VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Sekající se PC

https://forum.viry.cz:443/viewtopic.php?t=142116

Stránka 1 z 1

Sekající se PC

Napsal: 28 pro 2014 03:40
od Hook_1hp
Dobrý den,
prosím Vás, o pomoc. Mám velmi zasekaný Notebook a do toho se občas přestává reagovat. Předem děkuji za Váš čas a pomoc.

log FRST64:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014
Ran by Toshiba (administrator) on TOSH on 28-12-2014 03:18:16
Running from C:\Users\Toshiba\Desktop
Loaded Profile: Toshiba (Available profiles: Toshiba)
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-808137394-3989240724-1605283320-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [855216 2014-12-20] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/?clid=6826
http://seznam.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {1AAB7B4B-B9E1-4437-8981-095EE87E04B6} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {1AAB7B4B-B9E1-4437-8981-095EE87E04B6} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> DefaultScope {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> 079B45E8534F983BE4F584287D046DFD URL = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> 41A39C2DE31D958A4B89BABFF9DAA1B6 URL =
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> 7F01D70BFEFB934BA161B9AD8979F1FD URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> A2B396AC96C168442F43A5113A588BAF URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> F5C907575233E8D73E504F986286A271 URL = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {4DF69133-72A6-4808-BC21-5AB08FBDCE48} URL = http://www.amazon.co.uk/gp/search?ie=UT ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {968DBE19-FEC1-42A7-A0B9-6FA02B4C6022} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {9F766BC5-0EF9-494B-BC39-E614E026D1EF} URL = http://rover.ebay.com/rover/1/710-71511 ... earchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Trust Media Viewer -> {4390afe6-f5e6-4cdc-aac8-5af36167b263} -> C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ie\TrustMediaViewerV1alpha1603.dll ()
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Media View -> {9c9f377c-02e6-48c7-9fa6-9aced0ff1f00} -> C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ie\MediaViewV1alpha577.dll ()
BHO-x32: Media View -> {c9b6c4dd-e4df-45f2-a1c7-18f530abda84} -> C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ie\MediaViewV1alpha3874.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default
FF DefaultSearchEngine: Seznam
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://www.seznam.cz/?clid=6826
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-808137394-3989240724-1605283320-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Toshiba\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-808137394-3989240724-1605283320-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Toshiba\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-808137394-3989240724-1605283320-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Toshiba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\firmy.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\mapy.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\seznam.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\videa.seznam.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\zbozi.cz-215759.xml
FF Extension: No Name - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\Extensions\DTToolbar@toolbarnet.com [2012-09-30]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2010-04-21]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha5336.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha5336\ff
FF Extension: Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha5336\ff [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1413.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ff
FF Extension: Media Viewer - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ff [2014-02-24]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha577.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ff [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3874.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ff [2014-03-15]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home266.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ff
FF Extension: Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ff [2014-03-23]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6712.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ff
FF Extension: Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ff [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release7823.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ff [2014-05-14]
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1603.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ff
FF Extension: Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ff [2014-06-28]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=6826
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/?clid=6826"
CHR DefaultSearchKeyword: Default -> seznam.cz_
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?sourceid=quick ... earchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Media Watch) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljndemlaopjkhneemlebbldodokcoee [2014-10-01]
CHR Extension: (Media Viewer) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\higmeeehobepgmnoknimjpgalchibalf [2014-10-12]
CHR Extension: (Media View) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lceaofbmdppmfekebdichndbhofaflja [2014-10-01]
CHR Extension: (Rich Media View) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljohnagncpplgahgbllficojckecamae [2014-08-24]
CHR Extension: (Media View) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\llifkmdcjpncgmnoichignhbljhiaali [2014-08-24]
CHR Extension: (Media Buzz) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmjbjimlhmdmboeaenpedjlohdhofnph [2014-08-24]
CHR Extension: (Peněženka Google) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Trust Media Viewer) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\onbgjhgbbkglllgampmbedpfcofgfdcp [2014-08-24]
CHR HKLM-x32\...\Chrome\Extension: [aminlpmkfcdibgpgfajlgnamicjckkjf] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dljndemlaopjkhneemlebbldodokcoee] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ch\MediaWatchV1home266.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [higmeeehobepgmnoknimjpgalchibalf] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ch\MediaViewerV1alpha1413.crx [2014-02-23]
CHR HKLM-x32\...\Chrome\Extension: [jdkihdhlegcdggknokfekoemkjjnjhgi] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lceaofbmdppmfekebdichndbhofaflja] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ch\MediaViewV1alpha577.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [ljohnagncpplgahgbllficojckecamae] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ch\RichMediaViewV1release7823.crx [2014-05-14]
CHR HKLM-x32\...\Chrome\Extension: [llifkmdcjpncgmnoichignhbljhiaali] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ch\MediaViewV1alpha3874.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [nmjbjimlhmdmboeaenpedjlohdhofnph] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ch\MediaBuzzV1mode6712.crx [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [onbgjhgbbkglllgampmbedpfcofgfdcp] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ch\TrustMediaViewerV1alpha1603.crx [2014-06-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0048941419702984mcinstcleanup; C:\Users\Toshiba\AppData\Local\Temp\004894~1.EXE [833616 2013-01-30] (McAfee, Inc.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-02-11] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 nethfdrv; C:\Windows\system32\drivers\nethfdrv.sys [46160 2014-10-01] (nethfdrv)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-05-07] () [File not signed]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 03:18 - 2014-12-28 03:18 - 00019337 _____ () C:\Users\Toshiba\Desktop\FRST.txt
2014-12-28 03:16 - 2014-12-28 03:18 - 00000000 ____D () C:\FRST
2014-12-28 03:15 - 2014-12-28 03:15 - 02122752 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST64.exe
2014-12-27 18:56 - 2014-12-27 18:56 - 00000000 ____D () C:\Program Files\McAfee
2014-12-27 18:07 - 2014-12-27 18:13 - 00000000 ____D () C:\Users\Toshiba\Desktop\hudba a filmy
2014-12-27 18:04 - 2014-12-27 18:13 - 00000000 ____D () C:\Users\Toshiba\Desktop\zivotopisy a blbosti
2014-12-27 18:00 - 2014-12-27 18:06 - 00000000 ____D () C:\Users\Toshiba\Desktop\foto a video
2014-12-24 15:37 - 2014-12-24 15:37 - 00000000 _____ () C:\Windows\SysWOW64\sho2692.tmp
2014-12-24 15:00 - 2014-12-24 15:00 - 00000000 _____ () C:\Windows\SysWOW64\sho1989.tmp
2014-12-24 14:36 - 2014-12-24 14:29 - 00001795 _____ () C:\Users\Toshiba\Documents\SimCity 4 – zástupce.lnk
2014-12-24 13:57 - 2014-12-24 13:57 - 00000536 _____ () C:\Windows\eReg.dat
2014-12-24 13:13 - 2014-12-24 14:26 - 00000000 ____D () C:\Users\Toshiba\Documents\sim city
2014-12-24 13:06 - 2014-12-27 18:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-24 13:02 - 2014-12-24 13:09 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\WinZip
2014-12-24 13:02 - 2014-12-24 13:02 - 00002314 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-12-24 13:02 - 2014-12-24 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-12-24 13:00 - 2014-12-24 13:00 - 00906024 _____ ( ) C:\Users\Toshiba\Downloads\winzip19-lan_cs.exe
2014-12-24 11:12 - 2014-12-24 11:12 - 00056403 _____ () C:\Users\Toshiba\Downloads\WinRAR.rar
2014-12-24 11:01 - 2014-12-24 11:07 - 112486659 _____ () C:\Users\Toshiba\Downloads\Nový-WinRAR-ZIP-archiv.zip
2014-12-24 09:23 - 2014-12-24 10:38 - 1336632638 _____ () C:\Users\Toshiba\Downloads\SimCity-4-Deluxe.rar
2014-12-24 09:21 - 2014-12-24 09:21 - 00000687 _____ () C:\awhEA0.tmp
2014-12-23 16:02 - 2014-12-23 16:02 - 00000687 _____ () C:\awh33DB.tmp
2014-12-22 17:32 - 2014-12-22 17:32 - 00000687 _____ () C:\awh2D37.tmp
2014-12-22 09:26 - 2014-12-22 09:26 - 00000687 _____ () C:\awhD393.tmp
2014-12-21 12:29 - 2014-12-21 12:29 - 00000687 _____ () C:\awh3580.tmp
2014-12-20 20:03 - 2014-12-20 20:03 - 00002378 _____ () C:\Users\Toshiba\Desktop\Google Chrome.lnk
2014-12-20 19:58 - 2014-12-20 19:58 - 00739824 _____ (Google Inc.) C:\Users\Toshiba\Desktop\Internetový-prohlížeč-Google-Chrome.exe
2014-12-20 19:58 - 2014-12-20 19:58 - 00000687 _____ () C:\awhCFDC.tmp
2014-12-20 19:44 - 2014-12-20 19:45 - 40759888 _____ (Google Inc.) C:\Users\Toshiba\Downloads\ChromeSetup.exe
2014-12-20 19:42 - 2014-12-20 19:42 - 00000687 _____ () C:\awhFFC1.tmp
2014-12-20 00:03 - 2014-12-20 00:03 - 00000687 _____ () C:\awhE906.tmp
2014-12-19 23:42 - 2014-12-19 23:42 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Apps\2.0
2014-12-19 23:07 - 2014-12-19 23:07 - 00000687 _____ () C:\awh2A88.tmp
2014-12-19 09:06 - 2014-12-19 09:06 - 00000687 _____ () C:\awh98F4.tmp
2014-12-18 18:18 - 2014-12-18 18:18 - 00000687 _____ () C:\awh8277.tmp
2014-12-18 13:55 - 2014-12-18 13:55 - 00000687 _____ () C:\awhB470.tmp
2014-12-17 17:21 - 2014-12-17 17:21 - 00000687 _____ () C:\awh7A6C.tmp
2014-12-17 09:27 - 2014-12-17 09:27 - 00000687 _____ () C:\awh4411.tmp
2014-12-16 19:10 - 2014-12-16 19:10 - 00000687 _____ () C:\awhBBFE.tmp
2014-12-16 09:51 - 2014-12-16 09:51 - 00000687 _____ () C:\awh3F02.tmp
2014-12-15 17:28 - 2014-12-15 17:28 - 00000687 _____ () C:\awh250C.tmp
2014-12-15 10:09 - 2014-12-15 10:09 - 00000687 _____ () C:\awh7399.tmp
2014-12-14 09:07 - 2014-12-14 09:07 - 00000687 _____ () C:\awh89E7.tmp
2014-12-13 20:19 - 2014-12-13 20:19 - 00000687 _____ () C:\awh492.tmp
2014-12-12 09:02 - 2014-12-12 09:02 - 00000687 _____ () C:\awhA39E.tmp
2014-12-11 15:54 - 2014-12-11 15:54 - 00000687 _____ () C:\awh640F.tmp
2014-12-11 15:02 - 2014-12-11 15:02 - 00000687 _____ () C:\awhCC62.tmp
2014-12-11 08:59 - 2014-12-11 08:59 - 00000687 _____ () C:\awhBBB0.tmp
2014-12-10 15:12 - 2014-12-10 15:12 - 00000687 _____ () C:\awh8796.tmp
2014-12-10 11:27 - 2014-12-10 11:27 - 00000687 _____ () C:\awh646.tmp
2014-12-10 09:22 - 2014-12-10 09:22 - 00000687 _____ () C:\awh77AE.tmp
2014-12-09 10:58 - 2014-12-09 10:58 - 00000687 _____ () C:\awh79E.tmp
2014-12-08 15:16 - 2014-12-08 15:16 - 00000687 _____ () C:\awhEEF.tmp
2014-12-07 13:17 - 2014-12-07 13:17 - 00000687 _____ () C:\awh8738.tmp
2014-12-07 10:00 - 2014-12-07 10:00 - 00000687 _____ () C:\awhB598.tmp
2014-12-06 09:35 - 2014-12-06 09:35 - 00000687 _____ () C:\awh80D3.tmp
2014-12-05 10:19 - 2014-12-05 10:19 - 00000687 _____ () C:\awh7BF2.tmp
2014-12-04 18:21 - 2014-12-04 18:21 - 00000687 _____ () C:\awh12B5.tmp
2014-12-04 10:36 - 2014-12-04 10:36 - 00000687 _____ () C:\awh5D9.tmp
2014-12-03 19:02 - 2014-12-03 19:02 - 00000687 _____ () C:\awh162E.tmp
2014-12-03 09:30 - 2014-12-03 09:30 - 00000687 _____ () C:\awh1351.tmp
2014-12-03 06:33 - 2014-12-03 06:33 - 00000687 _____ () C:\awh868D.tmp
2014-12-02 17:27 - 2014-12-02 17:27 - 00000687 _____ () C:\awhD01A.tmp
2014-12-02 10:34 - 2014-12-02 10:34 - 00000687 _____ () C:\awhCA31.tmp
2014-12-01 20:00 - 2014-12-01 20:00 - 00000687 _____ () C:\awhF99.tmp
2014-12-01 10:43 - 2014-12-01 10:43 - 00000687 _____ () C:\awh1FFE.tmp
2014-11-30 08:53 - 2014-11-30 08:53 - 00000687 _____ () C:\awh978D.tmp
2014-11-29 09:47 - 2014-11-29 09:47 - 00000687 _____ () C:\awh707D.tmp
2014-11-28 17:29 - 2014-11-28 17:29 - 00000687 _____ () C:\awh51E.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 03:13 - 2009-07-14 16:18 - 00623104 _____ () C:\Windows\system32\perfh005.dat
2014-12-28 03:13 - 2009-07-14 16:18 - 00118996 _____ () C:\Windows\system32\perfc005.dat
2014-12-28 03:13 - 2009-07-14 06:13 - 01447246 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-28 03:12 - 2013-09-18 08:44 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-28 03:12 - 2012-09-30 18:50 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000UA.job
2014-12-28 03:12 - 2012-09-30 18:50 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000Core.job
2014-12-28 03:12 - 2012-09-30 18:25 - 01243582 _____ () C:\Windows\WindowsUpdate.log
2014-12-27 19:37 - 2013-07-18 17:24 - 00000000 ____D () C:\Windows\Minidump
2014-12-27 19:02 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-27 19:02 - 2009-07-14 05:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-27 19:01 - 2014-08-26 19:47 - 00003822 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409078827
2014-12-27 19:01 - 2014-08-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-27 18:56 - 2010-04-21 17:34 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-27 18:55 - 2010-04-21 17:34 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-27 18:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-27 18:48 - 2012-09-30 17:33 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-27 18:46 - 2013-11-10 02:46 - 00000000 ____D () C:\ProgramData\Symantec
2014-12-27 18:46 - 2013-11-10 02:46 - 00000000 ____D () C:\ProgramData\Norton
2014-12-27 18:44 - 2012-09-30 18:44 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-12-27 18:19 - 2013-11-01 09:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-27 18:19 - 2010-04-21 17:45 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 18:09 - 2012-04-12 16:37 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\SoftGrid Client
2014-12-26 16:59 - 2009-07-14 06:08 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-24 13:23 - 2014-01-31 16:54 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\genienext
2014-12-24 13:14 - 2014-09-29 05:34 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\810
2014-12-24 13:02 - 2014-08-26 20:47 - 00000000 ____D () C:\Program Files\WinZip
2014-12-24 09:17 - 2014-10-05 07:46 - 00000062 _____ () C:\Users\Toshiba\rgut
2014-12-22 09:21 - 2014-02-16 21:34 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-12-20 20:32 - 2013-09-18 08:44 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-20 20:31 - 2012-09-30 17:33 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-20 20:31 - 2011-05-30 12:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-20 20:03 - 2012-09-30 18:51 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-20 00:03 - 2012-09-30 18:50 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000UA
2014-12-20 00:03 - 2012-09-30 18:50 - 00003548 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000Core
2014-12-19 23:59 - 2014-10-03 17:52 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\uxNDtSCZ
2014-12-19 23:59 - 2011-05-30 12:20 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\vlc
2014-12-19 23:53 - 2014-10-24 18:18 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\Massive Media
2014-12-19 23:53 - 2014-10-18 18:41 - 00000000 ____D () C:\Users\Toshiba\Documents\GF
2014-12-19 23:53 - 2014-10-12 17:05 - 00000000 ____D () C:\Users\Toshiba\Documents\Mafia-1-CZ-Plna-verze (2)
2014-12-19 23:53 - 2014-10-06 19:31 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\10086
2014-12-19 23:53 - 2014-10-04 20:46 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-12-19 23:53 - 2011-05-30 12:17 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-19 23:53 - 2009-07-14 16:36 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-19 23:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-19 23:52 - 2011-05-30 10:29 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\Skype
2014-12-19 23:02 - 2011-05-30 10:23 - 00000000 ____D () C:\Users\Toshiba

Files to move or delete:
====================
C:\ProgramData\6jvqmrw.dat
C:\ProgramData\8d6j7l.dat
C:\ProgramData\algnblwlw.plz
C:\ProgramData\EmwekkOfwerv.dll
C:\ProgramData\i7e3h.dat
C:\ProgramData\qmwjdoba.dat
C:\ProgramData\wlwlbngla.ctrl
C:\ProgramData\wlwlbngla.pff


Some content of TEMP:
====================
C:\Users\Toshiba\AppData\Local\Temp\0048941419702984mcinst.exe
C:\Users\Toshiba\AppData\Local\Temp\0310561419700961mcinst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-18 14:39

==================== End Of Log ============================





log RSITx64:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Toshiba at 2014-12-28 03:27:51
Microsoft Windows 7 Home Premium
System drive C: has 40 GB (26%) free of 152 GB
Total RAM: 3964 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:28:10, on 28.12.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Program Files\trend micro\Toshiba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: TrustMediaViewerV1alpha1603 - {4390afe6-f5e6-4cdc-aac8-5af36167b263} - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ie\TrustMediaViewerV1alpha1603.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaViewV1alpha577 - {9c9f377c-02e6-48c7-9fa6-9aced0ff1f00} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ie\MediaViewV1alpha577.dll
O2 - BHO: MediaViewV1alpha3874 - {c9b6c4dd-e4df-45f2-a1c7-18f530abda84} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ie\MediaViewV1alpha3874.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: $McRebootA5E6DEAA56$.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: McAfee Application Installer Cleanup (0048941419702984) (0048941419702984mcinstcleanup) - McAfee, Inc. - C:\Users\Toshiba\AppData\Local\Temp\004894~1.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8813 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2096
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\File Association Helper\FAHWindow.exe" register
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe"

"C:\Users\Toshiba\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000Core.job - C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000UA.job - C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4390afe6-f5e6-4cdc-aac8-5af36167b263}]
Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ie\TrustMediaViewerV1alpha1603.dll [2014-06-25 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-01-14 138624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c9f377c-02e6-48c7-9fa6-9aced0ff1f00}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ie\MediaViewV1alpha577.dll [2014-02-26 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c9b6c4dd-e4df-45f2-a1c7-18f530abda84}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ie\MediaViewV1alpha3874.dll [2014-02-27 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-02 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"FAHConsole"=C:\Program Files\File Association Helper\FAHConsole.exe [2014-01-28 729272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [2014-12-20 855216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-11-11 288088]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
$McRebootA5E6DEAA56$.lnk -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-28 03:27:56 ----D---- C:\Program Files\trend micro
2014-12-28 03:27:51 ----D---- C:\rsit
2014-12-28 03:16:30 ----D---- C:\FRST
2014-12-27 18:56:10 ----D---- C:\Program Files\McAfee
2014-12-27 18:37:16 ----SD---- C:\Windows\SYSWOW64\Microsoft
2014-12-24 15:37:55 ----A---- C:\Windows\SYSWOW64\sho2692.tmp
2014-12-24 15:00:00 ----A---- C:\Windows\SYSWOW64\sho1989.tmp
2014-12-24 13:57:17 ----A---- C:\Windows\eReg.dat
2014-12-24 13:06:10 ----D---- C:\ProgramData\AVAST Software
2014-12-24 09:21:27 ----A---- C:\awhEA0.tmp
2014-12-23 16:02:41 ----A---- C:\awh33DB.tmp
2014-12-22 17:32:58 ----A---- C:\awh2D37.tmp
2014-12-22 09:26:26 ----A---- C:\awhD393.tmp
2014-12-21 12:29:22 ----A---- C:\awh3580.tmp
2014-12-20 19:58:23 ----A---- C:\awhCFDC.tmp
2014-12-20 19:42:18 ----A---- C:\awhFFC1.tmp
2014-12-20 00:03:49 ----A---- C:\awhE906.tmp
2014-12-19 23:07:02 ----A---- C:\awh2A88.tmp
2014-12-19 09:06:40 ----A---- C:\awh98F4.tmp
2014-12-18 18:18:00 ----A---- C:\awh8277.tmp
2014-12-18 13:55:24 ----A---- C:\awhB470.tmp
2014-12-17 17:21:41 ----A---- C:\awh7A6C.tmp
2014-12-17 09:27:43 ----A---- C:\awh4411.tmp
2014-12-16 19:10:22 ----A---- C:\awhBBFE.tmp
2014-12-16 09:51:06 ----A---- C:\awh3F02.tmp
2014-12-15 17:28:34 ----A---- C:\awh250C.tmp
2014-12-15 10:09:20 ----A---- C:\awh7399.tmp
2014-12-14 09:07:49 ----A---- C:\awh89E7.tmp
2014-12-13 20:19:07 ----A---- C:\awh492.tmp
2014-12-12 09:02:31 ----A---- C:\awhA39E.tmp
2014-12-11 15:54:16 ----A---- C:\awh640F.tmp
2014-12-11 15:02:05 ----A---- C:\awhCC62.tmp
2014-12-11 08:59:16 ----A---- C:\awhBBB0.tmp
2014-12-10 15:12:42 ----A---- C:\awh8796.tmp
2014-12-10 11:27:55 ----A---- C:\awh646.tmp
2014-12-10 09:22:17 ----A---- C:\awh77AE.tmp
2014-12-09 10:58:51 ----A---- C:\awh79E.tmp
2014-12-08 15:16:55 ----A---- C:\awhEEF.tmp
2014-12-07 13:17:04 ----A---- C:\awh8738.tmp
2014-12-07 10:00:52 ----A---- C:\awhB598.tmp
2014-12-06 09:35:24 ----A---- C:\awh80D3.tmp
2014-12-05 10:19:05 ----A---- C:\awh7BF2.tmp
2014-12-04 18:21:57 ----A---- C:\awh12B5.tmp
2014-12-04 10:36:28 ----A---- C:\awh5D9.tmp
2014-12-03 19:02:43 ----A---- C:\awh162E.tmp
2014-12-03 09:30:30 ----A---- C:\awh1351.tmp
2014-12-03 06:33:51 ----A---- C:\awh868D.tmp
2014-12-02 17:27:13 ----A---- C:\awhD01A.tmp
2014-12-02 10:34:26 ----A---- C:\awhCA31.tmp
2014-12-01 20:00:10 ----A---- C:\awhF99.tmp
2014-12-01 10:43:44 ----A---- C:\awh1FFE.tmp
2014-11-30 08:53:30 ----A---- C:\awh978D.tmp
2014-11-29 09:47:38 ----A---- C:\awh707D.tmp

======List of files/folders modified in the last 1 month======

2014-12-28 03:28:02 ----D---- C:\Windows\Temp
2014-12-28 03:27:56 ----RD---- C:\Program Files
2014-12-28 03:19:55 ----D---- C:\Windows
2014-12-28 03:13:46 ----D---- C:\Windows\System32
2014-12-28 03:13:46 ----D---- C:\Windows\inf
2014-12-28 03:13:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-27 19:37:06 ----D---- C:\Windows\Minidump
2014-12-27 19:01:09 ----D---- C:\Windows\system32\Tasks
2014-12-27 19:01:09 ----D---- C:\Program Files (x86)\Opera
2014-12-27 18:56:09 ----D---- C:\ProgramData\McAfee
2014-12-27 18:55:12 ----RD---- C:\Program Files (x86)
2014-12-27 18:55:12 ----D---- C:\Program Files\Common Files
2014-12-27 18:55:12 ----D---- C:\Program Files (x86)\McAfee
2014-12-27 18:54:33 ----SHD---- C:\Config.Msi
2014-12-27 18:51:01 ----SHD---- C:\Windows\Installer
2014-12-27 18:50:34 ----D---- C:\Windows\SysWOW64
2014-12-27 18:48:51 ----SHD---- C:\System Volume Information
2014-12-27 18:46:23 ----D---- C:\Windows\system32\drivers
2014-12-27 18:46:23 ----D---- C:\ProgramData\Norton
2014-12-27 18:46:15 ----D---- C:\Windows\Tasks
2014-12-27 18:46:15 ----D---- C:\ProgramData\Symantec
2014-12-27 18:44:01 ----RSD---- C:\Windows\assembly
2014-12-27 18:44:00 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2014-12-27 18:33:03 ----D---- C:\Windows\Logs
2014-12-27 18:25:36 ----D---- C:\Windows\system32\DriverStore
2014-12-27 18:25:36 ----D---- C:\Windows\system32\catroot
2014-12-27 18:19:16 ----RD---- C:\Program Files (x86)\Skype
2014-12-27 18:19:16 ----D---- C:\Program Files (x86)\Common Files
2014-12-27 18:19:09 ----D---- C:\ProgramData\Skype
2014-12-27 18:09:37 ----D---- C:\Users\Toshiba\AppData\Roaming\SoftGrid Client
2014-12-26 09:25:48 ----SHD---- C:\$RECYCLE.BIN
2014-12-25 12:59:58 ----D---- C:\Windows\system32\catroot2
2014-12-24 13:09:24 ----D---- C:\Windows\winsxs
2014-12-24 13:06:10 ----HD---- C:\ProgramData
2014-12-24 13:02:27 ----D---- C:\Program Files\WinZip
2014-12-20 20:31:56 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-19 23:59:32 ----D---- C:\Windows\system32\config
2014-12-19 23:59:17 ----D---- C:\Windows\system32\wfp
2014-12-19 23:59:17 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-19 23:59:13 ----D---- C:\Windows\system32\wbem
2014-12-19 23:59:13 ----D---- C:\Users\Toshiba\AppData\Roaming\vlc
2014-12-19 23:59:13 ----D---- C:\Users\Toshiba\AppData\Roaming\uxNDtSCZ
2014-12-19 23:53:16 ----D---- C:\Program Files (x86)\WinZip
2014-12-19 23:53:10 ----D---- C:\Users\Toshiba\AppData\Roaming\Massive Media
2014-12-19 23:53:08 ----D---- C:\Windows\registration
2014-12-19 23:53:04 ----D---- C:\Windows\SYSWOW64\Macromed
2014-12-19 23:52:41 ----D---- C:\Users\Toshiba\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-05-07 834544]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-17 34472]
R1 nethfdrv;nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [2014-10-01 46160]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-01-14 242048]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 0048941419702984mcinstcleanup;McAfee Application Installer Cleanup (0048941419702984); C:\Users\Toshiba\AppData\Local\Temp\004894~1.EXE [2013-01-30 833616]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20 267440]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]

-----------------EOF-----------------

Re: Sekající se PC

Napsal: 28 pro 2014 05:05
od altrok
Zdravim :bye:

:arrow: Proc nemate doinstalovany Service Pack 1 a Internet Explorer 11? Ucinte tak.

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Clean
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
:arrow: Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm
  • spustte jako spravce
  • do velkeho okna zkopirujte script uvedeny nize
  • kliknete na Run script
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi

    Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Re: Sekající se PC

Napsal: 28 pro 2014 12:51
od Hook_1hp
Dobrý den,
prosím vás mám problém nainstaloval jsme service pack a explorel11. Poté jsme získal log z adwcleaneru ale když jsme spustil zoek.exe tak po 15 minutách se zastavil u "Del by CLSID" a od té doby je přes hodinu bez odezvy. Jak dlouho to může trvat nebo jak bez rizik program ukoncccccccit. Diky

Re: Sekající se PC

Napsal: 28 pro 2014 13:03
od altrok
:arrow: zoek ukoncete, dejte log z AdwCleaneru.

:arrow: Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

:arrow: Budu tu az navecir, tak na to kouknu pak.

Re: Sekající se PC

Napsal: 28 pro 2014 13:18
od Hook_1hp
Zdravím,

vkládám logy. Děkuji

:arrow: # AdwCleaner v4.106 - Report created 28/12/2014 at 11:19:00
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Toshiba - TOSH
# Running from : C:\Users\Toshiba\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : nethfdrv

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\MediaBuzzV1
Folder Deleted : C:\Program Files (x86)\MediaPlayerV1
Folder Deleted : C:\Program Files (x86)\MediaViewerV1
Folder Deleted : C:\Program Files (x86)\MediaViewV1
Folder Deleted : C:\Program Files (x86)\MediaWatchV1
Folder Deleted : C:\Program Files (x86)\RichMediaViewV1
Folder Deleted : C:\Program Files (x86)\TrustMediaViewerV1
Folder Deleted : C:\Users\Toshiba\AppData\Local\genienext
Folder Deleted : C:\Users\Toshiba\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Toshiba\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Toshiba\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Toshiba\Documents\Mobogenie
Folder Deleted : C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\Extensions\DTToolbar@toolbarnet.com
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Users\Toshiba\daemonprocess.txt
File Deleted : C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\bingp.xml
File Deleted : C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_click.dealshark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91397D20-1446-11D4-8AF4-0040CA1127B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaPlayerV1
Key Deleted : HKLM\SOFTWARE\MediaViewerV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\TrustMediaViewerV1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v

[C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

-\\ Chromium v

[C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

-\\ Opera v26.0.1656.60

[C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [4364 octets] - [28/12/2014 11:16:32]
AdwCleaner[S0].txt - [4283 octets] - [28/12/2014 11:19:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4343 octets] ##########

Re: Sekající se PC

Napsal: 28 pro 2014 13:23
od Hook_1hp
Zdravím,
zbylé logy kvůli velikosti přikládám v příloze. Díky

Re: Sekající se PC

Napsal: 28 pro 2014 13:23
od Hook_1hp
Addition:

Re: Sekající se PC

Napsal: 28 pro 2014 15:52
od altrok
:arrow: Odinstalujte Bing Bar a Java(TM) 6 Update 17

:arrow: Nainstalujte antivir... z free doporucuji avast! Free nebo Aviru
  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
CMD: del C:\awh*.tmp
CMD: del "C:\awh*.tmp"
CMD: del C:\Windows\SysWOW64\sho*.tmp
CMD: del "C:\Windows\SysWOW64\sho*.tmp"

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/?clid=6826
http://seznam.cz/
SearchScopes: HKLM -> {1AAB7B4B-B9E1-4437-8981-095EE87E04B6} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {968DBE19-FEC1-42A7-A0B9-6FA02B4C6022} URL = http://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {9F766BC5-0EF9-494B-BC39-E614E026D1EF} URL = http://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox

FF DefaultSearchEngine: Seznam
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Seznam
FF NetworkProxy: "type", 0
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\firmy.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\mapy.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\seznam.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\videa.seznam.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\zbozi.cz-215759.xml
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha5336.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha5336\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1413.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha577.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3874.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home266.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6712.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release7823.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1603.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ff
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha5336\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ff [Not Found]

CHR StartupUrls: Default -> "hxxp://www.seznam.cz/?clid=6826"
CHR DefaultSearchKeyword: Default -> seznam.cz_
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [aminlpmkfcdibgpgfajlgnamicjckkjf] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dljndemlaopjkhneemlebbldodokcoee] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ch\MediaWatchV1home266.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [higmeeehobepgmnoknimjpgalchibalf] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ch\MediaViewerV1alpha1413.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jdkihdhlegcdggknokfekoemkjjnjhgi] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lceaofbmdppmfekebdichndbhofaflja] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ch\MediaViewV1alpha577.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ljohnagncpplgahgbllficojckecamae] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ch\RichMediaViewV1release7823.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [llifkmdcjpncgmnoichignhbljhiaali] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ch\MediaViewV1alpha3874.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nmjbjimlhmdmboeaenpedjlohdhofnph] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ch\MediaBuzzV1mode6712.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [onbgjhgbbkglllgampmbedpfcofgfdcp] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ch\TrustMediaViewerV1alpha1603.crx [Not Found]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

2014-12-28 13:11 - 2014-12-28 13:11 - 00015803 _____ () C:\Users\Toshiba\Desktop\FRST.txt
2014-12-28 11:39 - 2014-12-28 11:39 - 00000021 _____ () C:\folders.log
2014-12-28 11:39 - 2014-12-28 11:39 - 00000000 ____D () C:\zoek
2014-12-28 11:26 - 2014-12-28 11:28 - 00001608 _____ () C:\zoek-results.log
2014-12-28 11:25 - 2014-12-28 11:39 - 00002953 _____ () C:\runcheck.txt
2014-12-28 11:25 - 2014-12-28 11:25 - 00000000 ____D () C:\zoek_backup
2014-12-28 11:24 - 2014-12-28 11:24 - 01295360 _____ () C:\Users\Toshiba\Desktop\zoek.exe
2014-12-28 11:21 - 2014-12-28 11:21 - 00004435 _____ () C:\Users\Toshiba\Desktop\AdwCleaner[S0].txt
2014-12-28 11:16 - 2014-12-28 11:19 - 00000000 ____D () C:\AdwCleaner
2014-12-28 11:14 - 2014-12-28 11:14 - 02173952 _____ () C:\Users\Toshiba\Desktop\adwcleaner_4.106.exe
2014-12-28 03:27 - 2014-12-28 03:28 - 00000000 ____D () C:\rsit
2014-12-28 03:27 - 2014-12-28 03:28 - 00000000 ____D () C:\Program Files\trend micro
2014-12-28 03:26 - 2014-12-28 03:26 - 01222144 _____ () C:\Users\Toshiba\Desktop\RSITx64.exe
2014-12-24 15:37 - 2014-12-24 15:37 - 00000000 _____ () C:\Windows\SysWOW64\sho2692.tmp
2014-12-24 15:00 - 2014-12-24 15:00 - 00000000 _____ () C:\Windows\SysWOW64\sho1989.tmp
2014-12-24 09:21 - 2014-12-24 09:21 - 00000687 _____ () C:\awhEA0.tmp
2014-12-23 16:02 - 2014-12-23 16:02 - 00000687 _____ () C:\awh33DB.tmp
2014-12-22 17:32 - 2014-12-22 17:32 - 00000687 _____ () C:\awh2D37.tmp
2014-12-22 09:26 - 2014-12-22 09:26 - 00000687 _____ () C:\awhD393.tmp
2014-12-21 12:29 - 2014-12-21 12:29 - 00000687 _____ () C:\awh3580.tmp
2014-12-20 19:58 - 2014-12-20 19:58 - 00000687 _____ () C:\awhCFDC.tmp
2014-12-20 19:42 - 2014-12-20 19:42 - 00000687 _____ () C:\awhFFC1.tmp
2014-12-20 00:03 - 2014-12-20 00:03 - 00000687 _____ () C:\awhE906.tmp
2014-12-19 23:07 - 2014-12-19 23:07 - 00000687 _____ () C:\awh2A88.tmp
2014-12-19 09:06 - 2014-12-19 09:06 - 00000687 _____ () C:\awh98F4.tmp
2014-12-18 18:18 - 2014-12-18 18:18 - 00000687 _____ () C:\awh8277.tmp
2014-12-18 13:55 - 2014-12-18 13:55 - 00000687 _____ () C:\awhB470.tmp
2014-12-17 17:21 - 2014-12-17 17:21 - 00000687 _____ () C:\awh7A6C.tmp
2014-12-17 09:27 - 2014-12-17 09:27 - 00000687 _____ () C:\awh4411.tmp
2014-12-16 19:10 - 2014-12-16 19:10 - 00000687 _____ () C:\awhBBFE.tmp
2014-12-16 09:51 - 2014-12-16 09:51 - 00000687 _____ () C:\awh3F02.tmp
2014-12-15 17:28 - 2014-12-15 17:28 - 00000687 _____ () C:\awh250C.tmp
2014-12-15 10:09 - 2014-12-15 10:09 - 00000687 _____ () C:\awh7399.tmp
2014-12-14 09:07 - 2014-12-14 09:07 - 00000687 _____ () C:\awh89E7.tmp
2014-12-13 20:19 - 2014-12-13 20:19 - 00000687 _____ () C:\awh492.tmp
2014-12-12 09:02 - 2014-12-12 09:02 - 00000687 _____ () C:\awhA39E.tmp
2014-12-11 15:54 - 2014-12-11 15:54 - 00000687 _____ () C:\awh640F.tmp
2014-12-11 15:02 - 2014-12-11 15:02 - 00000687 _____ () C:\awhCC62.tmp
2014-12-11 08:59 - 2014-12-11 08:59 - 00000687 _____ () C:\awhBBB0.tmp
2014-12-10 15:12 - 2014-12-10 15:12 - 00000687 _____ () C:\awh8796.tmp
2014-12-10 11:27 - 2014-12-10 11:27 - 00000687 _____ () C:\awh646.tmp
2014-12-10 09:22 - 2014-12-10 09:22 - 00000687 _____ () C:\awh77AE.tmp
2014-12-09 10:58 - 2014-12-09 10:58 - 00000687 _____ () C:\awh79E.tmp
2014-12-08 15:16 - 2014-12-08 15:16 - 00000687 _____ () C:\awhEEF.tmp
2014-12-07 13:17 - 2014-12-07 13:17 - 00000687 _____ () C:\awh8738.tmp
2014-12-07 10:00 - 2014-12-07 10:00 - 00000687 _____ () C:\awhB598.tmp
2014-12-06 09:35 - 2014-12-06 09:35 - 00000687 _____ () C:\awh80D3.tmp
2014-12-05 10:19 - 2014-12-05 10:19 - 00000687 _____ () C:\awh7BF2.tmp
2014-12-04 18:21 - 2014-12-04 18:21 - 00000687 _____ () C:\awh12B5.tmp
2014-12-04 10:36 - 2014-12-04 10:36 - 00000687 _____ () C:\awh5D9.tmp
2014-12-03 19:02 - 2014-12-03 19:02 - 00000687 _____ () C:\awh162E.tmp
2014-12-03 09:30 - 2014-12-03 09:30 - 00000687 _____ () C:\awh1351.tmp
2014-12-03 06:33 - 2014-12-03 06:33 - 00000687 _____ () C:\awh868D.tmp
2014-12-02 17:27 - 2014-12-02 17:27 - 00000687 _____ () C:\awhD01A.tmp
2014-12-02 10:34 - 2014-12-02 10:34 - 00000687 _____ () C:\awhCA31.tmp
2014-12-01 20:00 - 2014-12-01 20:00 - 00000687 _____ () C:\awhF99.tmp
2014-12-01 10:43 - 2014-12-01 10:43 - 00000687 _____ () C:\awh1FFE.tmp
2014-11-30 08:53 - 2014-11-30 08:53 - 00000687 _____ () C:\awh978D.tmp
2014-11-29 09:47 - 2014-11-29 09:47 - 00000687 _____ () C:\awh707D.tmp
2014-11-28 17:29 - 2014-11-28 17:29 - 00000687 _____ () C:\awh51E.tmp

C:\ProgramData\6jvqmrw.dat
C:\ProgramData\8d6j7l.dat
C:\ProgramData\algnblwlw.plz
C:\ProgramData\EmwekkOfwerv.dll
C:\ProgramData\i7e3h.dat
C:\ProgramData\qmwjdoba.dat
C:\ProgramData\wlwlbngla.ctrl
C:\ProgramData\wlwlbngla.pff

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000Core.job => C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000UA.job => C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\MediaPlayerV1
C:\Program Files (x86)\MediaViewerV1
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\MediaWatchV1
C:\Program Files (x86)\MediaBuzzV1
C:\Program Files (x86)\RichMediaViewV1
C:\Program Files (x86)\TrustMediaViewerV1
Hosts:
EmptyTemp:
End

Re: Sekající se PC

Napsal: 29 pro 2014 21:11
od Hook_1hp
Zdravím,
vkládám log. Děkuji

:arrow:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Toshiba at 2014-12-29 21:05:54 Run:1
Running from C:\Users\Toshiba\Desktop
Loaded Profile: Toshiba (Available profiles: Toshiba)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CMD: del C:\awh*.tmp
CMD: del "C:\awh*.tmp"
CMD: del C:\Windows\SysWOW64\sho*.tmp
CMD: del "C:\Windows\SysWOW64\sho*.tmp"

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/?clid=6826
http://seznam.cz/
SearchScopes: HKLM -> {1AAB7B4B-B9E1-4437-8981-095EE87E04B6} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {968DBE19-FEC1-42A7-A0B9-6FA02B4C6022} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {9F766BC5-0EF9-494B-BC39-E614E026D1EF} URL = http://rover.ebay.com/rover/1/710-71511 ... earchTerms}
SearchScopes: HKU\S-1-5-21-808137394-3989240724-1605283320-1000 -> {DB93697C-7DA5-40C4-9992-ADE3C24F63D4} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox

FF DefaultSearchEngine: Seznam
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Seznam
FF NetworkProxy: "type", 0
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\firmy.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\mapy.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\seznam.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\videa.seznam.cz-215759.xml
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\zbozi.cz-215759.xml
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha5336.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha5336\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1413.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha577.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3874.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home266.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6712.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release7823.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1603.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ff
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha5336\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ff [Not Found]

CHR StartupUrls: Default -> "hxxp://www.seznam.cz/?clid=6826"
CHR DefaultSearchKeyword: Default -> seznam.cz_
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?sourceid=quick ... earchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR HKLM-x32\...\Chrome\Extension: [aminlpmkfcdibgpgfajlgnamicjckkjf] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dljndemlaopjkhneemlebbldodokcoee] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ch\MediaWatchV1home266.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [higmeeehobepgmnoknimjpgalchibalf] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ch\MediaViewerV1alpha1413.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jdkihdhlegcdggknokfekoemkjjnjhgi] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lceaofbmdppmfekebdichndbhofaflja] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ch\MediaViewV1alpha577.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ljohnagncpplgahgbllficojckecamae] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ch\RichMediaViewV1release7823.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [llifkmdcjpncgmnoichignhbljhiaali] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ch\MediaViewV1alpha3874.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nmjbjimlhmdmboeaenpedjlohdhofnph] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ch\MediaBuzzV1mode6712.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [onbgjhgbbkglllgampmbedpfcofgfdcp] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ch\TrustMediaViewerV1alpha1603.crx [Not Found]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

2014-12-28 13:11 - 2014-12-28 13:11 - 00015803 _____ () C:\Users\Toshiba\Desktop\FRST.txt
2014-12-28 11:39 - 2014-12-28 11:39 - 00000021 _____ () C:\folders.log
2014-12-28 11:39 - 2014-12-28 11:39 - 00000000 ____D () C:\zoek
2014-12-28 11:26 - 2014-12-28 11:28 - 00001608 _____ () C:\zoek-results.log
2014-12-28 11:25 - 2014-12-28 11:39 - 00002953 _____ () C:\runcheck.txt
2014-12-28 11:25 - 2014-12-28 11:25 - 00000000 ____D () C:\zoek_backup
2014-12-28 11:24 - 2014-12-28 11:24 - 01295360 _____ () C:\Users\Toshiba\Desktop\zoek.exe
2014-12-28 11:21 - 2014-12-28 11:21 - 00004435 _____ () C:\Users\Toshiba\Desktop\AdwCleaner[S0].txt
2014-12-28 11:16 - 2014-12-28 11:19 - 00000000 ____D () C:\AdwCleaner
2014-12-28 11:14 - 2014-12-28 11:14 - 02173952 _____ () C:\Users\Toshiba\Desktop\adwcleaner_4.106.exe
2014-12-28 03:27 - 2014-12-28 03:28 - 00000000 ____D () C:\rsit
2014-12-28 03:27 - 2014-12-28 03:28 - 00000000 ____D () C:\Program Files\trend micro
2014-12-28 03:26 - 2014-12-28 03:26 - 01222144 _____ () C:\Users\Toshiba\Desktop\RSITx64.exe
2014-12-24 15:37 - 2014-12-24 15:37 - 00000000 _____ () C:\Windows\SysWOW64\sho2692.tmp
2014-12-24 15:00 - 2014-12-24 15:00 - 00000000 _____ () C:\Windows\SysWOW64\sho1989.tmp
2014-12-24 09:21 - 2014-12-24 09:21 - 00000687 _____ () C:\awhEA0.tmp
2014-12-23 16:02 - 2014-12-23 16:02 - 00000687 _____ () C:\awh33DB.tmp
2014-12-22 17:32 - 2014-12-22 17:32 - 00000687 _____ () C:\awh2D37.tmp
2014-12-22 09:26 - 2014-12-22 09:26 - 00000687 _____ () C:\awhD393.tmp
2014-12-21 12:29 - 2014-12-21 12:29 - 00000687 _____ () C:\awh3580.tmp
2014-12-20 19:58 - 2014-12-20 19:58 - 00000687 _____ () C:\awhCFDC.tmp
2014-12-20 19:42 - 2014-12-20 19:42 - 00000687 _____ () C:\awhFFC1.tmp
2014-12-20 00:03 - 2014-12-20 00:03 - 00000687 _____ () C:\awhE906.tmp
2014-12-19 23:07 - 2014-12-19 23:07 - 00000687 _____ () C:\awh2A88.tmp
2014-12-19 09:06 - 2014-12-19 09:06 - 00000687 _____ () C:\awh98F4.tmp
2014-12-18 18:18 - 2014-12-18 18:18 - 00000687 _____ () C:\awh8277.tmp
2014-12-18 13:55 - 2014-12-18 13:55 - 00000687 _____ () C:\awhB470.tmp
2014-12-17 17:21 - 2014-12-17 17:21 - 00000687 _____ () C:\awh7A6C.tmp
2014-12-17 09:27 - 2014-12-17 09:27 - 00000687 _____ () C:\awh4411.tmp
2014-12-16 19:10 - 2014-12-16 19:10 - 00000687 _____ () C:\awhBBFE.tmp
2014-12-16 09:51 - 2014-12-16 09:51 - 00000687 _____ () C:\awh3F02.tmp
2014-12-15 17:28 - 2014-12-15 17:28 - 00000687 _____ () C:\awh250C.tmp
2014-12-15 10:09 - 2014-12-15 10:09 - 00000687 _____ () C:\awh7399.tmp
2014-12-14 09:07 - 2014-12-14 09:07 - 00000687 _____ () C:\awh89E7.tmp
2014-12-13 20:19 - 2014-12-13 20:19 - 00000687 _____ () C:\awh492.tmp
2014-12-12 09:02 - 2014-12-12 09:02 - 00000687 _____ () C:\awhA39E.tmp
2014-12-11 15:54 - 2014-12-11 15:54 - 00000687 _____ () C:\awh640F.tmp
2014-12-11 15:02 - 2014-12-11 15:02 - 00000687 _____ () C:\awhCC62.tmp
2014-12-11 08:59 - 2014-12-11 08:59 - 00000687 _____ () C:\awhBBB0.tmp
2014-12-10 15:12 - 2014-12-10 15:12 - 00000687 _____ () C:\awh8796.tmp
2014-12-10 11:27 - 2014-12-10 11:27 - 00000687 _____ () C:\awh646.tmp
2014-12-10 09:22 - 2014-12-10 09:22 - 00000687 _____ () C:\awh77AE.tmp
2014-12-09 10:58 - 2014-12-09 10:58 - 00000687 _____ () C:\awh79E.tmp
2014-12-08 15:16 - 2014-12-08 15:16 - 00000687 _____ () C:\awhEEF.tmp
2014-12-07 13:17 - 2014-12-07 13:17 - 00000687 _____ () C:\awh8738.tmp
2014-12-07 10:00 - 2014-12-07 10:00 - 00000687 _____ () C:\awhB598.tmp
2014-12-06 09:35 - 2014-12-06 09:35 - 00000687 _____ () C:\awh80D3.tmp
2014-12-05 10:19 - 2014-12-05 10:19 - 00000687 _____ () C:\awh7BF2.tmp
2014-12-04 18:21 - 2014-12-04 18:21 - 00000687 _____ () C:\awh12B5.tmp
2014-12-04 10:36 - 2014-12-04 10:36 - 00000687 _____ () C:\awh5D9.tmp
2014-12-03 19:02 - 2014-12-03 19:02 - 00000687 _____ () C:\awh162E.tmp
2014-12-03 09:30 - 2014-12-03 09:30 - 00000687 _____ () C:\awh1351.tmp
2014-12-03 06:33 - 2014-12-03 06:33 - 00000687 _____ () C:\awh868D.tmp
2014-12-02 17:27 - 2014-12-02 17:27 - 00000687 _____ () C:\awhD01A.tmp
2014-12-02 10:34 - 2014-12-02 10:34 - 00000687 _____ () C:\awhCA31.tmp
2014-12-01 20:00 - 2014-12-01 20:00 - 00000687 _____ () C:\awhF99.tmp
2014-12-01 10:43 - 2014-12-01 10:43 - 00000687 _____ () C:\awh1FFE.tmp
2014-11-30 08:53 - 2014-11-30 08:53 - 00000687 _____ () C:\awh978D.tmp
2014-11-29 09:47 - 2014-11-29 09:47 - 00000687 _____ () C:\awh707D.tmp
2014-11-28 17:29 - 2014-11-28 17:29 - 00000687 _____ () C:\awh51E.tmp

C:\ProgramData\6jvqmrw.dat
C:\ProgramData\8d6j7l.dat
C:\ProgramData\algnblwlw.plz
C:\ProgramData\EmwekkOfwerv.dll
C:\ProgramData\i7e3h.dat
C:\ProgramData\qmwjdoba.dat
C:\ProgramData\wlwlbngla.ctrl
C:\ProgramData\wlwlbngla.pff

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000Core.job => C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000UA.job => C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\MediaPlayerV1
C:\Program Files (x86)\MediaViewerV1
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\MediaWatchV1
C:\Program Files (x86)\MediaBuzzV1
C:\Program Files (x86)\RichMediaViewV1
C:\Program Files (x86)\TrustMediaViewerV1
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.

========= del C:\awh*.tmp =========


========= End of CMD: =========


========= del "C:\awh*.tmp" =========

Nelze naj�t C:\awh*.tmp.

========= End of CMD: =========


========= del C:\Windows\SysWOW64\sho*.tmp =========


========= End of CMD: =========


========= del "C:\Windows\SysWOW64\sho*.tmp" =========

Nelze naj�t C:\Windows\SysWOW64\sho*.tmp.

========= End of CMD: =========

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-808137394-3989240724-1605283320-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
http://seznam.cz/ => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1AAB7B4B-B9E1-4437-8981-095EE87E04B6}" => Key deleted successfully.
HKCR\CLSID\{1AAB7B4B-B9E1-4437-8981-095EE87E04B6} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{DB93697C-7DA5-40C4-9992-ADE3C24F63D4}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DB93697C-7DA5-40C4-9992-ADE3C24F63D4} => Key not found.
"HKU\S-1-5-21-808137394-3989240724-1605283320-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{968DBE19-FEC1-42A7-A0B9-6FA02B4C6022}" => Key deleted successfully.
HKCR\CLSID\{968DBE19-FEC1-42A7-A0B9-6FA02B4C6022} => Key not found.
"HKU\S-1-5-21-808137394-3989240724-1605283320-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9F766BC5-0EF9-494B-BC39-E614E026D1EF}" => Key deleted successfully.
HKCR\CLSID\{9F766BC5-0EF9-494B-BC39-E614E026D1EF} => Key not found.
"HKU\S-1-5-21-808137394-3989240724-1605283320-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DB93697C-7DA5-40C4-9992-ADE3C24F63D4}" => Key deleted successfully.
HKCR\CLSID\{DB93697C-7DA5-40C4-9992-ADE3C24F63D4} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.3 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox Proxy settings were reset.
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\firmy.cz-215759.xml => Moved successfully.
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\mapy.cz-215759.xml => Moved successfully.
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\seznam.cz-215759.xml => Moved successfully.
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\videa.seznam.cz-215759.xml => Moved successfully.
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\9nhpqzea.default\searchplugins\zbozi.cz-215759.xml => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaPlayerV1alpha5336.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewerV1alpha1413.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha577.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha3874.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaWatchV1home266.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaBuzzV1mode6712.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@RichMediaViewV1release7823.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@TrustMediaViewerV1alpha1603.net => value deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha5336\ff not found.
C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1413\ff not found.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha577\ff not found.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3874\ff not found.
C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home266\ff not found.
C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6712\ff not found.
C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7823\ff not found.
C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1603\ff not found.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aminlpmkfcdibgpgfajlgnamicjckkjf" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dljndemlaopjkhneemlebbldodokcoee" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\higmeeehobepgmnoknimjpgalchibalf" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lceaofbmdppmfekebdichndbhofaflja" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ljohnagncpplgahgbllficojckecamae" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\llifkmdcjpncgmnoichignhbljhiaali" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nmjbjimlhmdmboeaenpedjlohdhofnph" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\onbgjhgbbkglllgampmbedpfcofgfdcp" => Key deleted successfully.
EagleX64 => Service deleted successfully.
C:\Users\Toshiba\Desktop\FRST.txt => Moved successfully.
C:\folders.log => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\runcheck.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Toshiba\Desktop\zoek.exe => Moved successfully.
C:\Users\Toshiba\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Toshiba\Desktop\adwcleaner_4.106.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Toshiba\Desktop\RSITx64.exe => Moved successfully.
"C:\Windows\SysWOW64\sho2692.tmp" => File/Directory not found.
"C:\Windows\SysWOW64\sho1989.tmp" => File/Directory not found.
"C:\awhEA0.tmp" => File/Directory not found.
"C:\awh33DB.tmp" => File/Directory not found.
"C:\awh2D37.tmp" => File/Directory not found.
"C:\awhD393.tmp" => File/Directory not found.
"C:\awh3580.tmp" => File/Directory not found.
"C:\awhCFDC.tmp" => File/Directory not found.
"C:\awhFFC1.tmp" => File/Directory not found.
"C:\awhE906.tmp" => File/Directory not found.
"C:\awh2A88.tmp" => File/Directory not found.
"C:\awh98F4.tmp" => File/Directory not found.
"C:\awh8277.tmp" => File/Directory not found.
"C:\awhB470.tmp" => File/Directory not found.
"C:\awh7A6C.tmp" => File/Directory not found.
"C:\awh4411.tmp" => File/Directory not found.
"C:\awhBBFE.tmp" => File/Directory not found.
"C:\awh3F02.tmp" => File/Directory not found.
"C:\awh250C.tmp" => File/Directory not found.
"C:\awh7399.tmp" => File/Directory not found.
"C:\awh89E7.tmp" => File/Directory not found.
"C:\awh492.tmp" => File/Directory not found.
"C:\awhA39E.tmp" => File/Directory not found.
"C:\awh640F.tmp" => File/Directory not found.
"C:\awhCC62.tmp" => File/Directory not found.
"C:\awhBBB0.tmp" => File/Directory not found.
"C:\awh8796.tmp" => File/Directory not found.
"C:\awh646.tmp" => File/Directory not found.
"C:\awh77AE.tmp" => File/Directory not found.
"C:\awh79E.tmp" => File/Directory not found.
"C:\awhEEF.tmp" => File/Directory not found.
"C:\awh8738.tmp" => File/Directory not found.
"C:\awhB598.tmp" => File/Directory not found.
"C:\awh80D3.tmp" => File/Directory not found.
"C:\awh7BF2.tmp" => File/Directory not found.
"C:\awh12B5.tmp" => File/Directory not found.
"C:\awh5D9.tmp" => File/Directory not found.
"C:\awh162E.tmp" => File/Directory not found.
"C:\awh1351.tmp" => File/Directory not found.
"C:\awh868D.tmp" => File/Directory not found.
"C:\awhD01A.tmp" => File/Directory not found.
"C:\awhCA31.tmp" => File/Directory not found.
"C:\awhF99.tmp" => File/Directory not found.
"C:\awh1FFE.tmp" => File/Directory not found.
"C:\awh978D.tmp" => File/Directory not found.
"C:\awh707D.tmp" => File/Directory not found.
"C:\awh51E.tmp" => File/Directory not found.
C:\ProgramData\6jvqmrw.dat => Moved successfully.
C:\ProgramData\8d6j7l.dat => Moved successfully.
C:\ProgramData\algnblwlw.plz => Moved successfully.
C:\ProgramData\EmwekkOfwerv.dll => Moved successfully.
C:\ProgramData\i7e3h.dat => Moved successfully.
C:\ProgramData\qmwjdoba.dat => Moved successfully.
C:\ProgramData\wlwlbngla.ctrl => Moved successfully.
C:\ProgramData\wlwlbngla.pff => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-808137394-3989240724-1605283320-1000UA.job => Moved successfully.
"C:\Program Files (x86)\MediaPlayerV1" => File/Directory not found.
"C:\Program Files (x86)\MediaViewerV1" => File/Directory not found.
"C:\Program Files (x86)\MediaViewV1" => File/Directory not found.
"C:\Program Files (x86)\MediaViewV1" => File/Directory not found.
"C:\Program Files (x86)\MediaWatchV1" => File/Directory not found.
"C:\Program Files (x86)\MediaBuzzV1" => File/Directory not found.
"C:\Program Files (x86)\RichMediaViewV1" => File/Directory not found.
"C:\Program Files (x86)\TrustMediaViewerV1" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 306.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:06:14 ====

Re: Sekající se PC

Napsal: 29 pro 2014 22:04
od altrok
:arrow: Ted by mely problemy polevit... jak se pocitac chova.. muzeme zacit zametat? :)

Re: Sekající se PC

Napsal: 30 pro 2014 21:53
od Hook_1hp
Zdravím,
je to mnohem lepší, problémy ustaly. Děkuji mnohokrát

Re: Sekající se PC

Napsal: 31 pro 2014 00:00
od altrok
Nemate zac :)

Takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz