d-001e8cce015d} - F:\TrueCrypt\TrueCrypt.exe /q /a /e /m rm /v "Mount"
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
S4 IntelIde; No ImagePath
U2 MSSQLSERVER; No ImagePath
U2 W3SVC; No ImagePath
U1 WS2IFSL; No ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\Alenka\Local Settings\Temp
End



*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-57989841-1500820517-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
"HKU\S-1-5-21-57989841-1500820517-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b95a6abd-2036-11dd-8a2d-001e8cce015d}" => Key deleted successfully.
"HKCR\CLSID\{b95a6abd-2036-11dd-8a2d-001e8cce015d}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => Key deleted successfully.
"HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" => Key not found.
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0" => Key Deleted successfully.
IntelIde => Service deleted successfully.
MSSQLSERVER => Service deleted successfully.
W3SVC => Service deleted successfully.
WS2IFSL => Service deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Documents and Settings\Alenka\Local Settings\Temp => Moved successfully.

==== End of Fixlog ====

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 16:22
od Rudy
Smazáno. Nastala nějaká změna?

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 20:21
od nereide
nevím si rady s tou hláškou nview.dll nebyl nalezen, která se objevuje pro lognutí se do správcovského účtu. U uživatelského účtu, který zmizel a byl obnoven díky bodu obnovy, jen dost hapruje Google Chrome, nelze v něm nic nastavit. Jinak je to OK, bez objevování se černé obrazovky a vše fachá.

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 20:28
od Rudy
1. Zkuste přeinstalovat ovladač gr. karty. nview.dll k němu patří.
2. Chrome zazálohujte pomocí Chrome backup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pak jej odinstalujte, vč. jeho profilu. Znovu nainstalujte a zpět ze zálohy nakopírujte pouze záložky, příp. hesla.

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 20:33
od nereide
MOC, MOC, MOC DÍKY :)

Pošlu příspěvek na chod fóra, jako obvykle.

Moc děkuji za čas a trpělivost!

Re: zmizelý profil uživatele + chybějící modul + zčernalá ob

Napsal: 14 zář 2014 20:37
od Rudy
Nemáte zač a za příspěvek děkujeme! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz