VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola PC po cca 2 letech

https://forum.viry.cz:443/viewtopic.php?t=146681

Stránka 1 z 1

Kontrola PC po cca 2 letech

Napsal: 31 říj 2015 13:10
od RomanL2
Dobrý den, prosím o kontrolu logu, v PC se určitě nějaké viry nebo adware naachází, i když nabíhá a internet jede. Projel jsem to jenom tak zkušebně tím AVG, co je tady a našlo to 16 různých potvor, tak myslím, že to bude chtít hloubkovou kontrolu.
Zde log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-10-2015
Ran by Veronika (administrator) on VERONIKA-PC (31-10-2015 13:03:46)
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Ralink Technology, Corp.) C:\Program Files\RALINK\Common\RaUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\loggingserver.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2569616 2015-10-31] ()
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-12-06] (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: C:\WINDOWS\system32\WgaLogon.dll [2009-03-25] ()
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk [2013-09-22]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.133.0.37 10.133.37.37
Tcpip\..\Interfaces\{CB88B4A6-721F-4311-8BC5-6E19111FD3FB}: [DhcpNameServer] 10.133.0.37 10.133.37.37

Internet Explorer:
==================
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=112555&tt=290312_bexdll&babsrc=HP_ss&mntrId=7c469046000000000000000272c2a7d0
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://isearch.avg.com/tab?cid={3711D1E1-F767-4BD8-8B38-268B0D6D896D}&mid=771f6da2108e47d6b4edd14b34264e23-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=&cmpid=&pr=fr&d=2012-08-05 23:07:22&v=17.3.0.49&pid=avg&sg=0&sap=nt" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=106&systemid=430&sr=0&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=106&systemid=430&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> DefaultScope {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll [2015-10-31] (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.9.0.230\AVG Secure Search_toolbar.dll [2015-10-31] (AVG Secure Search)
Toolbar: HKLM - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274962586484
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.9.0\ViProtocol.dll [2015-10-31] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546
FF Homepage: hxxps://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-31] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.9.0\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1960408961-1957994488-725345543-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF user.js: detected! => C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\user.js [2014-05-08]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-10-31]
FF Extension: Site Finder - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\sitefinder@sitefinder.com [2014-03-07] [not signed]
FF Extension: Mozilla Firefox Hotfixer - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\veggy@veggyAddon.com [2015-10-31] [not signed]
FF Extension: Ultimate Finder - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-05] [not signed]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-04-07] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-27] [not signed]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\18.9.0.230
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\18.9.0.230 [2015-10-31] [not signed]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-02-20]

Chrome:
=======
CHR StartupUrls: Default -> "file:///C:/Documents%20and%20Settings/Veronika/Plocha/ASROCK-K8A780LM--AMD-Sempron-2600-1gb-Ram.php.htm","hxxp://www.google.cz/services/hp/#utm_source=c ... google.cz/"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?p2=%5EB2Z%5EYYYY ... earchTerms}
CHR DefaultSearchKeyword: Default -> ask search
CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20]
CHR Extension: (Gmail) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-11]
CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Documents and Settings\Veronika\Local Settings\Temp\swlfiles\smileyswelovetoolbar.crx <not found>
CHR HKLM\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files\WebCake\WebCakeLayers.crx <not found>
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-07-26] ()
S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-12-05] (Oracle Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 vToolbarUpdater18.9.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe [1862032 2015-10-31] (AVG Secure Search)
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2010-05-28] (Meetinghouse Data Communications) [File not signed]
R0 ahcix86; C:\WINDOWS\System32\drivers\ahcix86.sys [189968 2009-04-08] (Advanced Micro Devices, Inc)
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) [File not signed]
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S3 ATIXBAR; C:\WINDOWS\System32\DRIVERS\atinxbxx.sys [31744 2008-04-13] (ATI Technologies Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [198936 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cpuz133; C:\WINDOWS\system32\drivers\cpuz133_x32.sys [20968 2010-03-30] (Windows (R) Win 7 DDK provider)
R3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-08] (Disc Soft Ltd)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41752 2007-10-12] (Logitech Inc.)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [490776 2007-10-12] (Logitech Inc.)
S3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [507264 2007-03-12] (Ralink Technology, Corp.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-03-07] (Duplex Secure Ltd.)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-24] (VIA Technologies, Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 cpuz130; \??\C:\DOCUME~1\Veronika\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
U3 a3s919h7; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-31 13:03 - 2015-10-31 13:04 - 00023003 _____ C:\Documents and Settings\Veronika\Plocha\FRST.txt
2015-10-31 13:03 - 2015-10-31 13:03 - 00000000 ____D C:\FRST
2015-10-31 13:01 - 2015-10-31 13:01 - 01701888 _____ (Farbar) C:\Documents and Settings\Veronika\Plocha\FRST.exe
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gameenum.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\ctljystk.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-31 13:04 - 2012-11-05 16:35 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-31 13:04 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Temp
2015-10-31 13:03 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Plocha
2015-10-31 12:56 - 2010-05-27 11:03 - 01831678 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-31 12:55 - 2010-05-27 12:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-10-31 12:55 - 2010-05-27 12:58 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-10-31 12:54 - 2014-03-10 12:56 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-31 12:54 - 2012-11-05 16:35 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-31 12:54 - 2010-05-27 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-31 12:52 - 2010-05-27 11:12 - 00000178 ___SH C:\Documents and Settings\Veronika\ntuser.ini
2015-10-31 12:52 - 2010-05-27 11:11 - 00032618 _____ C:\WINDOWS\SchedLgU.Txt
2015-10-31 12:46 - 2013-11-02 14:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-31 11:47 - 2012-06-15 15:54 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-31 11:47 - 2011-08-22 19:27 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-31 11:34 - 2013-08-11 11:42 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\Movdap
2015-10-31 11:34 - 2013-07-21 14:51 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\WebCake
2015-10-31 11:33 - 2013-03-17 22:55 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\HoolappForAndroid
2015-10-31 11:27 - 2014-09-15 15:36 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG2015
2015-10-31 11:25 - 2012-11-05 16:36 - 00001813 _____ C:\Documents and Settings\Veronika\Plocha\Google Chrome.lnk
2015-10-31 11:23 - 2010-05-27 11:12 - 00000000 __RHD C:\Documents and Settings\Veronika\Data aplikací
2015-10-31 11:22 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika
2015-10-31 11:19 - 2012-12-17 23:14 - 00001004 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
2015-10-31 11:17 - 2014-12-19 14:31 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Data aplikací\SoftonicAssistant
2015-10-31 11:14 - 2010-05-27 12:54 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-10-31 11:13 - 2010-05-28 14:33 - 00000000 ___RD C:\Program Files\Skype
2015-10-31 11:12 - 2010-05-27 11:12 - 00000000 ___RD C:\Documents and Settings\Veronika\Nabídka Start\Programy
2015-10-31 11:12 - 2010-05-27 11:12 - 00000000 ___HD C:\Documents and Settings\Veronika\Local Settings\Data aplikací
2015-10-31 11:09 - 2011-01-12 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-10-31 11:09 - 2010-05-27 12:54 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-10-31 11:07 - 2014-12-18 15:32 - 00001092 _____ C:\Documents and Settings\Veronika\Plocha\Live PC Help.lnk
2015-10-31 11:07 - 2014-12-12 22:12 - 00000000 ____D C:\Documents and Settings\Veronika\Data aplikací\systweak
2015-10-31 11:07 - 2010-05-27 12:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-10-31 11:01 - 2014-03-10 12:56 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-31 11:01 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-31 10:59 - 2012-08-05 22:07 - 00000000 ____D C:\Program Files\AVG Secure Search
2015-10-31 10:59 - 2011-11-30 18:34 - 00000000 ____D C:\WINDOWS\system32\cache
2015-10-31 10:59 - 2011-10-25 14:48 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search

==================== Files in the root of some directories =======

2013-06-27 10:27 - 2014-07-16 15:11 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2010-05-28 14:10 - 2010-05-28 14:10 - 0000760 _____ () C:\Documents and Settings\Veronika\Data aplikací\setup_ldm.iss
2010-05-30 15:32 - 2015-01-03 11:43 - 0052736 _____ () C:\Documents and Settings\Veronika\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Documents and Settings\Veronika\Local Settings\Temp\CleanSchedule.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Re: Kontrola PC po cca 2 letech

Napsal: 31 říj 2015 16:59
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Kontrola PC po cca 2 letech

Napsal: 01 lis 2015 09:46
od RomanL2
Provedeno, zde log z AdwCleaneru:

# AdwCleaner v5.015 - Logfile created 01/11/2015 at 09:36:33
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Veronika - VERONIKA-PC
# Running from : C:\Documents and Settings\Veronika\Plocha\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : AVG Security Toolbar Service
[-] Service Deleted : vToolbarUpdater18.9.0

***** [ Folders ] *****

[-] Folder Deleted : C:\DOCUME~1\Veronika\LOCALS~1\Temp\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\DriverCure
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\HoolappforAndroid
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Movdap
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\OpenCandy
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\ParetoLogic
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\searchquband
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\SimilarSites
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Systweak
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\WebCake
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\YourFileDownloader
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\sitefinder@sitefinder.com
[-] Folder Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\veggy@veggyAddon.com
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Conduit
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\VNT
[-] Folder Deleted : C:\Documents and Settings\Veronika\Local Settings\Data aplikací\SoftonicAssistant
[-] Folder Deleted : C:\Documents and Settings\Veronika\Nabídka Start\Programy\MyPC Backup
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\MyPC Backup
[-] Folder Deleted : C:\Program Files\ParetoLogic
[-] Folder Deleted : C:\Program Files\SimilarSites
[-] Folder Deleted : C:\Program Files\AVG\AVG10\Toolbar
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

***** [ Files ] *****

[-] File Deleted : C:\user.js
[-] File Deleted : C:\Documents and Settings\All Users\Plocha\Get The Best Facebook Chat Messenger.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\user.js
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\Live PC Help.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\MyPC Backup.lnk
[-] File Deleted : C:\Documents and Settings\Veronika\Plocha\Sync Folder.lnk
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\WINDOWS\system32\roboot.exe

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\FilesFrog Update Checker
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DataMngr
[-] Key Deleted : HKCU\Software\InstallCore
[-] Key Deleted : HKCU\Software\Microsoft\Babylon
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\SmileysWeLove
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : HKLM\SOFTWARE\AdGazelle
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Data Restored : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.search.ask.com/web?p2=%5EB2Z%5EYYYY ... earchTerms}
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaajepeddfdaihpmdgnickofffkdlpb
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fjoijdanhaiflhibkljeklcghcmmfffh
[-] [C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [19668 bytes] ##########

Re: Kontrola PC po cca 2 letech

Napsal: 01 lis 2015 11:12
od Rudy
Dejte nový log FRST.

Re: Kontrola PC po cca 2 letech

Napsal: 01 lis 2015 15:46
od RomanL2
Zde nový log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-10-2015
Ran by Veronika (administrator) on VERONIKA-PC (01-11-2015 15:39:59)
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Ralink Technology, Corp.) C:\Program Files\RALINK\Common\RaUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
() C:\Program Files\AVG\AVG2015\avgmfapx.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-12-06] (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: C:\WINDOWS\system32\WgaLogon.dll [2009-03-25] ()
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk [2013-09-22]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.133.0.37 10.133.37.37
Tcpip\..\Interfaces\{CB88B4A6-721F-4311-8BC5-6E19111FD3FB}: [DhcpNameServer] 10.133.0.37 10.133.37.37

Internet Explorer:
==================
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> DefaultScope {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {E9D0A5B1-27D9-42C6-8FCF-3AD14DF9C496} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-05] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274962586484
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546
FF Homepage: hxxps://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-31] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-31] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1960408961-1957994488-725345543-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Extension: Ultimate Finder - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-05] [not signed]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-04-07] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-27] [not signed]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-02-20]

Chrome:
=======
CHR StartupUrls: Default -> "file:///C:/Documents%20and%20Settings/Veronika/Plocha/ASROCK-K8A780LM--AMD-Sempron-2600-1gb-Ram.php.htm","hxxp://www.google.cz/services/hp/#utm_source=c ... google.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Veronika\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-12-05] (Oracle Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2010-05-28] (Meetinghouse Data Communications) [File not signed]
R0 ahcix86; C:\WINDOWS\System32\drivers\ahcix86.sys [189968 2009-04-08] (Advanced Micro Devices, Inc)
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) [File not signed]
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S3 ATIXBAR; C:\WINDOWS\System32\DRIVERS\atinxbxx.sys [31744 2008-04-13] (ATI Technologies Inc.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [198936 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cpuz133; C:\WINDOWS\system32\drivers\cpuz133_x32.sys [20968 2010-03-30] (Windows (R) Win 7 DDK provider)
R3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-08] (Disc Soft Ltd)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41752 2007-10-12] (Logitech Inc.)
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [490776 2007-10-12] (Logitech Inc.)
S3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [507264 2007-03-12] (Ralink Technology, Corp.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-03-07] (Duplex Secure Ltd.)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-24] (VIA Technologies, Inc.) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 cpuz130; \??\C:\DOCUME~1\Veronika\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 09:34 - 2015-11-01 09:36 - 00000000 ____D C:\AdwCleaner
2015-11-01 09:32 - 2015-11-01 09:32 - 01694208 _____ C:\Documents and Settings\Veronika\Plocha\adwcleaner_5.015.exe
2015-10-31 13:04 - 2015-10-31 13:04 - 00030386 _____ C:\Documents and Settings\Veronika\Plocha\Addition.txt
2015-10-31 13:03 - 2015-11-01 15:40 - 00018169 _____ C:\Documents and Settings\Veronika\Plocha\FRST.txt
2015-10-31 13:03 - 2015-11-01 15:40 - 00000000 ____D C:\FRST
2015-10-31 13:01 - 2015-10-31 13:01 - 01701888 _____ (Farbar) C:\Documents and Settings\Veronika\Plocha\FRST.exe
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2015-10-31 10:58 - 2008-04-14 00:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gameenum.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2015-10-31 10:58 - 2001-08-17 20:19 - 00003712 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\ctljystk.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 15:40 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Temp
2015-11-01 15:39 - 2011-01-12 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-11-01 15:34 - 2010-05-27 11:03 - 01842142 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-01 15:33 - 2014-03-10 12:56 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-11-01 15:33 - 2012-11-05 16:35 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-01 15:33 - 2010-05-27 12:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-11-01 15:33 - 2010-05-27 12:58 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-11-01 15:33 - 2010-05-27 11:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 10:04 - 2012-11-05 16:35 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 10:04 - 2010-05-27 11:12 - 00000178 ___SH C:\Documents and Settings\Veronika\ntuser.ini
2015-11-01 10:04 - 2010-05-27 11:11 - 00032618 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-01 09:46 - 2013-11-02 14:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-01 09:37 - 2010-05-27 12:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-11-01 09:37 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika\Plocha
2015-11-01 09:36 - 2010-05-27 12:54 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-11-01 09:36 - 2010-05-27 12:54 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-11-01 09:36 - 2010-05-27 11:12 - 00000000 __RHD C:\Documents and Settings\Veronika\Data aplikací
2015-11-01 09:36 - 2010-05-27 11:12 - 00000000 ___HD C:\Documents and Settings\Veronika\Local Settings\Data aplikací
2015-11-01 09:31 - 2014-05-08 13:08 - 00000000 ____D C:\Documents and Settings\Veronika\Local Settings\Data aplikací\AVG
2015-10-31 14:19 - 2012-12-17 23:14 - 00001004 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
2015-10-31 11:47 - 2012-06-15 15:54 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-31 11:47 - 2011-08-22 19:27 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-31 11:27 - 2014-09-15 15:36 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG2015
2015-10-31 11:25 - 2012-11-05 16:36 - 00001813 _____ C:\Documents and Settings\Veronika\Plocha\Google Chrome.lnk
2015-10-31 11:22 - 2010-05-27 11:12 - 00000000 ____D C:\Documents and Settings\Veronika
2015-10-31 11:13 - 2010-05-28 14:33 - 00000000 ___RD C:\Program Files\Skype
2015-10-31 11:12 - 2010-05-27 11:12 - 00000000 ___RD C:\Documents and Settings\Veronika\Nabídka Start\Programy
2015-10-31 11:01 - 2014-03-10 12:56 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-31 11:01 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-31 10:59 - 2011-11-30 18:34 - 00000000 ____D C:\WINDOWS\system32\cache

==================== Files in the root of some directories =======

2013-06-27 10:27 - 2014-07-16 15:11 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2010-05-28 14:10 - 2010-05-28 14:10 - 0000760 _____ () C:\Documents and Settings\Veronika\Data aplikací\setup_ldm.iss
2010-05-30 15:32 - 2015-01-03 11:43 - 0052736 _____ () C:\Documents and Settings\Veronika\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Documents and Settings\Veronika\Local Settings\Temp\CleanSchedule.exe
C:\Documents and Settings\Veronika\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Re: Kontrola PC po cca 2 letech

Napsal: 01 lis 2015 18:02
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikacĂ­\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
C:\Documents and Settings\Veronika\Local Settings\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Kontrola PC po cca 2 letech

Napsal: 04 lis 2015 20:16
od RomanL2
Omlouvám se za prodlevu, dřív jsem se k tomu v týdnu nedostal. Zde Fixlist.txt:

Fix result of Farbar Recovery Scan Tool (x86) Version:31-10-2015
Ran by Veronika (2015-11-04 20:12:25) Run:1
Running from C:\Documents and Settings\Veronika\Plocha
Loaded Profiles: Veronika (Available Profiles: Veronika)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {1165b4c6-6bf8-11df-964e-000e2eecf6ce} - F:\setupSNK.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {44f99b53-2fcc-11e4-ab99-000e2eecf6ce} - F:\Startme.exe
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\...\MountPoints2: {9e9fa8c0-d14f-11e0-9d8b-806d6172696f} - E:\setup.exe
URLSearchHook: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [not found]
FF Extension: No Name - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com [not found]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
U3 atwboezx; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job
C:\Documents and Settings\Veronika\Local Settings\Temp
End
*****************

"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1165b4c6-6bf8-11df-964e-000e2eecf6ce}" => key removed successfully.
HKCR\CLSID\{1165b4c6-6bf8-11df-964e-000e2eecf6ce} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44f99b53-2fcc-11e4-ab99-000e2eecf6ce}" => key removed successfully.
HKCR\CLSID\{44f99b53-2fcc-11e4-ab99-000e2eecf6ce} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e9fa8c0-d14f-11e0-9d8b-806d6172696f}" => key removed successfully.
HKCR\CLSID\{9e9fa8c0-d14f-11e0-9d8b-806d6172696f} => key not found.
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKU\S-1-5-21-1960408961-1957994488-725345543-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} => value not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1960408961-1957994488-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430}" => key removed successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2430} => key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => key removed successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found.
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\sitefinder@sitefinder.com => not found.
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} => moved successfully
C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\rplsg6ge.default-1379159230546\extensions\veggy@veggyAddon.com => not found.
IntelIde => service removed successfully.
WS2IFSL => service removed successfully.
atwboezx => service not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1957994488-725345543-1003UA.job => moved successfully
C:\Documents and Settings\Veronika\Local Settings\Temp => moved successfully

==== End of Fixlog 20:12:27 ====

Re: Kontrola PC po cca 2 letech

Napsal: 04 lis 2015 21:08
od Rudy
Smazáno. Mělo by to být OK.

Re: Kontrola PC po cca 2 letech

Napsal: 04 lis 2015 21:46
od RomanL2
Vypadá to dobře, jenom se ještě jaksi sekal Google Chrome, tak jsem ho cvičně přeinstaloval, a už taky vypadá naprosto v pohodě. Tak jestli je to všechno, tak děkuji za pomoc (lépe řečeno kolega, to je jeho počítač) a nashledanou. :)

Re: Kontrola PC po cca 2 letech

Napsal: 04 lis 2015 22:05
od Rudy
Mělo by to být vše. Nemáte zač a mějte se! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz