Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Asi zavirovaný počítač, prosím jestli by šlo zkontrolovat

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Vipo
Návštěvník
Návštěvník
Příspěvky: 37
Registrován: 23 říj 2014 17:10

Asi zavirovaný počítač, prosím jestli by šlo zkontrolovat

#1 Příspěvek od Vipo »

Dobrý den,

už jsem tu byla a pomohli ste mi, tak jsem zde znova. Při startu je počítač strašně pomalý. A i když na něm zrovna nic nedělám a nemám nic zaplé, tak to vypadá že neustále pracuje (vím, že je to nejspíš normální) ale někdy to vypadá jako by chtěl spáchat harakiri :) . A ještě u exploreru se mi u některých stránek objevuje že přestal pracovat script (nejde pak na nic kliknout).
Předem díky moc za pomoc.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-10-2014 01
Ran by Veru (administrator) on VERU-PC on 29-10-2014 19:14:14
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Platform: Microsoft® Windows Vista™ Business Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
() C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(Cognizance Corporation) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Cyberlink Corp.) C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\AsScrPro.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynAsus.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avanquest Software) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_189_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RemoteControl] => C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [87336 2008-04-03] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [P2Go_Menu] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-14] (CyberLink Corp.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6183456 2008-06-13] (Realtek Semiconductor)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2008-02-01] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2008-09-10] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2008-09-10] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-16] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-24] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-09-01] (Sony)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {91b28561-f4aa-11e3-b174-0023541079fa} - F:\Installer.exe
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {924c49b3-13c4-11e4-835b-0023541079fa} - I:\Startme.exe
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [56832 2006-07-13] (Cognizance Corporation)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: ASUS Security Protect Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: GoPhotoIt - C:\Users\Veru\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2013-08-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-24]

Chrome:
=======
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}
CHR Profile: C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-13]
CHR Extension: (Disk Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-13]
CHR Extension: (YouTube) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-13]
CHR Extension: (Avast Online Security) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-23]
CHR Extension: (Peněženka Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (GoPhoto.it) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2013-12-14]
CHR Extension: (Gmail) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-24]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx [2013-08-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASBroker; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-09] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-24] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-09-05] (Symantec Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S2 NOD32FiXTemDono; C:\Windows\system32\regedt32.exe /s C:\Windows\nod32fixtemdono.reg

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-10-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-10-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422760 2014-10-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-10-24] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-17] (AuthenTec, Inc.)
R3 DCamUSBET; C:\Windows\System32\DRIVERS\etDevice.sys [474624 2007-09-06] (eMPIA Technology, Inc.)
R3 FiltUSBET; C:\Windows\System32\DRIVERS\etFilter.sys [206336 2007-10-15] (eMPIA Technology Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [192056 2008-01-21] (Společnost Microsoft)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20131106.001\IDSvix86.sys [286328 2013-10-30] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-19] (ITE Tech. Inc. )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1081912 2008-01-21] (Společnost Microsoft)
R3 ScanUSBET; C:\Windows\System32\DRIVERS\etScan.sys [6656 2007-09-06] (eMPIA Technology, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2014-06-15] () [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 19:14 - 2014-10-29 19:14 - 00016797 _____ () C:\Users\Veru\Desktop\FRST.txt
2014-10-29 19:13 - 2014-10-29 19:13 - 00000000 ____D () C:\Users\Veru\Desktop\FRST-OlderVersion
2014-10-29 18:52 - 2014-10-29 18:53 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD
2014-10-27 22:04 - 2014-10-27 23:32 - 00001416 _____ () C:\Windows\setupact.log
2014-10-27 22:04 - 2014-10-27 22:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-25 11:27 - 2014-10-25 11:27 - 00001062 _____ () C:\Windows\PFRO.log
2014-10-24 20:45 - 2014-10-24 20:45 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\AVAST Software
2014-10-24 20:44 - 2014-10-24 20:44 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00422760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-24 20:44 - 2014-10-24 20:44 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-24 20:44 - 2014-10-24 20:44 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00001878 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-24 20:44 - 2014-10-24 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-24 20:40 - 2014-10-24 20:40 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-23 20:55 - 2014-10-23 20:54 - 00050818 _____ () C:\Users\Veru\Desktop\arrow-s03e03-hdtv-x264-lol.srt
2014-10-23 18:52 - 2014-10-23 19:12 - 00000000 ____D () C:\Windows\pss
2014-10-23 17:52 - 2014-10-24 20:40 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-23 17:25 - 2014-10-29 19:14 - 00000000 ____D () C:\FRST
2014-10-23 17:24 - 2014-10-29 19:13 - 01104896 _____ (Farbar) C:\Users\Veru\Desktop\FRST.exe
2014-10-23 15:26 - 2014-10-23 15:26 - 289789458 _____ () C:\Users\Veru\Desktop\arrow-s03e03-hdtv-x264-lol.mp4
2014-10-21 12:45 - 2014-10-21 13:07 - 395757201 _____ () C:\Users\Veru\Downloads\xxx-DorcelClub---Lola-Reve,-Ferrera-Gomez-720p.mp4
2014-10-21 12:37 - 2014-10-21 12:45 - 219722362 _____ () C:\Users\Veru\Downloads\Vanessa-Mae---Backdoor-Driller.mp4
2014-10-21 12:34 - 2014-10-21 12:43 - 190010440 _____ () C:\Users\Veru\Downloads\Fucker-Takes-All---Vanessa-Mae.avi
2014-10-21 12:33 - 2014-10-21 12:39 - 66411220 _____ () C:\Users\Veru\Downloads\rocker-guy-fucking-vanessa-mae.flv
2014-10-21 12:28 - 2014-10-21 12:36 - 227712344 _____ () C:\Users\Veru\Downloads\The-Best-by-Private-126--Vanessa-May,-Boroka-Balls-.avi
2014-10-20 14:47 - 2014-10-23 20:55 - 00000000 ____D () C:\Users\Veru\Desktop\mp3 convert
2014-10-20 14:34 - 2014-10-20 18:25 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-10-20 14:34 - 2014-10-20 18:25 - 00000000 ____D () C:\Program Files\Moo0
2014-10-20 14:25 - 2014-10-20 14:25 - 09355264 _____ (Moo0) C:\Users\Veru\Downloads\Moo0 AudioConverter v1.32 Installer.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 19:04 - 2008-09-10 19:18 - 01360462 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 18:59 - 2006-11-02 11:33 - 01418230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 18:55 - 2013-11-13 21:49 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 18:53 - 2013-11-13 15:38 - 00000416 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
2014-10-29 18:52 - 2013-12-13 18:11 - 00001282 _____ () C:\Windows\Tasks\Torntv V6.0-updater.job
2014-10-29 18:52 - 2013-12-13 18:11 - 00001174 _____ () C:\Windows\Tasks\Torntv V6.0-codedownloader.job
2014-10-29 18:52 - 2013-12-13 18:11 - 00001084 _____ () C:\Windows\Tasks\Torntv V6.0-enabler.job
2014-10-29 18:52 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.dat
2014-10-29 18:52 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.001
2014-10-29 18:52 - 2013-11-13 14:00 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-29 18:52 - 2013-11-13 13:49 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-10-29 18:51 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 18:51 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-29 18:51 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 23:01 - 2008-09-10 19:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-10-28 23:01 - 2006-11-02 14:01 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-28 22:50 - 2013-11-13 14:00 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 21:51 - 2013-11-13 14:01 - 00001978 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-28 15:23 - 2013-11-15 15:08 - 00195584 _____ () C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-27 23:47 - 2013-11-13 20:55 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Winamp
2014-10-27 22:07 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\BitComet
2014-10-24 20:58 - 2013-11-13 21:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 20:58 - 2013-11-13 21:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-23 18:37 - 2014-06-15 19:28 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-10-23 18:14 - 2013-11-13 19:15 - 00002675 _____ () C:\Users\Veru\Desktop\Microsoft Office Word 2007.lnk
2014-10-23 17:56 - 2014-06-15 19:28 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-23 17:04 - 2008-09-10 20:34 - 00000000 ____D () C:\Program Files\ASUS
2014-10-20 18:59 - 2013-12-13 18:11 - 00000000 ____D () C:\Program Files\Torntv V6.0
2014-10-15 21:10 - 2008-09-10 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 21:09 - 2013-11-13 18:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 21:05 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-10 15:32 - 2014-09-19 11:08 - 00001886 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-10-10 15:32 - 2014-07-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-10-10 15:32 - 2008-09-10 19:38 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-02 14:53 - 2013-11-13 20:01 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-29 21:40 - 2013-11-13 21:02 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Skype

Some content of TEMP:
====================
C:\Users\Veru\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2rsuhy.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-29 18:56

==================== End Of Log ============================
Přílohy
Addition.rar
(8.22 KiB) Staženo 19 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#2 Příspěvek od Rudy »

Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Vipo
Návštěvník
Návštěvník
Příspěvky: 37
Registrován: 23 říj 2014 17:10

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#3 Příspěvek od Vipo »

# AdwCleaner v4.002 - Report created 29/10/2014 at 19:29:33
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows Vista (TM) Business Service Pack 1 (32 bits)
# Username : Veru - VERU-PC
# Running from : C:\Users\Veru\Desktop\adwcleaner_4.002.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\Users\Veru\AppData\Local\genienext
Folder Deleted : C:\Program Files\Gophoto.it
Folder Deleted : C:\Users\Veru\AppData\Local\iLivid
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Users\Veru\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Veru\Documents\Mobogenie
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Users\Veru\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Veru\AppData\Local\playnowradio
Folder Deleted : C:\Users\Veru\AppData\LocalLow\PriceGong
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
File Deleted : C:\Users\Veru\daemonprocess.txt
File Deleted : C:\Users\Veru\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Windows\Uninstall.exe

***** [ Scheduled Tasks ] *****

Task Deleted : RunAsStdUser Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045960.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045960.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045960.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045960.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411591160}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455595560}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596660}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444594460}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411591160}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411591160}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.19088


-\\ Mozilla Firefox v


-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [5592 octets] - [29/10/2014 19:27:28]
AdwCleaner[S0].txt - [5606 octets] - [29/10/2014 19:29:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5666 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Vipo
Návštěvník
Návštěvník
Příspěvky: 37
Registrován: 23 říj 2014 17:10

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#5 Příspěvek od Vipo »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-10-2014 01
Ran by Veru (administrator) on VERU-PC on 29-10-2014 20:13:49
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Platform: Microsoft® Windows Vista™ Business Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Cognizance Corporation) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Cyberlink Corp.) C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\AsScrPro.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynAsus.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_189_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RemoteControl] => C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [87336 2008-04-03] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [P2Go_Menu] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-14] (CyberLink Corp.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6183456 2008-06-13] (Realtek Semiconductor)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2008-02-01] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2008-09-10] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2008-09-10] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-16] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-24] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-09-01] (Sony)
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {91b28561-f4aa-11e3-b174-0023541079fa} - F:\Installer.exe
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {924c49b3-13c4-11e4-835b-0023541079fa} - I:\Startme.exe
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [56832 2006-07-13] (Cognizance Corporation)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: ASUS Security Protect Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: GoPhotoIt - C:\Users\Veru\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2013-08-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-24]

Chrome:
=======
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}
CHR Profile: C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-13]
CHR Extension: (Disk Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-13]
CHR Extension: (YouTube) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-13]
CHR Extension: (Avast Online Security) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-23]
CHR Extension: (Peněženka Google) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (GoPhoto.it) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2013-12-14]
CHR Extension: (Gmail) - C:\Users\Veru\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-24]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASBroker; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-09] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-24] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-09-05] (Symantec Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S2 NOD32FiXTemDono; C:\Windows\system32\regedt32.exe /s C:\Windows\nod32fixtemdono.reg

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-10-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-10-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422760 2014-10-24] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-10-24] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-17] (AuthenTec, Inc.)
R3 DCamUSBET; C:\Windows\System32\DRIVERS\etDevice.sys [474624 2007-09-06] (eMPIA Technology, Inc.)
R3 FiltUSBET; C:\Windows\System32\DRIVERS\etFilter.sys [206336 2007-10-15] (eMPIA Technology Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [192056 2008-01-21] (Společnost Microsoft)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20131106.001\IDSvix86.sys [286328 2013-10-30] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-19] (ITE Tech. Inc. )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1081912 2008-01-21] (Společnost Microsoft)
R3 ScanUSBET; C:\Windows\System32\DRIVERS\etScan.sys [6656 2007-09-06] (eMPIA Technology, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2014-06-15] () [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 19:27 - 2014-10-29 19:29 - 00000000 ____D () C:\AdwCleaner
2014-10-29 19:25 - 2014-10-29 19:25 - 01998336 _____ () C:\Users\Veru\Desktop\adwcleaner_4.002.exe
2014-10-29 19:14 - 2014-10-29 20:14 - 00016740 _____ () C:\Users\Veru\Desktop\FRST.txt
2014-10-29 19:13 - 2014-10-29 19:13 - 00000000 ____D () C:\Users\Veru\Desktop\FRST-OlderVersion
2014-10-29 18:52 - 2014-10-29 19:44 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD
2014-10-27 22:04 - 2014-10-27 23:32 - 00001416 _____ () C:\Windows\setupact.log
2014-10-27 22:04 - 2014-10-27 22:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-25 11:27 - 2014-10-29 19:42 - 00001698 _____ () C:\Windows\PFRO.log
2014-10-24 20:45 - 2014-10-24 20:45 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\AVAST Software
2014-10-24 20:44 - 2014-10-24 20:44 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00422760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-24 20:44 - 2014-10-24 20:44 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-24 20:44 - 2014-10-24 20:44 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-24 20:44 - 2014-10-24 20:44 - 00001878 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-24 20:44 - 2014-10-24 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-24 20:40 - 2014-10-24 20:40 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-23 20:55 - 2014-10-23 20:54 - 00050818 _____ () C:\Users\Veru\Desktop\arrow-s03e03-hdtv-x264-lol.srt
2014-10-23 18:52 - 2014-10-23 19:12 - 00000000 ____D () C:\Windows\pss
2014-10-23 17:52 - 2014-10-24 20:40 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-23 17:25 - 2014-10-29 20:13 - 00000000 ____D () C:\FRST
2014-10-23 17:24 - 2014-10-29 19:13 - 01104896 _____ (Farbar) C:\Users\Veru\Desktop\FRST.exe
2014-10-23 15:26 - 2014-10-23 15:26 - 289789458 _____ () C:\Users\Veru\Desktop\arrow-s03e03-hdtv-x264-lol.mp4
2014-10-21 12:45 - 2014-10-21 13:07 - 395757201 _____ () C:\Users\Veru\Downloads\xxx-DorcelClub---Lola-Reve,-Ferrera-Gomez-720p.mp4
2014-10-21 12:37 - 2014-10-21 12:45 - 219722362 _____ () C:\Users\Veru\Downloads\Vanessa-Mae---Backdoor-Driller.mp4
2014-10-21 12:34 - 2014-10-21 12:43 - 190010440 _____ () C:\Users\Veru\Downloads\Fucker-Takes-All---Vanessa-Mae.avi
2014-10-21 12:33 - 2014-10-21 12:39 - 66411220 _____ () C:\Users\Veru\Downloads\rocker-guy-fucking-vanessa-mae.flv
2014-10-21 12:28 - 2014-10-21 12:36 - 227712344 _____ () C:\Users\Veru\Downloads\The-Best-by-Private-126--Vanessa-May,-Boroka-Balls-.avi
2014-10-20 14:47 - 2014-10-23 20:55 - 00000000 ____D () C:\Users\Veru\Desktop\mp3 convert
2014-10-20 14:34 - 2014-10-20 18:25 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-10-20 14:34 - 2014-10-20 18:25 - 00000000 ____D () C:\Program Files\Moo0
2014-10-20 14:25 - 2014-10-20 14:25 - 09355264 _____ (Moo0) C:\Users\Veru\Downloads\Moo0 AudioConverter v1.32 Installer.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 19:55 - 2013-11-13 21:49 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 19:50 - 2013-11-13 14:00 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-29 19:49 - 2006-11-02 11:33 - 01418230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 19:46 - 2008-09-10 19:18 - 01368116 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 19:44 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.001
2014-10-29 19:44 - 2013-11-13 14:00 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-29 19:43 - 2013-12-13 18:11 - 00001282 _____ () C:\Windows\Tasks\Torntv V6.0-updater.job
2014-10-29 19:43 - 2013-12-13 18:11 - 00001174 _____ () C:\Windows\Tasks\Torntv V6.0-codedownloader.job
2014-10-29 19:43 - 2013-12-13 18:11 - 00001084 _____ () C:\Windows\Tasks\Torntv V6.0-enabler.job
2014-10-29 19:43 - 2013-11-14 20:05 - 00031776 _____ () C:\ProgramData\nvModes.dat
2014-10-29 19:43 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 19:43 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-29 19:43 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-29 19:30 - 2008-09-10 19:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-10-29 19:30 - 2006-11-02 14:01 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-29 19:29 - 2013-11-13 13:49 - 00000000 ___RD () C:\Users\Veru
2014-10-29 18:53 - 2013-11-13 15:38 - 00000416 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A282210E-BA49-40A2-A842-5B391E5A5A03}.job
2014-10-29 18:52 - 2013-11-13 13:49 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-10-28 21:51 - 2013-11-13 14:01 - 00001978 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-28 15:23 - 2013-11-15 15:08 - 00195584 _____ () C:\Users\Veru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-27 23:47 - 2013-11-13 20:55 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Winamp
2014-10-27 22:07 - 2013-11-13 21:22 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\BitComet
2014-10-24 20:58 - 2013-11-13 21:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 20:58 - 2013-11-13 21:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-23 18:37 - 2014-06-15 19:28 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-10-23 18:14 - 2013-11-13 19:15 - 00002675 _____ () C:\Users\Veru\Desktop\Microsoft Office Word 2007.lnk
2014-10-23 17:56 - 2014-06-15 19:28 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-23 17:04 - 2008-09-10 20:34 - 00000000 ____D () C:\Program Files\ASUS
2014-10-20 18:59 - 2013-12-13 18:11 - 00000000 ____D () C:\Program Files\Torntv V6.0
2014-10-15 21:10 - 2008-09-10 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 21:09 - 2013-11-13 18:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 21:05 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-10 15:32 - 2014-09-19 11:08 - 00001886 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-10-10 15:32 - 2014-07-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-10-10 15:32 - 2008-09-10 19:38 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-02 14:53 - 2013-11-13 20:01 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-29 21:40 - 2013-11-13 21:02 - 00000000 ____D () C:\Users\Veru\AppData\Roaming\Skype

Some content of TEMP:
====================
C:\Users\Veru\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2rsuhy.dll
C:\Users\Veru\AppData\Local\Temp\Quarantine.exe
C:\Users\Veru\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-29 19:48

==================== End Of Log ============================
Přílohy
Addition.rar
(8.14 KiB) Staženo 21 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {91b28561-f4aa-11e3-b174-0023541079fa} - F:\Installer.exe
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {924c49b3-13c4-11e4-835b-0023541079fa} - I:\Startme.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}
S2 NOD32FiXTemDono; C:\Windows\system32\regedt32.exe /s C:\Windows\nod32fixtemdono.reg
C:\Windows\nod32fixtemdono.reg
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\Torntv V6.0-codedownloader.job
C:\Windows\Tasks\Torntv V6.0-updater.job
C:\Windows\Tasks\Torntv V6.0-enabler.job
C:\Windows\system32\acovcnt.exe
C:\Users\Veru\AppData\Local\Temp
Task: {8184C31D-FCB9-4303-8843-CBB6313ACA5D} - System32\Tasks\Torntv V6.0-enabler => C:\Program Files\Torntv V6.0\Torntv V6.0-enabler.exe <==== ATTENTION
Task: {8719B0D7-FFD8-48C4-9C51-D66FC4DB1BD7} - System32\Tasks\Torntv V6.0-codedownloader => C:\Program Files\Torntv V6.0\Torntv V6.0-codedownloader.exe <==== ATTENTION
Task: {CA17DFB4-BF9A-481B-9CCB-D2F6BD90F069} - System32\Tasks\Torntv V6.0-updater => C:\Program Files\Torntv V6.0\Torntv V6.0-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V6.0-codedownloader.job => C:\Program Files\Torntv V6.0\Torntv V6.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V6.0-enabler.job => C:\Program Files\Torntv V6.0\Torntv V6.0-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V6.0-updater.job => C:\Program Files\Torntv V6.0\Torntv V6.0-updater.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Veru:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Veru\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\Veru\Local Settings:gs5sys
AlternateDataStreams: C:\Users\Veru\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\Veru\Šablony:gs5sys
AlternateDataStreams: C:\Users\Veru\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local\Historie:gs5sys
AlternateDataStreams: C:\Users\Veru\Documents\desktop.ini:gs5sys
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Vipo
Návštěvník
Návštěvník
Příspěvky: 37
Registrován: 23 říj 2014 17:10

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#7 Příspěvek od Vipo »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-10-2014 01
Ran by Veru at 2014-10-29 20:40:10 Run:3
Running from C:\Users\Veru\Desktop
Loaded Profile: Veru (Available profiles: Veru)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {91b28561-f4aa-11e3-b174-0023541079fa} - F:\Installer.exe
HKU\S-1-5-21-2975284470-2684615546-956607703-1000\...\MountPoints2: {924c49b3-13c4-11e4-835b-0023541079fa} - I:\Startme.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}
S2 NOD32FiXTemDono; C:\Windows\system32\regedt32.exe /s C:\Windows\nod32fixtemdono.reg
C:\Windows\nod32fixtemdono.reg
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\Torntv V6.0-codedownloader.job
C:\Windows\Tasks\Torntv V6.0-updater.job
C:\Windows\Tasks\Torntv V6.0-enabler.job
C:\Windows\system32\acovcnt.exe
C:\Users\Veru\AppData\Local\Temp
Task: {8184C31D-FCB9-4303-8843-CBB6313ACA5D} - System32\Tasks\Torntv V6.0-enabler => C:\Program Files\Torntv V6.0\Torntv V6.0-enabler.exe <==== ATTENTION
Task: {8719B0D7-FFD8-48C4-9C51-D66FC4DB1BD7} - System32\Tasks\Torntv V6.0-codedownloader => C:\Program Files\Torntv V6.0\Torntv V6.0-codedownloader.exe <==== ATTENTION
Task: {CA17DFB4-BF9A-481B-9CCB-D2F6BD90F069} - System32\Tasks\Torntv V6.0-updater => C:\Program Files\Torntv V6.0\Torntv V6.0-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V6.0-codedownloader.job => C:\Program Files\Torntv V6.0\Torntv V6.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V6.0-enabler.job => C:\Program Files\Torntv V6.0\Torntv V6.0-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V6.0-updater.job => C:\Program Files\Torntv V6.0\Torntv V6.0-updater.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Veru:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Veru\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\Veru\Local Settings:gs5sys
AlternateDataStreams: C:\Users\Veru\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\Veru\Šablony:gs5sys
AlternateDataStreams: C:\Users\Veru\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\Veru\AppData\Local\Historie:gs5sys
AlternateDataStreams: C:\Users\Veru\Documents\desktop.ini:gs5sys
End



*****************

"HKU\S-1-5-21-2975284470-2684615546-956607703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91b28561-f4aa-11e3-b174-0023541079fa}" => Key deleted successfully.
"HKCR\CLSID\{91b28561-f4aa-11e3-b174-0023541079fa}" => Key not found.
"HKU\S-1-5-21-2975284470-2684615546-956607703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{924c49b3-13c4-11e4-835b-0023541079fa}" => Key deleted successfully.
"HKCR\CLSID\{924c49b3-13c4-11e4-835b-0023541079fa}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
"HKCR\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
C:\Program Files\Google\Google Toolbar => Moved successfully.
C:\Program Files\Google\GoogleToolbarNotifier => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab => Error: No automatic fix found for this entry.
Chrome DefaultSuggestURL deleted successfully.
NOD32FiXTemDono => Service deleted successfully.
"C:\Windows\nod32fixtemdono.reg" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\Torntv V6.0-codedownloader.job => Moved successfully.
C:\Windows\Tasks\Torntv V6.0-updater.job => Moved successfully.
C:\Windows\Tasks\Torntv V6.0-enabler.job => Moved successfully.
C:\Windows\system32\acovcnt.exe => Moved successfully.

"C:\Users\Veru\AppData\Local\Temp" directory move:

C:\Users\Veru\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\atcMRUList.idx => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\atc_DownloadsBackupMain.lst => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2rsuhy.dll => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2rsuhy.lck => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Veru\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Veru\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\inx6E4C.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\MSId4411.LOG => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\preferences => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\preferences00 => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sna1FAB.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sna5ED9.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sna78BD.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\snaE661.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\start.html => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Veru.bmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\WTC4A2.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\WTC58D.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\WTE54A.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\WTE77D.tmp => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\~nsu.tmp\Au_.exe => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temporary Internet Files\Content.IE5\TZQBCIIJ\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temporary Internet Files\Content.IE5\O1M95UV3\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temporary Internet Files\Content.IE5\61CSPVH4\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temporary Internet Files\Content.IE5\2IEVP2JI\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\tempIcons\ab3201c6103205c14f6e56b11b2fcd46.ico => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temp2_1tmp00.zip\install.rdf => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Temp1_1tmp00.zip\install.rdf => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{CD7587C5-4C01-4A60-B237-C2A36BE1C08C}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{B553C2F9-3475-4A7F-9628-406C39D7EAFE}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{AF9A58EE-5D76-40A6-8550-B2C43D903E6F}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Expand.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Normal.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Sony\Sony PC Companion\Plugins\{6CFB6439-7DDC-4785-9BEC-861F027E201E}\Graphics\Small.png => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\nslF96C.tmp\UAC.dll => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\History\History.IE5\index.dat => Moved successfully.
C:\Users\Veru\AppData\Local\Temp\Cookies\index.dat => Moved successfully.
Could not move "C:\Users\Veru\AppData\Local\Temp" directory. => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8184C31D-FCB9-4303-8843-CBB6313ACA5D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8184C31D-FCB9-4303-8843-CBB6313ACA5D}" => Key deleted successfully.
C:\Windows\System32\Tasks\Torntv V6.0-enabler => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V6.0-enabler" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8719B0D7-FFD8-48C4-9C51-D66FC4DB1BD7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8719B0D7-FFD8-48C4-9C51-D66FC4DB1BD7}" => Key deleted successfully.
C:\Windows\System32\Tasks\Torntv V6.0-codedownloader => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V6.0-codedownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CA17DFB4-BF9A-481B-9CCB-D2F6BD90F069}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA17DFB4-BF9A-481B-9CCB-D2F6BD90F069}" => Key deleted successfully.
C:\Windows\System32\Tasks\Torntv V6.0-updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V6.0-updater" => Key deleted successfully.
C:\Windows\Tasks\Torntv V6.0-codedownloader.job not found.
C:\Windows\Tasks\Torntv V6.0-enabler.job not found.
C:\Windows\Tasks\Torntv V6.0-updater.job not found.
C:\ProgramData => ":gs5sys" ADS removed successfully.
"C:\Users\All Users" => ":gs5sys" ADS not found.
"C:\Users\Veru" => ":gs5sys" ADS not found.
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
"C:\ProgramData\Templates" => ":gs5sys" ADS not found.
C:\Users\Public\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
"C:\Users\Veru\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\Veru\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\Veru\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\Veru\Šablony" => ":gs5sys" ADS not found.
C:\Users\Veru\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Veru\AppData\Local => ":gs5sys" ADS removed successfully.
C:\Users\Veru\AppData\Roaming => ":gs5sys" ADS removed successfully.
"C:\Users\Veru\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\Veru\AppData\Local\Historie" => ":gs5sys" ADS not found.
C:\Users\Veru\Documents\desktop.ini => ":gs5sys" ADS removed successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-29 20:43:13)<=

C:\Users\Veru\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Veru\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Vipo
Návštěvník
Návštěvník
Příspěvky: 37
Registrován: 23 říj 2014 17:10

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#9 Příspěvek od Vipo »

Jj při startu je rozhodně rychlejší. A zatím se nesnažil sám sebe uškvařit, takže pokrok :) Moc díky
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Asi zavirovaný počítač, prosím jestli by šlo zkontrolova

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“