Zdravím,
chtččl bych poprosit o kontrolu.
díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Balda (administrator) on POCITAC (01-04-2016 04:26:59)
Running from C:\Documents and Settings\Balda\Plocha
Loaded Profiles: Balda (Available Profiles: Balda & Mamka)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\WINDOWS\system32\ibmpmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(IBM) C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\WINDOWS\system32\WgaTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\osk.exe
(Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-30] (AVAST Software)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [1163968 2016-01-22] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-01-30] (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{19C20FF1-E5B1-4785-BE9E-6AF508B1949D}: [DhcpNameServer] 93.153.117.1 93.153.117.33
Internet Explorer:
==================
HKU\S-1-5-21-117609710-602162358-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {0C7F4DB8-2978-448E-BEE5-A68394B96130} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {193309BC-24D5-4D28-82B7-482B3935FF62} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {2A1B1BCB-F9C8-4956-9121-9EABB0C9ACD7} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {5C11BCD8-6A61-41DA-8018-6DEF9B8E7612} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {83230ED4-1342-46DE-91B8-7E1F25220D74} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {89E1BBCD-4A0B-4C9E-A47A-E2F43A8B245B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {955B3FF0-63C2-4AF7-B58B-B44B188883C4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {9E3A5207-08EA-400F-B93E-D1415CC5EDE9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> {CD84BB40-A5FE-431F-87D4-B092C638F89C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-30] (AVAST Software)
BHO: CPwmIEBrowserHelper Object -> {F040E541-A427-4CF7-85D8-75E3E0F476C5} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2007-08-03] (Lenovo Group Limited)
Toolbar: HKU\S-1-5-21-117609710-602162358-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2014-02-25] (Společnost Microsoft)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Balda\Data aplikací\Mozilla\Firefox\Profiles\kpuk8qvz.default-1436636355781
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-117609710-602162358-839522115-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Balda\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
FF Plugin HKU\S-1-5-21-117609710-602162358-839522115-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Balda\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2014-05-21] (mozilla.org)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-06-04] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-30]
FF HKU\S-1-5-21-117609710-602162358-839522115-1003\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] - C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension
FF Extension: ThinkVantage Password Manager - C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension [2014-07-25] [not signed]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.cz/webhp?sourceid=chrome-ins ... 2&ie=UTF-8"
CHR Profile: C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-22]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-22]
CHR Extension: (Disk Google) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (TV) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-12-27]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cmnbkaminnbffdjkdlahealilagcdfdi [2015-03-28]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Cut the Rope) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-10-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-22]
CHR Profile: C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11]
CHR Extension: (Google Docs) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-11]
CHR Extension: (YouTube) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-11]
CHR Extension: (Google Search) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-12]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-11]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-12]
CHR Extension: (Gmail) - C:\Documents and Settings\Balda\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-12]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-30]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 acs; C:\WINDOWS\system32\acs.exe [475220 2009-09-24] (Atheros) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-30] (AVAST Software)
R2 IBMPMSVC; C:\WINDOWS\system32\ibmpmsvc.exe [57344 2003-07-03] ()
S2 IPSSVC; C:\WINDOWS\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [966656 2010-10-19] (Intel(R) Corporation) [File not signed]
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2013-07-10] (Lenovo Group Limited) [File not signed]
R2 TSSCoreService; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [722232 2007-08-03] (IBM)
R2 TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1347168 2009-04-03] (Atheros Communications, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2016-01-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2016-01-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2016-01-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2016-01-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812720 2016-03-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-30] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [165104 2016-01-30] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2014-07-24] (The OpenVPN Project)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [58016 2016-01-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2016-01-30] (AVAST Software)
R3 atmeltpm; C:\WINDOWS\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [993576 2010-09-23] (Broadcom Corporation.)
R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions) [File not signed]
R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions) [File not signed]
R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions) [File not signed]
R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions) [File not signed]
R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions) [File not signed]
R0 DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [89472 2006-03-01] (Sonic Solutions) [File not signed]
R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions) [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-07-06] (Symantec Corporation)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [217016 2010-06-02] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [993464 2010-06-02] (Conexant Systems, Inc.)
R3 IBMPMDRV; C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys [11344 2003-07-03] (IBM Corp.)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2014-06-21] (Microsoft Corporation) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [36528 2006-06-06] (Sonic Solutions) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13952 2010-05-19] (Intel Corporation) [File not signed]
R1 Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [14848 2006-10-02] (Microsoft Corporation) [File not signed]
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2016-04-01] ()
R1 TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [9343 2006-10-02] () [File not signed]
R3 tifm21; C:\WINDOWS\System32\drivers\tifm21.sys [290816 2000-01-01] (Texas Instruments) [File not signed]
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [57408 2008-02-08] (Atheros Communications, Inc.) [File not signed]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-01 04:26 - 2016-04-01 04:27 - 00018561 _____ C:\Documents and Settings\Balda\Plocha\FRST.txt
2016-04-01 04:26 - 2016-04-01 04:26 - 01725440 _____ (Farbar) C:\Documents and Settings\Balda\Plocha\FRST.exe
2016-04-01 02:52 - 2016-04-01 03:35 - 00000000 ____D C:\Documents and Settings\Balda\Plocha\vše z plochy
2016-04-01 02:29 - 2016-04-01 02:29 - 00000000 ____D C:\Documents and Settings\Balda\Data aplikací\Malwarebytes
2016-04-01 01:32 - 2016-04-01 01:32 - 00013464 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2016-04-01 01:32 - 2016-04-01 01:32 - 00000000 ____D C:\Documents and Settings\Balda\Local Settings\Data aplikací\SlimWare Utilities Inc
2016-03-31 19:57 - 2016-03-31 20:39 - 00000000 ____D C:\Program Files\AdwCleaner
2016-03-31 19:55 - 2016-03-31 20:05 - 00000000 ____D C:\Documents and Settings\Balda\Plocha\Nová složka
2016-03-26 14:13 - 2016-03-26 14:14 - 04172632 _____ C:\Documents and Settings\Mamka\Dokumenty\ucebniPomuckaZPV.pdf
2016-03-12 20:25 - 2016-03-26 09:51 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Seznam.cz
2016-03-12 20:25 - 2016-03-12 20:25 - 00001908 _____ C:\Documents and Settings\Mamka\Plocha\Seznam.cz.lnk
2016-03-12 20:25 - 2016-03-12 20:25 - 00001908 _____ C:\Documents and Settings\Mamka\Nabídka Start\Seznam.cz.lnk
2016-03-12 20:24 - 2016-03-23 09:08 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Seznam Browser
2016-03-12 20:23 - 2016-03-12 20:24 - 43828520 _____ C:\Documents and Settings\Mamka\Dokumenty\Seznam.cz.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-01 04:27 - 2014-04-11 06:45 - 00000000 ____D C:\Documents and Settings\Balda\Local Settings\Temp
2016-04-01 04:26 - 2015-07-11 17:57 - 00000000 ____D C:\FRST
2016-04-01 04:26 - 2014-04-11 06:45 - 00000000 ____D C:\Documents and Settings\Balda\Plocha
2016-04-01 04:17 - 2014-04-12 12:08 - 00001819 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2016-04-01 04:16 - 2014-06-21 16:12 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-04-01 04:11 - 2015-01-11 13:35 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-04-01 04:11 - 2001-10-25 16:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-04-01 04:10 - 2015-07-11 19:10 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2016-04-01 04:10 - 2014-04-11 08:14 - 00000000 ____D C:\WINDOWS\system32\ias
2016-04-01 04:10 - 2014-04-11 06:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-01 04:09 - 2014-06-21 16:59 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2016-04-01 04:09 - 2014-04-11 06:45 - 00000178 ___SH C:\Documents and Settings\Balda\ntuser.ini
2016-04-01 04:09 - 2014-04-11 06:42 - 00032486 _____ C:\WINDOWS\SchedLgU.Txt
2016-04-01 04:08 - 2014-04-11 08:20 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-04-01 04:08 - 2014-04-11 08:20 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-04-01 02:44 - 2014-06-21 17:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-01 02:29 - 2015-07-06 10:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-04-01 02:29 - 2014-04-11 06:45 - 00000000 __RHD C:\Documents and Settings\Balda\Data aplikací
2016-04-01 01:58 - 2015-07-11 17:02 - 00000000 ____D C:\Documents and Settings\Balda\Plocha\cst
2016-04-01 01:57 - 2014-05-15 22:40 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-01 01:57 - 2014-04-27 09:19 - 00000000 ____D C:\Program Files\Rigips
2016-04-01 01:57 - 2014-04-27 09:19 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Rigips
2016-04-01 01:55 - 2015-07-11 18:13 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2016-04-01 01:47 - 2014-04-11 06:45 - 00000000 ___RD C:\Documents and Settings\Balda\Dokumenty
2016-04-01 01:36 - 2016-01-22 11:29 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-01 01:36 - 2014-04-11 06:45 - 00000000 ____D C:\Documents and Settings\Balda
2016-04-01 01:32 - 2014-04-11 06:45 - 00000000 ___HD C:\Documents and Settings\Balda\Local Settings\Data aplikací
2016-04-01 01:31 - 2014-04-20 09:33 - 00000000 ____D C:\Program Files\Opera
2016-03-31 20:39 - 2015-01-04 18:58 - 00000000 ___RD C:\Documents and Settings\Mamka\Dokumenty
2016-03-27 11:03 - 2014-05-09 22:37 - 00720384 ___SH C:\Documents and Settings\Balda\Plocha\Thumbs.db
2016-03-27 10:38 - 2014-04-11 08:21 - 01020296 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-27 10:38 - 2001-10-25 16:00 - 00429256 _____ C:\WINDOWS\system32\perfh005.dat
2016-03-27 10:38 - 2001-10-25 16:00 - 00078228 _____ C:\WINDOWS\system32\perfc005.dat
2016-03-26 21:44 - 2014-04-20 09:11 - 00000000 ____D C:\Documents and Settings\Balda\Data aplikací\vlc
2016-03-26 19:37 - 2014-05-27 20:03 - 00034816 _____ C:\Documents and Settings\Balda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-26 14:45 - 2015-01-04 18:58 - 00000178 ___SH C:\Documents and Settings\Mamka\ntuser.ini
2016-03-26 14:44 - 2016-01-31 13:55 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\uTorrent
2016-03-26 14:44 - 2015-01-04 18:58 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Temp
2016-03-26 14:16 - 2015-03-01 22:24 - 00049664 ___SH C:\Documents and Settings\Mamka\Dokumenty\Thumbs.db
2016-03-26 10:14 - 2015-12-20 19:42 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Spotify
2016-03-26 09:58 - 2015-01-04 18:58 - 00000000 ___HD C:\Documents and Settings\Mamka\Local Settings\Data aplikací
2016-03-26 09:53 - 2015-12-20 19:44 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Spotify
2016-03-26 09:50 - 2016-01-18 17:03 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Seznam.cz
2016-03-25 10:36 - 2014-04-11 08:20 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-03-20 11:15 - 2016-02-01 15:30 - 00001813 _____ C:\Documents and Settings\Default User\Plocha\Google Chrome.lnk
2016-03-14 21:17 - 2015-02-09 16:55 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Skype
2016-03-13 19:58 - 2015-01-04 18:58 - 00000000 ____D C:\Documents and Settings\Mamka\Plocha
2016-03-13 14:25 - 2015-01-04 18:58 - 00000000 ____D C:\Documents and Settings\Mamka
2016-03-12 20:25 - 2015-01-04 18:58 - 00000000 ___RD C:\Documents and Settings\Mamka\Nabídka Start
2016-03-12 20:24 - 2015-01-04 18:58 - 00000000 __RHD C:\Documents and Settings\Mamka\Data aplikací
2016-03-02 19:40 - 2014-06-21 16:11 - 00812720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
==================== Files in the root of some directories =======
2014-05-27 20:03 - 2016-03-26 19:37 - 0034816 _____ () C:\Documents and Settings\Balda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-11 17:55 - 2015-07-11 17:55 - 0029696 _____ () C:\Documents and Settings\Balda\Local Settings\Data aplikací\MSGBOX.EXE
Some files in TEMP:
====================
C:\Documents and Settings\Mamka\Local Settings\Temp\BingBarSetup-Partner.exe
C:\Documents and Settings\Mamka\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Mamka\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mamka\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\Mamka\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Proosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Proosím o kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?