Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zablokovaný facebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Zablokovaný facebook

#1 Příspěvek od cestujici »

Řeším problém na notebooku kamarádky. Nemám k dispozici žádné logy, ale mám jakési drobné zkušenosti, postupoval jsem podle nich. Stalo se údajně to, že uživatelka viděla na facebooku náhled videa, klikla, místo přehrání videa se otevřela nějaká stránka. Pak je popis už dost zmatený, ale každopádně se jí během chvilky ozvalo několik přátel, co jim to posílá za odkaz (zjevně ho poslal tentýž skript.) Pak ji z FB něco odhlásilo a už se nepřihlásí zpátky.

Co jsem zjistil já:
Jde o windows 7, uživatelka používá chrome, je tam koupené AVG, aktualizované. Po vyplnění přihlašovacího formuláře na facebook.com se místo její zdi zobrazí tato hláška:
Obrázek

Nelze ji obejít. Když za tohoto stavu znovu otevřu facebook.com, nejsem přihlášen. Když kliknu na OK, zobrazí se toto:
Obrázek

Ani toto nelze nijak obejít. Proskenoval jsem PC pomocí AVG, nenašlo nic. Prošel jsem běžící procesy a služby, v registrech Run sekci v HKLM a HKCU. Samozřejmě nerozpoznám všechny viry očima, ale vím, jak vypadá čistý počítač a v tomto případě nenasvědčovalo nákaze vůbec nic. V chrome byly nějaké zbytečné addons (stejně jako v těch registrech), to jsem všechno pro jistotu vyčistil, restartoval. Stav na FB stejný.

Takže jsem na FB ověřil, že jde skutečně o html kód a nikoliv nějaký obrázek. Hledal jsem na netu a našel https://www.facebook.com/notes/facebook ... 0305685766. S vědomím chůze v minovém poli jsem stáhl exe soubor a spustil. Po čtvrt hodině hledání mi ten F-secure scanner ohlásil, že nenašel nic.

Nainstaloval, aktualizoval a spustil jsem MBAM. Našel tři podezřelé soubory. Názvy nevím, ale součástí těch názvů bylo "bitcoin". Soubory jsem dal do karantény a smazal. Na facebooku žádná změna.

Někdy v průběhu toho jsem se zkusil na FB přihlásit pomocí MSIE, chovalo se to naprosto stejně. Po neúspěchu MBAM mě napadlo zkusit se na FB přihlásit jako jiný uživatel a ejhle - bez problému. Takže ta hláška se týká jen konkrétně jejího FB účtu, nikoliv počítače.

Uvědomuju si:
- zvláštní a podezřelé chování facebooku, které ze všeho nejvíc odpovídá nějakým parazitním skriptům. Umím si představit leccos, třeba přepsání hosts souboru (ten mě napadl až teď, zkontrolovat můžu zítra), ale tomu neodpovídá fakt, že na jiný účet se tam přihlásit lze.
- to, že jestli ty hlášky opravdu generuje FB, může to mít nějakou setrvačnost. FB si její účet pro nějaké podezření třeba dočasně mohl zabanovat a i když je PC už čistý, dostane možnost až po nějaké době.
- že ty nalezené soubory s tím problémem vůbec nemusí souviset.

Nejvíc mě zaráží, že jsem k tomu nenašel nikde žádné články. Skoro až po boji jsem našel http://www.pooh.cz/pooh/a.asp?a=2018326, tam popsaný úvod odpovídá, ale začínám se s tím rozcházet v momentu, kdy tam je řeč o tom, že F-Secure něco našel.

Díky za případné rady. Mě už kromě toho zmíněného hosts souboru nenapadá nic.
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zablokovaný facebook

#2 Příspěvek od altrok »

Zdravim a dekuji za podrobne informace :thumbsup:

:arrow: Zacneme tradicne logem z RSIT, at se podivame, co vsechno v PC bezi ;) http://forum.viry.cz/viewtopic.php?f=13&t=130786
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#3 Příspěvek od cestujici »

altrok: díky za ochotu. Výpis:


Logfile of random's system information tool 1.10 (written by random/random)
Run by kancelar at 2014-11-25 14:01:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 253 GB (55%) free of 464 GB
Total RAM: 3039 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:02:32, on 25.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\kancelar\Downloads\RSIT.exe
C:\Program Files\trend micro\kancelar.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MFNetworkScanUtility] C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [VmbNotifier] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-613097871-1548815878-1703946892-1003\..\Run: [Google Update] "C:\Users\Draha\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Draha')
O4 - HKUS\S-1-5-21-613097871-1548815878-1703946892-1004\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Lucka a Katka')
O4 - HKUS\S-1-5-21-613097871-1548815878-1703946892-1004\..\RunOnce: [Application Restart #0] C:\Program Files\Windows Sidebar\sidebar.exe (User 'Lucka a Katka')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: PMObserv - RICOH COMPANY,LTD. - C:\Windows\system32\PMObserv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Vodafone Mobile Connect Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe

--
End of file - 9309 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613097871-1548815878-1703946892-1003Core.job - C:\Users\Draha\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613097871-1548815878-1703946892-1003UA.job - C:\Users\Draha\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-26 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MFNetworkScanUtility"=C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE [2009-12-15 484760]
"MobileBroadband"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2013-10-24 78336]
"VmbNotifier"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [2013-10-24 1893888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-06-24 941968]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-06-24 3373968]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-06-24 20880]
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2014-10-15 468192]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-25 14:02:00 ----D---- C:\Program Files\trend micro
2014-11-25 14:01:59 ----D---- C:\rsit
2014-11-24 11:38:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-24 11:38:03 ----D---- C:\ProgramData\Malwarebytes
2014-11-24 11:38:03 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-11-24 11:38:03 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-24 11:38:03 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-24 11:38:03 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-11-23 11:25:56 ----A---- C:\Users\kancelar\AppData\Roaming\burnaware.ini
2014-11-23 11:23:19 ----D---- C:\Program Files\BurnAware Professional
2014-11-23 11:22:37 ----D---- C:\Users\kancelar\AppData\Roaming\WinRAR
2014-11-23 11:22:10 ----D---- C:\Program Files\WinRAR
2014-11-23 11:21:09 ----D---- C:\Windows\system32\bitstreams
2014-11-23 11:21:09 ----D---- C:\Program Files\WinRAR 4.20 CZ (Pln verze) 32-64 bit - McAdmin
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\zlib1.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\ssleay32.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\pthreadVC2.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\pthreadGC2.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libssh2.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\librtmp.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libidn-11.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libeay32.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libcurl-4.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\cudart32_50_35.dll
2014-11-22 20:36:48 ----SHD---- C:\Config.Msi
2014-11-22 20:19:30 ----D---- C:\ProgramData\F-Secure
2014-11-22 19:51:40 ----A---- C:\Windows\ntbtlog.txt
2014-11-20 20:14:37 ----D---- C:\Program Files\Common Files\Java
2014-11-20 20:14:14 ----A---- C:\Windows\system32\javaws.exe
2014-11-20 20:13:42 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-11-20 20:13:42 ----A---- C:\Windows\system32\javaw.exe
2014-11-20 20:13:42 ----A---- C:\Windows\system32\java.exe
2014-11-20 20:11:09 ----D---- C:\Users\kancelar\AppData\Roaming\URSoft
2014-11-20 20:11:06 ----AD---- C:\ProgramData\TEMP
2014-11-20 20:10:11 ----D---- C:\Program Files\Your Uninstaller! 7
2014-11-20 17:44:26 ----D---- C:\Util
2014-11-19 09:30:16 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 09:30:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 09:32:40 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 09:32:35 ----A---- C:\Windows\system32\msi.dll
2014-11-12 09:32:30 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 09:32:25 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 09:32:25 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 09:32:21 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 09:32:15 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 09:32:15 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 09:32:10 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 09:32:09 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 09:32:09 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 09:32:05 ----A---- C:\Windows\system32\packager.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 09:29:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 09:29:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:29:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:29:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:29:29 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:29:28 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 09:29:28 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 09:29:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 09:29:27 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 09:29:27 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 09:29:27 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 09:29:26 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 09:29:26 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 09:29:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 09:29:24 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 09:29:23 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 09:29:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 09:29:22 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 09:29:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 09:29:21 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 09:29:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 09:29:20 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 09:29:19 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 09:29:18 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 09:29:18 ----A---- C:\Windows\system32\jscript9.dll
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MUINST_U.EXE
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MTAG32_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MSPOOL_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MSMCML_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MSHRES_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MLMON__U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MIMF32_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MICM___U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MGDI32_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MCMM___U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\MSUMLT_U.INI
2014-11-06 17:44:52 ----A---- C:\Windows\system32\Wing.dll
2014-10-29 21:34:52 ----A---- C:\Windows\system32\drivers\avgidsdriverx.sys

======List of files/folders modified in the last 1 month======

2014-11-25 14:02:17 ----D---- C:\Windows\Prefetch
2014-11-25 14:02:00 ----RD---- C:\Program Files
2014-11-25 13:58:24 ----D---- C:\Windows\Temp
2014-11-25 10:24:11 ----D---- C:\ProgramData\MFAData
2014-11-25 08:59:25 ----D---- C:\Windows\system32\config
2014-11-24 20:08:11 ----D---- C:\Windows\System32
2014-11-24 20:08:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-24 20:08:10 ----D---- C:\Windows\inf
2014-11-24 13:51:19 ----D---- C:\Windows\system32\drivers
2014-11-24 13:03:44 ----D---- C:\Program Files\AVG Web TuneUp
2014-11-24 12:34:29 ----D---- C:\Users\kancelar\AppData\Roaming\Skype
2014-11-24 11:57:39 ----D---- C:\Windows\LiveKernelReports
2014-11-24 11:38:03 ----HD---- C:\ProgramData
2014-11-22 20:37:52 ----SHD---- C:\Windows\Installer
2014-11-22 20:37:33 ----D---- C:\Program Files\Common Files\Ahead
2014-11-22 20:37:18 ----D---- C:\Windows\ehome
2014-11-22 20:37:17 ----D---- C:\Windows
2014-11-22 20:30:03 ----SHD---- C:\System Volume Information
2014-11-22 19:53:03 ----SD---- C:\ProgramData\Microsoft
2014-11-22 19:51:38 ----D---- C:\Program Files\Google
2014-11-22 19:50:42 ----D---- C:\Windows\system32\catroot2
2014-11-22 19:41:12 ----D---- C:\Program Files\Tame 5.1
2014-11-22 19:40:23 ----D---- C:\Users\kancelar\AppData\Roaming\Dropbox
2014-11-20 20:15:00 ----D---- C:\ProgramData\Oracle
2014-11-20 20:14:37 ----D---- C:\Program Files\Common Files
2014-11-20 20:13:42 ----D---- C:\Program Files\Java
2014-11-20 18:19:33 ----D---- C:\Windows\system32\MRT
2014-11-20 10:18:21 ----D---- C:\Windows\winsxs
2014-11-19 19:37:27 ----D---- C:\Windows\system32\FxsTmp
2014-11-19 19:30:06 ----D---- C:\Windows\system32\spool
2014-11-19 19:30:06 ----D---- C:\Windows\system32\DriverStore
2014-11-19 09:27:09 ----D---- C:\Windows\system32\catroot
2014-11-17 11:41:43 ----D---- C:\Windows\rescache
2014-11-17 11:12:51 ----D---- C:\Windows\Microsoft.NET
2014-11-17 11:11:38 ----RSD---- C:\Windows\assembly
2014-11-17 08:45:20 ----D---- C:\Windows\system32\cs-CZ
2014-11-17 08:45:19 ----SD---- C:\Windows\system32\CompatTel
2014-11-17 08:45:17 ----D---- C:\Windows\system32\en-US
2014-11-17 08:45:14 ----D---- C:\Program Files\Internet Explorer
2014-11-17 08:43:11 ----D---- C:\ProgramData\Microsoft Help
2014-11-16 18:27:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-11-16 17:41:25 ----HD---- C:\Program Files\InstallShield Installation Information
2014-11-14 10:07:23 ----D---- C:\Windows\Tasks
2014-11-12 10:18:43 ----HD---- C:\$AVG
2014-11-06 17:44:52 ----D---- C:\Windows\system
2014-11-06 17:44:47 ----D---- C:\Windows\system32\Tasks
2014-10-31 23:25:42 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-18 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-10-05 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-08-29 42784]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2011-01-20 36640]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 114904]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 51928]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 49664]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-06-16 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-06-16 25200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2011-01-20 217088]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 SMA.Multicasting.IGMP.QuerierService.exe;SMA IGMP Querier Service; C:\Program Files\SMA\Sunny Explorer\SMA.Multicasting.IGMP.QuerierService.exe [2013-03-01 18592]
R2 VmbService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2013-10-24 8704]
R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-08-29 1843736]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 PMObserv;PMObserv; C:\Windows\system32\PMObserv.exe [2010-02-12 245875]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2014-02-28 1228336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-16 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-16 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-16 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 102912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zablokovaný facebook

#4 Příspěvek od altrok »

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Clean
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
:arrow: Problem pretrvava?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#5 Příspěvek od cestujici »

Problém bohužel trvá.


# AdwCleaner v4.102 - Report created 25/11/2014 at 14:46:47
# Updated 23/11/2014 by Xplode
# Database : 2014-11-25.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : kancelar - KANCELAR-PC
# Running from : C:\Users\kancelar\Downloads\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater3.2.0

***** [ Files / Folders ] *****

Folder Deleted : C:\Util
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Draha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Folder Deleted : C:\Users\Lucka a Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.65

[C:\Users\Draha\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://andrie.cz/?page=websearch&srchtext={searchTerms}
[C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=5E73A89C-16CF-46A3-8C5E-76A6AD3F3D44&n=780b8593&ind=2014021011&p2=^HJ^xdm007^S08332^cz&si=CLObwuOmwbwCFWjKtAodHiwAUQ
[C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=5E73A89C-16CF-46A3-8C5E-76A6AD3F3D44&n=780b8593&ind=2014021011&p2=^HJ^xdm007^S08332^cz&si=CLObwuOmwbwCFWjKtAodHiwAUQ

*************************

AdwCleaner[R0].txt - [4929 octets] - [25/11/2014 14:43:16]
AdwCleaner[S0].txt - [4942 octets] - [25/11/2014 14:46:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5002 octets] ##########
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zablokovaný facebook

#6 Příspěvek od altrok »

:arrow: Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm
  • spustte jako spravce
  • do velkeho okna zkopirujte script uvedeny nize
  • kliknete na Run script
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi

    Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#7 Příspěvek od cestujici »

Spustil jsem, naběhly přesýpací hodiny, půl hodiny se nedělo nic, tak jsem to sestřelil.
Mezitím jsem ještě někde vyčetl, že celý problém někomu vyřešilo Comodo. Nainstaloval, aktualizoval, spustil, nenašlo nic.
Teď to musím zavřít, pokračování zítra. Prozatím děkuju.
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zablokovaný facebook

#8 Příspěvek od altrok »

:arrow: ok, zitra zopakujte krok se zoekem a dejte vedet
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#9 Příspěvek od cestujici »

Tak projeto. Na FB se pořád nedostanu.


Zoek.exe v5.0.0.0 Updated 26-11-2014
Tool run by kancelar on st 26.11.2014 at 12:46:44,62.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\kancelar\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-11-25-145648.log 292 bytes
C:\zoek-results2014-11-25-155655.log 1594 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Java deleted
C:\PROGRA~3\Adobe deleted
C:\PROGRA~3\Application Data deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\CIGLER SOFTWARE deleted
C:\PROGRA~3\Common Files deleted
C:\PROGRA~3\Comodo deleted
C:\PROGRA~3\Data aplikacˇ deleted
C:\PROGRA~3\Desktop deleted
C:\PROGRA~3\Documents deleted
C:\PROGRA~3\Dokumenty deleted
C:\PROGRA~3\DVD Shrink deleted
C:\PROGRA~3\EPSON deleted
C:\PROGRA~3\F-Secure deleted
C:\PROGRA~3\Favorites deleted
C:\PROGRA~3\FLEXnet deleted
C:\PROGRA~3\Macrovision deleted
C:\PROGRA~3\McAfee deleted
C:\PROGRA~3\MFAData deleted
C:\PROGRA~3\Microsoft Help deleted
C:\PROGRA~3\Microsoft SkyDrive deleted
C:\PROGRA~3\Nabˇdka Start deleted
C:\PROGRA~3\Oblˇben‚ polo§ky deleted
C:\PROGRA~3\Plocha deleted
C:\PROGRA~3\Samsung deleted
C:\PROGRA~3\Skype deleted
C:\PROGRA~3\SMA deleted
C:\PROGRA~3\Sony deleted
C:\PROGRA~3\Sony Corporation deleted
C:\PROGRA~3\Sony Ericsson deleted
C:\PROGRA~3\Start Menu deleted
C:\PROGRA~3\Sun deleted
C:\PROGRA~3\TEMP deleted
C:\PROGRA~3\Templates deleted
C:\PROGRA~3\ćablony deleted
C:\Users\kancelar\AppData\Roaming\burnaware.ini deleted
C:\Users\kancelar\AppData\Roaming\pkclient.ini deleted
C:\Users\kancelar\AppData\LocalLow\AVG Web TuneUp deleted
C:\Users\Lucka a Katka\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\System32\AI_RecycleBin deleted
"C:\Program Files\AVG Web TuneUp\TBAPI.dll" deleted
"C:\PROGRA~3\AVG2015\avi\iavichjg.avm" not deleted
"C:\PROGRA~3\AVG2015\avi\iavichjw.avm" not deleted
"C:\PROGRA~3\AVG2015\avi\incavi.avm" not deleted
"C:\PROGRA~3\AVG2015\Cfg\admin.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\advisor.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\aspam.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\aspmlist.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\awacs.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\cachesrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\changecfgreg.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\csl.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\dav.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\emssrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\erd.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\falsealarm.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\fw.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\fwdb.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\fwdb.cfg-journal" not deleted
"C:\PROGRA~3\AVG2015\Cfg\idp.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\idp2.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\krnl.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\krnlall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\mail.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\mailsrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\mailsrvvsapi.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\malrep.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\ocm.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\ocmstateall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\oop.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\pctuneupall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\scan.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\sched.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\setup.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\spsrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\update.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\updateall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\updatecomps.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\upgrade.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\user.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\userall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\wd.cfg" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\avgpsi.db" not deleted
"C:\PROGRA~3\AVG2015\chjw\F02075C35AC0451AA5B735159D5FD6DC.dat" deleted
"C:\PROGRA~3\AVG2015\DB\detection.db" not deleted
"C:\PROGRA~3\AVG2015\DB\exceptions.dat" not deleted
"C:\PROGRA~3\AVG2015\DB\removal.dat" not deleted
"C:\PROGRA~3\AVG2015\DB\stats.db" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchff.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchfi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchmf.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchmi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchff.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchfi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchmf.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchmi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchff.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchfi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchmf.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchmi.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\config\ShortcutCache.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\malwareprofile\backup.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\malwareprofile\cache.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\malwareprofile\nodes.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_023bdc01-a5f3-47cd-975e-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_0a35845a-a177-47cd-907c-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_3cc967e1-a766-47cd-9599-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_693375b1-5de7-47d2-b1bd-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_6a0b067f-a46d-47cd-9599-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_f2f39bdd-a53a-47cd-866b-8b65c6f77b90.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\profile\globalLoadable.dat" not deleted
"C:\PROGRA~3\Microsoft\Network\Downloader\qmgr0.dat" not deleted
"C:\PROGRA~3\Microsoft\Network\Downloader\qmgr1.dat" not deleted
"C:\PROGRA~3\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.835.Crwl" not deleted
"C:\PROGRA~3\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.835.gthr" not deleted
"C:\PROGRA~3\Microsoft\Windows\Caches\cversions.2.db" deleted
"C:\PROGRA~3\Microsoft\Windows\Caches\{24914234-5A9A-48FC-B083-F7341F9CFAB2}.2.ver0x0000000000000001.db" deleted
"C:\PROGRA~3\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x000000000000002c.db" deleted
"C:\PROGRA~3\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db" deleted
"C:\PROGRA~3\Microsoft\Windows\DRM\drmstore.hds" not deleted
"C:\PROGRA~3\Microsoft\Windows\DRM\Cache\Indiv01.tmp" not deleted
"C:\PROGRA~3\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key" deleted
"C:\PROGRA~3\Vodafone\Log\L20141125-173720-3048-VmbService.txt" not deleted
"C:\PROGRA~3\AVG2013" deleted
"C:\PROGRA~3\AVG2015" not deleted
"C:\PROGRA~3\Malwarebytes" not deleted
"C:\PROGRA~3\Microsoft" not deleted
"C:\PROGRA~3\Vodafone" not deleted
"C:\Program Files\AVG Web TuneUp" not deleted
"C:\PROGRA~3\AVG2015\avi" not deleted
"C:\PROGRA~3\AVG2015\Cfg" not deleted
"C:\PROGRA~3\AVG2015\chjw" not deleted
"C:\PROGRA~3\AVG2015\DB" not deleted
"C:\PROGRA~3\AVG2015\IDS" not deleted
"C:\PROGRA~3\AVG2015\log" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d" not deleted
"C:\PROGRA~3\AVG2015\IDS\config" not deleted
"C:\PROGRA~3\AVG2015\IDS\malwareprofile" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox" not deleted
"C:\PROGRA~3\AVG2015\IDS\profile" not deleted
"C:\PROGRA~3\AVG2015\IDS\quarantine" not deleted
"C:\PROGRA~3\Malwarebytes\Malwarebytes Anti-Malware" not deleted
"C:\PROGRA~3\Malwarebytes\Malwarebytes Anti-Malware\Configuration" not deleted
"C:\PROGRA~3\Malwarebytes\Malwarebytes Anti-Malware\Logs" not deleted
"C:\PROGRA~3\Microsoft\Network" not deleted
"C:\PROGRA~3\Microsoft\Search" deleted
"C:\PROGRA~3\Microsoft\Windows" not deleted
"C:\PROGRA~3\Microsoft\Network\Downloader" not deleted
"C:\PROGRA~3\Microsoft\Search\Data" deleted
"C:\PROGRA~3\Microsoft\Search\Data\Applications" deleted
"C:\PROGRA~3\Microsoft\Search\Data\Applications\Windows" deleted
"C:\PROGRA~3\Microsoft\Search\Data\Applications\Windows\GatherLogs" deleted
"C:\PROGRA~3\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex" deleted
"C:\PROGRA~3\Microsoft\Windows\Caches" not deleted
"C:\PROGRA~3\Microsoft\Windows\DRM" not deleted
"C:\PROGRA~3\Microsoft\Windows\DRM\Cache" not deleted
"C:\PROGRA~3\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20" not deleted
"C:\PROGRA~3\Vodafone\Log" not deleted

==== Chromium Look ======================

Chrome In-App Payments service - Draha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Audio EQ - kancelar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnhefbmfkjjjhphdpamhcmafkglifmon

==== Chromium Startpages ======================

C:\Users\Draha\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",


==== Chromium Fix ======================

C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.abradio.cz_0.localstorage deleted successfully
C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.abradio.cz_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Draha\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lucka a Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Draha\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Lucka a Katka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-613097871-1548815878-1703946892-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-613097871-1548815878-1703946892-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-613097871-1548815878-1703946892-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-613097871-1548815878-1703946892-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Users\Draha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Draha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\kancelar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kancelar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Lucka a Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucka a Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Draha\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\kancelar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Lucka a Katka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4879 folders=994 1932219720 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Draha\AppData\Local\Temp emptied successfully
C:\Users\kancelar\AppData\Local\Temp will be emptied at reboot
C:\Users\Lucka a Katka\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\kancelar\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~3\AVG2015\avi\iavichjg.avm" not deleted
"C:\PROGRA~3\AVG2015\avi\iavichjw.avm" not deleted
"C:\PROGRA~3\AVG2015\avi\incavi.avm" not deleted
"C:\PROGRA~3\AVG2015\Cfg\admin.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\advisor.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\aspam.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\aspmlist.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\awacs.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\cachesrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\changecfgreg.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\csl.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\dav.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\emssrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\erd.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\falsealarm.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\fw.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\fwdb.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\fwdb.cfg-journal" not deleted
"C:\PROGRA~3\AVG2015\Cfg\idp.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\idp2.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\krnl.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\krnlall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\mail.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\mailsrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\mailsrvvsapi.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\malrep.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\ocm.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\ocmstateall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\oop.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\pctuneupall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\scan.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\sched.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\setup.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\spsrv.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\update.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\updateall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\updatecomps.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\upgrade.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\user.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\userall.cfg" not deleted
"C:\PROGRA~3\AVG2015\Cfg\wd.cfg" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\avgpsi.db" not deleted
"C:\PROGRA~3\AVG2015\DB\detection.db" not deleted
"C:\PROGRA~3\AVG2015\DB\exceptions.dat" not deleted
"C:\PROGRA~3\AVG2015\DB\removal.dat" not deleted
"C:\PROGRA~3\AVG2015\DB\stats.db" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchff.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchfi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchmf.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\26a1ece6a1ebdfb\avgcchmi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchff.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchfi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchmf.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\84461c9c461c90d2\avgcchmi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchff.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchfi.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchmf.dat" not deleted
"C:\PROGRA~3\AVG2015\chjw\8a6adab96adaa16d\avgcchmi.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\config\ShortcutCache.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\malwareprofile\backup.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\malwareprofile\cache.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\malwareprofile\nodes.dat" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_023bdc01-a5f3-47cd-975e-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_0a35845a-a177-47cd-907c-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_3cc967e1-a766-47cd-9599-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_693375b1-5de7-47d2-b1bd-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_6a0b067f-a46d-47cd-9599-d16df8983122.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\outbox\tmp_f2f39bdd-a53a-47cd-866b-8b65c6f77b90.zip" not deleted
"C:\PROGRA~3\AVG2015\IDS\profile\globalLoadable.dat" not deleted
"C:\PROGRA~3\Microsoft\Network\Downloader\qmgr0.dat" not found
"C:\PROGRA~3\Microsoft\Network\Downloader\qmgr1.dat" not found
"C:\PROGRA~3\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.835.Crwl" not found
"C:\PROGRA~3\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.835.gthr" not found
"C:\PROGRA~3\Microsoft\Windows\DRM\drmstore.hds" not found
"C:\PROGRA~3\Microsoft\Windows\DRM\Cache\Indiv01.tmp" not found
"C:\PROGRA~3\Vodafone\Log\L20141125-173720-3048-VmbService.txt" not found
"C:\PROGRA~3\AVG2015" not deleted
"C:\PROGRA~3\Malwarebytes" not found
"C:\PROGRA~3\Microsoft" not deleted
"C:\PROGRA~3\Vodafone" not deleted
"C:\Program Files\AVG Web TuneUp" not found
"C:\Users\kancelar\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HTCTNM4A\www.myheritage.cz" not found
"C:\Users\Lucka a Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5QRUJV98\www.bellasara.com" not found

==== EOF on st 26.11.2014 at 13:25:16,07 ======================
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zablokovaný facebook

#10 Příspěvek od altrok »

:arrow: Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#11 Příspěvek od cestujici »

Nevím, co je ten frst, ale chrome ho odmítá stahovat. Stáhl jsem to explorerem. Frstlauncher.exe se mi nedaří stáhnout ani tím. Zazipovanou verzi jsem stáhl, ale po rozbalení nejde sputit: "Systém windows nemá přístup k určenému zařízení, cestě nebo souboru."
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#12 Příspěvek od cestujici »

Tady je výpis z RSIT:


Logfile of random's system information tool 1.10 (written by random/random)
Run by kancelar at 2014-11-26 16:46:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 254 GB (55%) free of 464 GB
Total RAM: 3039 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:46:32, on 26.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\kancelar\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\kancelar.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [MFNetworkScanUtility] C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [VmbNotifier] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: PMObserv - RICOH COMPANY,LTD. - C:\Windows\system32\PMObserv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Vodafone Mobile Connect Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe

--
End of file - 7561 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613097871-1548815878-1703946892-1003Core.job - C:\Users\Draha\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-613097871-1548815878-1703946892-1003UA.job - C:\Users\Draha\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MFNetworkScanUtility"=C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE [2009-12-15 484760]
"MobileBroadband"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2013-10-24 78336]
"VmbNotifier"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [2013-10-24 1893888]

Ñ๢夙
Adobe Flash Player Updater.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
GoogleUpdateTaskUserS-1-5-21-613097871-1548815878-1703946892-1003Core.job
GoogleUpdateTaskUserS-1-5-21-613097871-1548815878-1703946892-1003UA.job
SA.DAT
SCHEDLGU.TXT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-26 16:16:07 ----SHD---- C:\Config.Msi
2014-11-26 15:53:09 ----D---- C:\ProgramData\Microsoft Help
2014-11-26 14:23:42 ----D---- C:\ProgramData\MFAData
2014-11-26 13:25:31 ----SHD---- C:\$RECYCLE.BIN
2014-11-26 13:24:10 ----D---- C:\ProgramData\Vodafone
2014-11-26 13:23:50 ----D---- C:\ProgramData\Microsoft
2014-11-26 13:21:36 ----A---- C:\Windows\zoek-delete.exe
2014-11-26 13:21:33 ----D---- C:\Windows\Temp
2014-11-26 13:19:12 ----D---- C:\ProgramData\Sony Corporation
2014-11-25 16:16:29 ----A---- C:\Windows\system32\msvcr71.dll
2014-11-25 16:16:29 ----A---- C:\Windows\system32\mfc71.dll
2014-11-25 16:16:28 ----A---- C:\Windows\system32\gdiplus.dll
2014-11-25 15:53:58 ----D---- C:\zoek_backup
2014-11-25 15:21:12 ----D---- C:\Program Files\Common Files\COMODO
2014-11-25 15:20:10 ----D---- C:\Program Files\Comodo
2014-11-25 14:41:31 ----D---- C:\AdwCleaner
2014-11-25 14:02:00 ----D---- C:\Program Files\trend micro
2014-11-25 14:01:59 ----D---- C:\rsit
2014-11-24 11:38:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-24 11:38:03 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-11-24 11:38:03 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-24 11:38:03 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-24 11:38:03 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-11-23 11:23:19 ----D---- C:\Program Files\BurnAware Professional
2014-11-23 11:22:37 ----D---- C:\Users\kancelar\AppData\Roaming\WinRAR
2014-11-23 11:22:10 ----D---- C:\Program Files\WinRAR
2014-11-23 11:21:09 ----D---- C:\Windows\system32\bitstreams
2014-11-23 11:21:09 ----D---- C:\Program Files\WinRAR 4.20 CZ (Pln verze) 32-64 bit - McAdmin
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\zlib1.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\ssleay32.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\pthreadVC2.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\pthreadGC2.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libssh2.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\librtmp.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libidn-11.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libeay32.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\libcurl-4.dll
2014-11-23 11:21:09 ----AS---- C:\Windows\system32\cudart32_50_35.dll
2014-11-22 19:51:40 ----A---- C:\Windows\ntbtlog.txt
2014-11-20 20:14:37 ----D---- C:\Program Files\Common Files\Java
2014-11-20 20:14:14 ----A---- C:\Windows\system32\javaws.exe
2014-11-20 20:13:42 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-11-20 20:13:42 ----A---- C:\Windows\system32\javaw.exe
2014-11-20 20:13:42 ----A---- C:\Windows\system32\java.exe
2014-11-20 20:11:09 ----D---- C:\Users\kancelar\AppData\Roaming\URSoft
2014-11-20 20:10:11 ----D---- C:\Program Files\Your Uninstaller! 7
2014-11-19 09:30:16 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 09:30:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 09:32:40 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 09:32:35 ----A---- C:\Windows\system32\msi.dll
2014-11-12 09:32:30 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 09:32:25 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 09:32:25 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 09:32:23 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 09:32:21 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 09:32:15 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 09:32:15 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 09:32:14 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 09:32:10 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 09:32:09 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 09:32:09 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 09:32:05 ----A---- C:\Windows\system32\packager.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 09:29:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 09:29:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 09:29:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:29:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:29:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:29:29 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:29:28 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 09:29:28 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 09:29:28 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 09:29:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 09:29:27 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 09:29:27 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 09:29:27 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 09:29:26 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 09:29:26 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 09:29:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 09:29:24 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 09:29:23 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 09:29:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 09:29:22 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 09:29:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 09:29:21 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 09:29:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 09:29:20 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 09:29:19 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 09:29:18 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 09:29:18 ----A---- C:\Windows\system32\jscript9.dll
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MUINST_U.EXE
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MTAG32_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MSPOOL_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MSMCML_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MSHRES_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MLMON__U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MIMF32_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MICM___U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MGDI32_U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\system32\MCMM___U.DLL
2014-11-06 17:46:23 ----A---- C:\Windows\MSUMLT_U.INI
2014-11-06 17:44:52 ----A---- C:\Windows\system32\Wing.dll
2014-10-29 21:34:52 ----A---- C:\Windows\system32\drivers\avgidsdriverx.sys

======List of files/folders modified in the last 1 month======

2014-11-26 16:45:16 ----D---- C:\Windows\Prefetch
2014-11-26 16:16:34 ----SHD---- C:\Windows\Installer
2014-11-26 16:15:15 ----RSD---- C:\Windows\assembly
2014-11-26 16:02:15 ----D---- C:\Windows\System32
2014-11-26 15:59:02 ----D---- C:\Windows\system32\config
2014-11-26 15:53:09 ----D---- C:\ProgramData
2014-11-26 14:23:48 ----D---- C:\ProgramData\AVG2015
2014-11-26 13:23:44 ----RD---- C:\Program Files
2014-11-26 13:23:44 ----D---- C:\Windows
2014-11-26 12:49:16 ----D---- C:\Windows\system32\drivers\etc
2014-11-25 17:35:15 ----SHD---- C:\System Volume Information
2014-11-25 16:55:35 ----D---- C:\Windows\inf
2014-11-25 16:55:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-25 16:49:31 ----D---- C:\Windows\system32\Tasks
2014-11-25 16:49:31 ----D---- C:\Windows\system32\drivers
2014-11-25 15:25:03 ----D---- C:\Windows\system32\DriverStore
2014-11-25 15:25:03 ----D---- C:\Windows\system32\catroot
2014-11-25 15:21:35 ----D---- C:\Windows\winsxs
2014-11-25 15:21:12 ----D---- C:\Program Files\Common Files
2014-11-24 12:34:29 ----D---- C:\Users\kancelar\AppData\Roaming\Skype
2014-11-24 11:57:39 ----D---- C:\Windows\LiveKernelReports
2014-11-22 20:37:33 ----D---- C:\Program Files\Common Files\Ahead
2014-11-22 20:37:18 ----D---- C:\Windows\ehome
2014-11-22 19:51:38 ----D---- C:\Program Files\Google
2014-11-22 19:50:42 ----D---- C:\Windows\system32\catroot2
2014-11-22 19:41:12 ----D---- C:\Program Files\Tame 5.1
2014-11-22 19:40:23 ----D---- C:\Users\kancelar\AppData\Roaming\Dropbox
2014-11-20 18:19:33 ----D---- C:\Windows\system32\MRT
2014-11-19 19:37:27 ----D---- C:\Windows\system32\FxsTmp
2014-11-19 19:30:06 ----D---- C:\Windows\system32\spool
2014-11-17 11:41:43 ----D---- C:\Windows\rescache
2014-11-17 11:12:51 ----D---- C:\Windows\Microsoft.NET
2014-11-17 08:45:20 ----D---- C:\Windows\system32\cs-CZ
2014-11-17 08:45:19 ----SD---- C:\Windows\system32\CompatTel
2014-11-17 08:45:17 ----D---- C:\Windows\system32\en-US
2014-11-17 08:45:14 ----D---- C:\Program Files\Internet Explorer
2014-11-16 18:27:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-11-16 17:41:25 ----HD---- C:\Program Files\InstallShield Installation Information
2014-11-14 10:07:23 ----D---- C:\Windows\Tasks
2014-11-12 10:18:43 ----HD---- C:\$AVG
2014-11-06 17:44:52 ----D---- C:\Windows\system
2014-10-31 23:25:42 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-18 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-10-05 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-08-29 42784]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2014-06-26 35064]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2014-06-26 15400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2011-01-20 36640]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 23256]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 49664]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-06-16 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-06-16 25200]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 114904]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 51928]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files\Common Files\COMODO\launcher_service.exe [2014-07-25 70864]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2011-01-20 217088]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2014-07-25 2327248]
R2 SMA.Multicasting.IGMP.QuerierService.exe;SMA IGMP Querier Service; C:\Program Files\SMA\Sunny Explorer\SMA.Multicasting.IGMP.QuerierService.exe [2013-03-01 18592]
R2 VmbService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2013-10-24 8704]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 PMObserv;PMObserv; C:\Windows\system32\PMObserv.exe [2010-02-12 245875]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2014-02-28 1228336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-16 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-16 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-16 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 102912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7321
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zablokovaný facebook

#13 Příspěvek od altrok »

FRSTLauncher tedy nestahujte (spustte jen FRST.exe z plochy). Pohybujete se pod uctem s administratorskym opravnenim?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#14 Příspěvek od cestujici »

Samotný FRST jsem zkoušel, vybíhá na mě AutoIt Error: Endif with no matching If statement.
Nahoru
cestujici
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 24 lis 2014 22:48

Re: Zablokovaný facebook

#15 Příspěvek od cestujici »

Správcovský účet nemám, zařídím.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“