Tchán mě požádal o oživení jeho PC, byl pomalý a sem tam zamrznou všechny okna prohlížeče souborů. Vyfoukal jsem od prachu a uživatelsky promazal a povypínal pár vecí po spuštění, teď běží rychleji ale ještě občas vymrzne, tak prosím o kontrolu, jestli se tam neskrývá nějaká havěť... Díky předem.
Logfile of random's system information tool 1.10 (written by random/random)
Run by TO2 at 2015-09-26 19:18:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (53%) free of 38 GB
Total RAM: 2047 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:18:15, on 26.9.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\TO2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
R3 - URLSearchHook: (no name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4570188515
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.8.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 6732 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\windows\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\windows\system32\xp_eos.exe -c
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\
ask-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-26 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-11-06 311152]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-26 6134544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-11-06 1564528]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-11-06 845168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-11-24 2216960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-24 3318784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG Secure Search\vprot.exe [2015-09-14 2567568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vToolbarUpdater18.8.0"=2
"sp_rssrv"=2
"SkypeUpdate"=2
"PnkBstrB"=3
"AdobeFlashPlayerUpdateSvc"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-11-17 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe"="C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="D:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\RadLight Company\RadLight 4.0\rlkernel.exe"="C:\Program Files\RadLight Company\RadLight 4.0\rlkernel.exe:*:Enabled:Kernel Executable"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Administrator\Plocha\sdc222\StrongDC.exe"="C:\Documents and Settings\Administrator\Plocha\sdc222\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"D:\Program Files\Winamp\winamp.exe"="D:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2015-09-26 19:18:08 ----DC---- C:\rsit
2015-09-26 18:56:36 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2015-09-26 18:46:54 ----D---- C:\Program Files\HD Tune
2015-09-26 15:05:24 ----RASHC---- C:\boot.ini
2015-09-26 13:07:11 ----ASH---- C:\pagefile.sys
2015-09-26 11:12:51 ----D---- C:\Documents and Settings\TO2\Data aplikací\AVAST Software
2015-09-26 11:12:26 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2015-09-26 11:11:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2015-09-26 11:11:39 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-09-26 11:11:36 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-09-26 11:11:33 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-09-26 11:11:26 ----A---- C:\WINDOWS\avastSS.scr
2015-09-26 11:10:10 ----D---- C:\Program Files\AVAST Software
2015-09-26 11:08:11 ----DC---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-09-26 10:53:17 ----D---- C:\Program Files\Mozilla Firefox
2015-09-15 10:22:32 ----D---- C:\Program Files\JoWooD
======List of files/folders modified in the last 1 month======
2015-09-26 19:18:10 ----D---- C:\Program Files\trend micro
2015-09-26 19:17:43 ----D---- C:\WINDOWS\Prefetch
2015-09-26 19:14:34 ----D---- C:\WINDOWS\Temp
2015-09-26 19:01:05 ----D---- C:\WINDOWS\system32
2015-09-26 19:01:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-26 18:54:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-09-26 18:46:54 ----D---- C:\Program Files
2015-09-26 13:31:19 ----A---- C:\WINDOWS\NeroDigital.ini
2015-09-26 13:11:25 ----A---- C:\WINDOWS\win.ini
2015-09-26 13:11:25 ----A---- C:\WINDOWS\system.ini
2015-09-26 12:50:59 ----D---- C:\WINDOWS
2015-09-26 12:49:56 ----D---- C:\WINDOWS\system32\drivers
2015-09-26 11:29:58 ----RSD---- C:\WINDOWS\assembly
2015-09-26 11:29:58 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-26 11:12:35 ----HD---- C:\WINDOWS\inf
2015-09-26 11:11:55 ----D---- C:\WINDOWS\system32\CatRoot2
2015-09-26 11:11:51 ----SD---- C:\WINDOWS\Tasks
2015-09-26 11:11:35 ----D---- C:\WINDOWS\WinSxS
2015-09-26 10:58:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-09-26 10:45:08 ----SHDC---- C:\Config.Msi
2015-09-26 10:45:08 ----SHD---- C:\WINDOWS\Installer
2015-09-26 10:44:19 ----D---- C:\WINDOWS\system32\cs-cz
2015-09-26 10:40:06 ----D---- C:\WINDOWS\system32\en-US
2015-09-26 10:34:37 ----D---- C:\Program Files\AVG Secure Search
2015-09-26 10:24:22 ----D---- C:\Program Files\Spyware Terminator
2015-09-26 09:52:20 ----D---- C:\Program Files\MyFree Codec
2015-09-22 19:04:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-14 10:20:45 ----D---- C:\WINDOWS\system32\cache
2015-09-09 18:42:43 ----D---- C:\WINDOWS\system32\MRT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-26 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-26 208664]
R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2007-06-15 143256]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-15 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-09-26 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-09-26 789296]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-09-26 434184]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\windows\system32\drivers\sp_rsdrv2.sys []
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys []
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-26 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-26 76000]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2015-09-26 157888]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-06-08 262912]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-09-26 57888]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-26 146600]
R2 MRUWebService;MRU Web Service; C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [2007-05-23 20539]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-11-01 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Marvell RAID;Marvell RAID Event Agent; C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [2007-06-12 61440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-26 147624]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22 269000]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe []
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe []
S4 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-11-24 496128]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravim 
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Děkuji, posílám logy...
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2015/09/26 21:05:01
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- ST3250410AS
+ Sekundární kanál IDE (1)
- HL-DT-ST DVDRAM GH20NS15
+ ATI IDE Controller [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)
+ Marvell 61xx Marvell RAID Controller [SCSI]
- Marvell Virtual Device
+ Marvell 61xx Marvell RAID Controller [SCSI]
- Marvell Virtual Device
-- Disk List ---------------------------------------------------------------
(1) ST3250410AS : 250,0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST3250410AS
----------------------------------------------------------------------------
Model : ST3250410AS
Firmware : 3.AAC
Serial Number : 9RY125ES
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 26210 hod.
Power On Count : 4274 krát
Temparature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 114 _92 __6 000004B3C2B9 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 0000000010BB Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _87 _60 _30 00001D90908D Počet chybných hledání
09 _71 _71 __0 000000006662 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 0000000010B2 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _69 _60 _45 00002311001F Teplota toku vzduchu
C2 _31 _40 __0 00110000001F Teplota
C3 _71 _58 __0 00000D1829F8 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000008 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3952 3952 5931 3235 4553
020: 0000 8000 0004 332E 4141 2020 2020 5354 3332 3530
030: 3431 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 BC01 BC01 4023 407F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0009 5970
130: 1D1C 5970 1D1C 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 0080 0202 0000 0404 0000 0000 0000 0000 1D00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0001 0001 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FCA5
# AdwCleaner v5.008 - Logfile created 26/09/2015 at 21:09:10
# Updated 18/09/2015 by Xplode
# Database : 2015-09-23.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : TO2 - ADMIN
# Running from : D:\Stažené soubory\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : sp_rsdrv2
***** [ Folders ] *****
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ytd video downloader
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\ytd video downloader
[-] Folder Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\ICQToolbarData
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\GreenTree Applications
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
***** [ Files ] *****
[-] File Deleted : C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-1.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-10.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-11.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-12.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-13.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-14.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-15.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-16.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-17.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-18.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-19.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-2.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-20.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-21.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-22.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-23.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-24.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-3.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-4.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-5.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-6.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-7.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-8.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-9.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin.gif
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin.src
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\ask-search.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\IGearSettings
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[!] Data Not Restored : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BAD1561C-7009-44E4-838F-1390F95440FF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[!] Key Not Deleted : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[!] Key Not Deleted : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{BAD1561C-7009-44E4-838F-1390F95440FF}
***** [ Web browsers ] *****
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.allowSendURL", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.engineVerified", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.firstTbRun", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.geolastmodified", 1443253132);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.history", "seznamyoutubeKao%20The%20Kangaroo%20Round%202%20-%20(PC)%20prekladacprekladac%20Calvin%20Harris%20-%20Summer%20goodgame%20empireTANKI%20ONLINE4%20dohod[...]
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.hpChange", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.icqgeo", 42);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.installTime", "1443255023");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.newtab_state", "1");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.previousFFVersion", "40.0.3");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.suggestions", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.uniqueID", "131773454613177346541317753288069");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1443253136);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.userHpApproved", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [18976 bytes] ##########
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2015/09/26 21:05:01
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- ST3250410AS
+ Sekundární kanál IDE (1)
- HL-DT-ST DVDRAM GH20NS15
+ ATI IDE Controller [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)
+ Marvell 61xx Marvell RAID Controller [SCSI]
- Marvell Virtual Device
+ Marvell 61xx Marvell RAID Controller [SCSI]
- Marvell Virtual Device
-- Disk List ---------------------------------------------------------------
(1) ST3250410AS : 250,0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST3250410AS
----------------------------------------------------------------------------
Model : ST3250410AS
Firmware : 3.AAC
Serial Number : 9RY125ES
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 26210 hod.
Power On Count : 4274 krát
Temparature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 114 _92 __6 000004B3C2B9 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 0000000010BB Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _87 _60 _30 00001D90908D Počet chybných hledání
09 _71 _71 __0 000000006662 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 0000000010B2 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _69 _60 _45 00002311001F Teplota toku vzduchu
C2 _31 _40 __0 00110000001F Teplota
C3 _71 _58 __0 00000D1829F8 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000008 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3952 3952 5931 3235 4553
020: 0000 8000 0004 332E 4141 2020 2020 5354 3332 3530
030: 3431 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 BC01 BC01 4023 407F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0009 5970
130: 1D1C 5970 1D1C 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 0080 0202 0000 0404 0000 0000 0000 0000 1D00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0001 0001 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FCA5
# AdwCleaner v5.008 - Logfile created 26/09/2015 at 21:09:10
# Updated 18/09/2015 by Xplode
# Database : 2015-09-23.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : TO2 - ADMIN
# Running from : D:\Stažené soubory\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : sp_rsdrv2
***** [ Folders ] *****
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ytd video downloader
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\ytd video downloader
[-] Folder Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\ICQToolbarData
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\GreenTree Applications
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
***** [ Files ] *****
[-] File Deleted : C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-1.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-10.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-11.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-12.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-13.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-14.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-15.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-16.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-17.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-18.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-19.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-2.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-20.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-21.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-22.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-23.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-24.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-3.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-4.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-5.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-6.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-7.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-8.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin-9.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin.gif
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin.src
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\icqplugin.xml
[-] File Deleted : C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\searchplugins\ask-search.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\IGearSettings
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[!] Data Not Restored : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BAD1561C-7009-44E4-838F-1390F95440FF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[!] Key Not Deleted : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[!] Key Not Deleted : HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{BAD1561C-7009-44E4-838F-1390F95440FF}
***** [ Web browsers ] *****
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.allowSendURL", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.engineVerified", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.firstTbRun", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.geolastmodified", 1443253132);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.history", "seznamyoutubeKao%20The%20Kangaroo%20Round%202%20-%20(PC)%20prekladacprekladac%20Calvin%20Harris%20-%20Summer%20goodgame%20empireTANKI%20ONLINE4%20dohod[...]
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.hpChange", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.icqgeo", 42);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.installTime", "1443255023");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.newtab_state", "1");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.previousFFVersion", "40.0.3");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.suggestions", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.uniqueID", "131773454613177346541317753288069");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1443253136);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.userHpApproved", true);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[-] [C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [18976 bytes] ##########
Re: Prosím o kontrolu logu
Disk hlasi chyby, i to muze pusobit problemy. Uvidime po docisteni.
Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222
Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Drobec jsem to asi pokazil, asi po půl minutě skenování našel mbam první hrozbu, ale zasáhl do toho avast, který to vyhodnotil jako virus (myslím že ten soubor smazal, ale nemůžu v něm najít záznam, tak nevím). Tak jsem sken mbam ukončil, vypl avast a spustil sken znovu, pak už během první hodiny nic nenašel... Je to zvláštní, protože než jsem dělal ten první rsit log, tak jsem dělal kompletní sken avastem a nic nenašel...
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2015.09.26.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
TO2 :: ADMIN [administrátor]
26.9.2015 21:27:40
MBAM-log-2015-09-27 (07-47-24).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 438328
Uplynulý čas: 43 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\System Volume Information\_restore{3CCC493D-A26A-416A-BBC7-C0E4ADC506AE}\RP1938\A0279052.exe (PUP.Optional.APNToolBar) -> Nebyla provedena žádná instrukce.
D:\Codec-Pack_installer.exe (PUP.Optional.DownLoadAdmin) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2015.09.26.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
TO2 :: ADMIN [administrátor]
26.9.2015 21:27:40
MBAM-log-2015-09-27 (07-47-24).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 438328
Uplynulý čas: 43 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\System Volume Information\_restore{3CCC493D-A26A-416A-BBC7-C0E4ADC506AE}\RP1938\A0279052.exe (PUP.Optional.APNToolBar) -> Nebyla provedena žádná instrukce.
D:\Codec-Pack_installer.exe (PUP.Optional.DownLoadAdmin) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím o kontrolu logu
To tak nekdy je, ono i zalezi na nastaveni citlivosti. Kdyz treba neni na maximum, testem to projde, ale kdyz to pak objevi jiny AV a zacne se souborem neco delat (v tomto pripade MBAM), stit zaregistruje, ze se neco deje a taky se ozve 
Jelikoz je havet i v bodech obnovy...
Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM (staci uz jen rychla kontrola) a napiste jeho vysledek a podle toho zvolim dalsi postup.
Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.
Jelikoz je havet i v bodech obnovy...
Postupujte presne v tomto poradi. 1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM (staci uz jen rychla kontrola) a napiste jeho vysledek a podle toho zvolim dalsi postup.
Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
OK, díky
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2015.09.26.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
TO2 :: ADMIN [administrátor]
27.9.2015 8:33:03
mbam-log-2015-09-27 (08-33-03).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 374325
Uplynulý čas: 12 minut, 59 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2015.09.26.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
TO2 :: ADMIN [administrátor]
27.9.2015 8:33:03
mbam-log-2015-09-27 (08-33-03).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 374325
Uplynulý čas: 12 minut, 59 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: Prosím o kontrolu logu
MBAM muzete odinstalovat. Dejte novy log z RSITa k tomu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by TO2 at 2015-09-27 15:50:31
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (59%) free of 38 GB
Total RAM: 2047 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:50:34, on 27.9.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\TO2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4570188515
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 6484 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\windows\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\windows\system32\xp_eos.exe -c
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-26 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-11-06 311152]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-26 6134544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-11-06 1564528]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-11-06 845168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-11-24 2216960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-24 3318784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG Secure Search\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vToolbarUpdater18.8.0"=2
"sp_rssrv"=2
"SkypeUpdate"=2
"PnkBstrB"=3
"AdobeFlashPlayerUpdateSvc"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-11-17 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe"="C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="D:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\RadLight Company\RadLight 4.0\rlkernel.exe"="C:\Program Files\RadLight Company\RadLight 4.0\rlkernel.exe:*:Enabled:Kernel Executable"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Administrator\Plocha\sdc222\StrongDC.exe"="C:\Documents and Settings\Administrator\Plocha\sdc222\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"D:\Program Files\Winamp\winamp.exe"="D:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2015-09-26 21:22:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-09-26 21:06:39 ----DC---- C:\AdwCleaner
2015-09-26 19:18:08 ----DC---- C:\rsit
2015-09-26 18:56:36 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2015-09-26 18:46:54 ----D---- C:\Program Files\HD Tune
2015-09-26 15:05:24 ----RASHC---- C:\boot.ini
2015-09-26 13:07:11 ----ASH---- C:\pagefile.sys
2015-09-26 11:12:51 ----D---- C:\Documents and Settings\TO2\Data aplikací\AVAST Software
2015-09-26 11:12:26 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2015-09-26 11:11:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2015-09-26 11:11:39 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-09-26 11:11:36 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-09-26 11:11:33 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-09-26 11:11:26 ----A---- C:\WINDOWS\avastSS.scr
2015-09-26 11:10:10 ----D---- C:\Program Files\AVAST Software
2015-09-26 11:08:11 ----DC---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-09-26 10:53:17 ----D---- C:\Program Files\Mozilla Firefox
2015-09-15 10:22:32 ----D---- C:\Program Files\JoWooD
======List of files/folders modified in the last 1 month======
2015-09-27 15:50:33 ----D---- C:\Program Files\trend micro
2015-09-27 10:21:49 ----D---- C:\WINDOWS\Prefetch
2015-09-27 09:38:08 ----RSD---- C:\WINDOWS\assembly
2015-09-27 09:38:08 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-27 09:31:22 ----D---- C:\WINDOWS\Temp
2015-09-27 09:29:47 ----SHDC---- C:\Config.Msi
2015-09-27 09:29:47 ----SHD---- C:\WINDOWS\Installer
2015-09-27 09:29:34 ----D---- C:\WINDOWS\system32
2015-09-27 09:29:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-27 09:29:26 ----D---- C:\WINDOWS\WinSxS
2015-09-27 08:48:25 ----D---- C:\WINDOWS\system32\drivers
2015-09-27 08:36:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-09-27 08:30:44 ----D---- C:\WINDOWS\PeerNet
2015-09-26 21:22:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2015-09-26 21:09:36 ----D---- C:\Program Files\Common Files
2015-09-26 21:09:18 ----D---- C:\Program Files
2015-09-26 13:31:19 ----A---- C:\WINDOWS\NeroDigital.ini
2015-09-26 13:11:25 ----A---- C:\WINDOWS\win.ini
2015-09-26 13:11:25 ----A---- C:\WINDOWS\system.ini
2015-09-26 12:50:59 ----D---- C:\WINDOWS
2015-09-26 11:12:35 ----HD---- C:\WINDOWS\inf
2015-09-26 11:11:55 ----D---- C:\WINDOWS\system32\CatRoot2
2015-09-26 11:11:51 ----SD---- C:\WINDOWS\Tasks
2015-09-26 10:58:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-09-26 10:44:19 ----D---- C:\WINDOWS\system32\cs-cz
2015-09-26 10:40:06 ----D---- C:\WINDOWS\system32\en-US
2015-09-26 10:24:22 ----D---- C:\Program Files\Spyware Terminator
2015-09-22 19:04:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-14 10:20:45 ----D---- C:\WINDOWS\system32\cache
2015-09-09 18:42:43 ----D---- C:\WINDOWS\system32\MRT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-26 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-26 208664]
R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2007-06-15 143256]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-15 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-09-26 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-09-26 789296]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-09-26 434184]
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys []
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-26 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-26 76000]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2015-09-26 157888]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-06-08 262912]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-09-26 57888]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-26 146600]
R2 MRUWebService;MRU Web Service; C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [2007-05-23 20539]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-11-01 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Marvell RAID;Marvell RAID Event Agent; C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [2007-06-12 61440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-26 147624]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22 269000]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe []
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe []
S4 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-11-24 496128]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-09-2015
Ran by TO2 (administrator) on ADMIN (27-09-2015 15:55:30)
Running from C:\Documents and Settings\TO2\Plocha
Loaded Profiles: TO2 (Available Profiles: TO2 & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Apache Software Foundation) C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
(Apache Software Foundation) C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\TO2\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-26] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02] (ATI Technologies Inc.)
Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll [2009-11-17] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-854245398-412668190-725345543-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\ssstars.scr [14336 2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-26] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E42CA267-928F-4E39-A54A-65F66B055563}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-854245398-412668190-725345543-1003 - (No Name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-854245398-412668190-725345543-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-854245398-412668190-725345543-1003 -> {7CEB5968-7C7F-4236-AFE7-3E0B07A63BCC} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-854245398-412668190-725345543-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-26] (AVAST Software)
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244570188515
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default
FF SelectedSearchEngine:
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2014-07-16] (Apple Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-04-22]
FF Extension: Adblock Plus - C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-09]
FF HKLM\...\Firefox\Extensions: [avg@igeared] - C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-26]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2007-11-01] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-26] (AVAST Software)
S3 Marvell RAID; C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [61440 2007-06-12] () [File not signed]
R2 MRUWebService; C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [20539 2007-05-23] (Apache Software Foundation) [File not signed]
S4 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [496128 2011-11-24] (Crawler.com) [File not signed]
S4 PnkBstrB; C:\windows\system32\PnkBstrB.exe [X]
S4 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbmdm6501; C:\WINDOWS\System32\DRIVERS\adusbmdm65.sys [64896 2005-05-02] (AnyDATA Corporation) [File not signed]
S3 adusbser6501; C:\WINDOWS\System32\DRIVERS\adusbser65.sys [64896 2005-05-02] (AnyDATA Corporation) [File not signed]
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-09-26] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-09-26] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-09-26] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-09-26] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [789296 2015-09-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [434184 2015-09-26] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [157888 2015-09-26] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-09-26] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-09-26] (AVAST Software)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-07-15] () [File not signed]
R3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
S3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-14] ()
R0 mv61xx; C:\WINDOWS\System32\DRIVERS\mv61xx.sys [143256 2007-06-15] (Marvell Semiconductor, Inc.)
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-09-15] () [File not signed]
R1 SSHDRV65; C:\WINDOWS\system32\drivers\SSHDRV65.sys [120320 2009-06-13] () [File not signed]
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [262912 2007-06-08] (Marvell)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 gtcdcmdm; system32\DRIVERS\gtusbmdm_gpc6400.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 15:55 - 2015-09-27 15:55 - 00013931 _____ C:\Documents and Settings\TO2\Plocha\FRST.txt
2015-09-27 15:55 - 2015-09-27 15:55 - 00000000 ___DC C:\FRST
2015-09-27 15:54 - 2015-09-27 15:54 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\TO2\Plocha\FRSTLauncher.exe
2015-09-27 15:54 - 2015-09-27 15:52 - 01695744 _____ (Farbar) C:\Documents and Settings\TO2\Plocha\FRST.exe
2015-09-26 21:22 - 2015-09-26 21:22 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2015-09-26 21:22 - 2015-09-26 21:22 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2015-09-26 21:22 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-26 21:06 - 2015-09-26 21:09 - 00000000 ___DC C:\AdwCleaner
2015-09-26 21:05 - 2015-09-26 21:05 - 00004435 _____ C:\Documents and Settings\TO2\Plocha\c.txt
2015-09-26 21:04 - 2015-09-26 21:04 - 00000000 ____D C:\Documents and Settings\TO2\Plocha\v
2015-09-26 19:18 - 2015-09-26 19:18 - 00000000 ___DC C:\rsit
2015-09-26 19:13 - 2015-09-26 19:13 - 00000000 ____D C:\Documents and Settings\TO2\Dokumenty\Stažené soubory
2015-09-26 18:56 - 2015-09-26 18:56 - 00000000 ___DC C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2015-09-26 18:46 - 2015-09-26 18:46 - 00000613 _____ C:\Documents and Settings\TO2\Plocha\HD Tune.lnk
2015-09-26 18:46 - 2015-09-26 18:46 - 00000000 ____D C:\Program Files\HD Tune
2015-09-26 18:46 - 2015-09-26 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
2015-09-26 15:05 - 2015-09-26 13:11 - 00000194 _RSHC C:\boot.ini
2015-09-26 13:34 - 2015-09-26 13:38 - 00000000 ____D C:\Documents and Settings\TO2\Dokumenty\Záloha dokumentů
2015-09-26 13:33 - 2015-09-26 13:33 - 00000368 _____ C:\Documents and Settings\TO2\Dokumenty\Stažené soubory.lnk
2015-09-26 11:12 - 2015-09-26 11:12 - 00001689 _____ C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
2015-09-26 11:12 - 2015-09-26 11:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-09-26 11:12 - 2015-09-26 11:12 - 00000000 ____D C:\Documents and Settings\TO2\Data aplikací\AVAST Software
2015-09-26 11:12 - 2015-09-26 11:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVAST Software
2015-09-26 11:11 - 2015-09-27 11:11 - 00000358 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-09-26 11:11 - 2015-09-26 11:12 - 00010307 _____ C:\WINDOWS\Wdf01009Inst.log
2015-09-26 11:11 - 2015-09-26 11:11 - 00789296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00434184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-09-26 11:11 - 2015-09-26 11:11 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00157888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-09-26 11:11 - 2015-09-26 11:11 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-26 11:10 - 2015-09-26 11:10 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-26 11:08 - 2015-09-26 11:08 - 00000000 ___DC C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-09-26 10:53 - 2015-09-26 10:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-09-26 10:47 - 2015-09-26 10:47 - 00000000 ____D C:\Documents and Settings\TO2\Local Settings\Data aplikací\Scansoft
2015-09-15 10:24 - 2015-09-15 10:24 - 00001718 _____ C:\Documents and Settings\All Users\Plocha\Kao - 2nd round.lnk
2015-09-15 10:24 - 2015-09-15 10:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\JoWooD
2015-09-15 10:22 - 2015-09-15 10:22 - 00000000 ____D C:\Program Files\JoWooD
2015-09-12 22:12 - 2015-09-12 22:12 - 00000057 _____ C:\Documents and Settings\TO2\Plocha\Nový objekt - Textový dokument.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 15:55 - 2010-07-29 17:14 - 00000000 ____D C:\Documents and Settings\TO2\Plocha
2015-09-27 15:55 - 2010-07-29 17:14 - 00000000 ____D C:\Documents and Settings\TO2\Local Settings\Temp
2015-09-27 15:54 - 2010-07-29 17:14 - 00000000 ___HD C:\Documents and Settings\TO2\Local Settings\Data aplikací
2015-09-27 15:50 - 2010-09-15 20:59 - 00000000 ____D C:\Program Files\trend micro
2015-09-27 15:04 - 2013-04-01 19:53 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-27 11:31 - 2009-06-08 19:30 - 01364714 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-27 09:38 - 2009-06-09 19:44 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-09-27 09:29 - 2009-06-08 20:58 - 01146944 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-27 08:36 - 2009-06-08 19:35 - 00032442 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-27 08:31 - 2014-03-28 11:36 - 00000218 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-27 08:31 - 2009-06-09 19:37 - 00000283 ____C C:\WINDOWS\system32\61xx.xml
2015-09-27 08:31 - 2009-06-08 21:00 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-09-27 08:31 - 2009-06-08 21:00 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-09-27 08:31 - 2009-06-08 19:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-27 08:31 - 2004-08-18 14:00 - 00013668 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-27 08:30 - 2010-07-29 17:14 - 00000272 ___SH C:\Documents and Settings\TO2\ntuser.ini
2015-09-27 08:30 - 2009-06-08 20:49 - 00000000 ____D C:\WINDOWS\PeerNet
2015-09-26 21:22 - 2010-09-15 18:57 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2015-09-26 21:22 - 2009-06-08 20:57 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-09-26 21:22 - 2009-06-08 20:57 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-09-26 21:13 - 2010-07-29 17:14 - 00000000 ____D C:\Documents and Settings\TO2
2015-09-26 21:09 - 2009-06-08 20:57 - 00000000 _RHDC C:\Documents and Settings\All Users\Data aplikací
2015-09-26 19:36 - 2010-08-28 19:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2015-09-26 19:13 - 2010-07-31 17:59 - 00144896 _____ C:\Documents and Settings\TO2\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-26 19:13 - 2010-07-29 17:14 - 00000000 ___RD C:\Documents and Settings\TO2\Dokumenty
2015-09-26 19:11 - 2010-07-29 17:14 - 00000000 __RHD C:\Documents and Settings\TO2\Data aplikací
2015-09-26 13:31 - 2010-08-01 13:43 - 00000142 _____ C:\Documents and Settings\TO2\default.pls
2015-09-26 13:31 - 2009-06-22 16:21 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2015-09-26 13:11 - 2004-08-18 14:00 - 00000682 _____ C:\WINDOWS\win.ini
2015-09-26 13:11 - 2004-08-18 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2015-09-26 11:12 - 2012-04-26 17:00 - 00020057 _____ C:\WINDOWS\setupapi.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00738268 ____C C:\WINDOWS\iis6.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00680103 ____C C:\WINDOWS\FaxSetup.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00325160 ____C C:\WINDOWS\ocgen.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00310311 ____C C:\WINDOWS\tsoc.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00226337 ____C C:\WINDOWS\comsetup.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00213788 ____C C:\WINDOWS\msmqinst.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00137088 ____C C:\WINDOWS\ntdtcsetup.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00119130 ____C C:\WINDOWS\netfxocm.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00046750 ____C C:\WINDOWS\MedCtrOC.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00042460 ____C C:\WINDOWS\ocmsn.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00034210 ____C C:\WINDOWS\tabletoc.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00033990 ____C C:\WINDOWS\msgsocm.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00001374 _____ C:\WINDOWS\imsins.log
2015-09-26 10:58 - 2012-05-04 17:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-09-26 10:24 - 2010-09-15 20:17 - 00000000 ____D C:\Program Files\Spyware Terminator
2015-09-26 10:12 - 2012-04-26 17:00 - 01076950 ____C C:\WINDOWS\setupapi.log.0.old
2015-09-26 09:55 - 2013-06-08 15:13 - 00000000 ____D C:\Documents and Settings\TO2\Local Settings\Data aplikací\Unity
2015-09-26 09:53 - 2010-07-29 17:14 - 00000000 ___RD C:\Documents and Settings\TO2\Nabídka Start
2015-09-26 09:45 - 2009-06-08 20:57 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-09-26 09:35 - 2012-04-12 19:32 - 00004919 _____ C:\WINDOWS\setupact.log
2015-09-22 19:04 - 2013-04-01 19:53 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-22 19:04 - 2012-04-20 21:59 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-09-22 09:25 - 2012-12-28 14:18 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-09-21 16:21 - 2012-04-29 19:35 - 00068608 __SHC C:\Documents and Settings\TO2\Plocha\Thumbs.db
2015-09-18 13:45 - 2014-04-10 10:45 - 00000000 ____D C:\Documents and Settings\TO2\Plocha\Zuzanka
2015-09-14 10:20 - 2013-05-21 13:38 - 00000000 ____D C:\WINDOWS\system32\cache
2015-09-09 18:42 - 2013-08-15 14:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 15:05 - 2014-03-28 11:36 - 00000212 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
==================== Files in the root of some directories =======
2013-06-26 14:12 - 2014-06-23 16:44 - 0003728 ____C () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2010-09-15 18:52 - 2010-09-15 18:52 - 0002528 ____C () C:\Documents and Settings\TO2\Data aplikací\$_hpcst$.hpc
2010-07-31 17:59 - 2015-09-26 19:13 - 0144896 _____ () C:\Documents and Settings\TO2\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\TO2\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:37.55 GB) (Free:22.14 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:195.32 GB) (Free:163.2 GB) NTFS
Available physical RAM: 1133.04 MB
Total physical RAM: 2047.23 MB
Percentage of memory in use: 44%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 232.9 GB) (Disk ID: 28A028A0)
Partition 1: (Active) - (Size=37.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\TO2\Plocha" je 1294 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
%systemroot%\system32\dumprep 0 -k [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate
"C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate
"C:\Program Files\AVG Secure Search\vprot.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
Reim ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
vToolbarUpdater18.8.0 REG_DWORD 0x2
sp_rssrv REG_DWORD 0x2
SkypeUpdate REG_DWORD 0x2
PnkBstrB REG_DWORD 0x3
AdobeFlashPlayerUpdateSvc REG_DWORD 0x3
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\ICQ7.6\\ICQ.exe"="C:\\Program Files\\ICQ7.6\\ICQ.exe:*:Enabled:ICQ7.6"
"D:\\Program Files\\Winamp\\winamp.exe"="D:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"="D:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\\Program Files\\RadLight Company\\RadLight 4.0\\rlkernel.exe"="C:\\Program Files\\RadLight Company\\RadLight 4.0\\rlkernel.exe:*:Enabled:Kernel Executable"
"C:\\Program Files\\Valve\\hl.exe"="C:\\Program Files\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Documents and Settings\\Administrator\\Plocha\\sdc222\\StrongDC.exe"="C:\\Documents and Settings\\Administrator\\Plocha\\sdc222\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001
==================== End Of Log ==============================
Run by TO2 at 2015-09-27 15:50:31
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (59%) free of 38 GB
Total RAM: 2047 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:50:34, on 27.9.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\TO2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4570188515
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 6484 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\windows\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\windows\system32\xp_eos.exe -c
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-26 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-11-06 311152]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-26 6134544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-11-06 1564528]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-11-06 845168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-11-24 2216960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-24 3318784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG Secure Search\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vToolbarUpdater18.8.0"=2
"sp_rssrv"=2
"SkypeUpdate"=2
"PnkBstrB"=3
"AdobeFlashPlayerUpdateSvc"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-11-17 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe"="C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="D:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\RadLight Company\RadLight 4.0\rlkernel.exe"="C:\Program Files\RadLight Company\RadLight 4.0\rlkernel.exe:*:Enabled:Kernel Executable"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Administrator\Plocha\sdc222\StrongDC.exe"="C:\Documents and Settings\Administrator\Plocha\sdc222\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"D:\Program Files\Winamp\winamp.exe"="D:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2015-09-26 21:22:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-09-26 21:06:39 ----DC---- C:\AdwCleaner
2015-09-26 19:18:08 ----DC---- C:\rsit
2015-09-26 18:56:36 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2015-09-26 18:46:54 ----D---- C:\Program Files\HD Tune
2015-09-26 15:05:24 ----RASHC---- C:\boot.ini
2015-09-26 13:07:11 ----ASH---- C:\pagefile.sys
2015-09-26 11:12:51 ----D---- C:\Documents and Settings\TO2\Data aplikací\AVAST Software
2015-09-26 11:12:26 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2015-09-26 11:11:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2015-09-26 11:11:39 ----A---- C:\WINDOWS\system32\drivers\aswStmXP.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-09-26 11:11:38 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-09-26 11:11:37 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-09-26 11:11:36 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-09-26 11:11:33 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-09-26 11:11:26 ----A---- C:\WINDOWS\avastSS.scr
2015-09-26 11:10:10 ----D---- C:\Program Files\AVAST Software
2015-09-26 11:08:11 ----DC---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-09-26 10:53:17 ----D---- C:\Program Files\Mozilla Firefox
2015-09-15 10:22:32 ----D---- C:\Program Files\JoWooD
======List of files/folders modified in the last 1 month======
2015-09-27 15:50:33 ----D---- C:\Program Files\trend micro
2015-09-27 10:21:49 ----D---- C:\WINDOWS\Prefetch
2015-09-27 09:38:08 ----RSD---- C:\WINDOWS\assembly
2015-09-27 09:38:08 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-27 09:31:22 ----D---- C:\WINDOWS\Temp
2015-09-27 09:29:47 ----SHDC---- C:\Config.Msi
2015-09-27 09:29:47 ----SHD---- C:\WINDOWS\Installer
2015-09-27 09:29:34 ----D---- C:\WINDOWS\system32
2015-09-27 09:29:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-27 09:29:26 ----D---- C:\WINDOWS\WinSxS
2015-09-27 08:48:25 ----D---- C:\WINDOWS\system32\drivers
2015-09-27 08:36:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-09-27 08:30:44 ----D---- C:\WINDOWS\PeerNet
2015-09-26 21:22:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2015-09-26 21:09:36 ----D---- C:\Program Files\Common Files
2015-09-26 21:09:18 ----D---- C:\Program Files
2015-09-26 13:31:19 ----A---- C:\WINDOWS\NeroDigital.ini
2015-09-26 13:11:25 ----A---- C:\WINDOWS\win.ini
2015-09-26 13:11:25 ----A---- C:\WINDOWS\system.ini
2015-09-26 12:50:59 ----D---- C:\WINDOWS
2015-09-26 11:12:35 ----HD---- C:\WINDOWS\inf
2015-09-26 11:11:55 ----D---- C:\WINDOWS\system32\CatRoot2
2015-09-26 11:11:51 ----SD---- C:\WINDOWS\Tasks
2015-09-26 10:58:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-09-26 10:44:19 ----D---- C:\WINDOWS\system32\cs-cz
2015-09-26 10:40:06 ----D---- C:\WINDOWS\system32\en-US
2015-09-26 10:24:22 ----D---- C:\Program Files\Spyware Terminator
2015-09-22 19:04:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-14 10:20:45 ----D---- C:\WINDOWS\system32\cache
2015-09-09 18:42:43 ----D---- C:\WINDOWS\system32\MRT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-26 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-26 208664]
R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2007-06-15 143256]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-15 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-09-26 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-09-26 789296]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-09-26 434184]
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys []
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-26 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-26 76000]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2015-09-26 157888]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-06-08 262912]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-09-26 57888]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-26 146600]
R2 MRUWebService;MRU Web Service; C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [2007-05-23 20539]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-11-01 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Marvell RAID;Marvell RAID Event Agent; C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [2007-06-12 61440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-26 147624]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22 269000]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe []
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe []
S4 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-11-24 496128]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-09-2015
Ran by TO2 (administrator) on ADMIN (27-09-2015 15:55:30)
Running from C:\Documents and Settings\TO2\Plocha
Loaded Profiles: TO2 (Available Profiles: TO2 & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Apache Software Foundation) C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
(Apache Software Foundation) C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\TO2\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [729088 2006-07-13] (Analog Devices, Inc.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-26] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02] (ATI Technologies Inc.)
Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll [2009-11-17] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-854245398-412668190-725345543-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\ssstars.scr [14336 2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-26] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E42CA267-928F-4E39-A54A-65F66B055563}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-854245398-412668190-725345543-1003 - (No Name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-854245398-412668190-725345543-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-854245398-412668190-725345543-1003 -> {7CEB5968-7C7F-4236-AFE7-3E0B07A63BCC} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-854245398-412668190-725345543-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-26] (AVAST Software)
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244570188515
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default
FF SelectedSearchEngine:
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2014-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2014-07-16] (Apple Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-04-22]
FF Extension: Adblock Plus - C:\Documents and Settings\TO2\Data aplikací\Mozilla\Firefox\Profiles\fxz2gfoz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-09]
FF HKLM\...\Firefox\Extensions: [avg@igeared] - C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-26]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2007-11-01] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-26] (AVAST Software)
S3 Marvell RAID; C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [61440 2007-06-12] () [File not signed]
R2 MRUWebService; C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [20539 2007-05-23] (Apache Software Foundation) [File not signed]
S4 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [496128 2011-11-24] (Crawler.com) [File not signed]
S4 PnkBstrB; C:\windows\system32\PnkBstrB.exe [X]
S4 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbmdm6501; C:\WINDOWS\System32\DRIVERS\adusbmdm65.sys [64896 2005-05-02] (AnyDATA Corporation) [File not signed]
S3 adusbser6501; C:\WINDOWS\System32\DRIVERS\adusbser65.sys [64896 2005-05-02] (AnyDATA Corporation) [File not signed]
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-09-26] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-09-26] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-09-26] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-09-26] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [789296 2015-09-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [434184 2015-09-26] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [157888 2015-09-26] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-09-26] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-09-26] (AVAST Software)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-07-15] () [File not signed]
R3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
S3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-14] ()
R0 mv61xx; C:\WINDOWS\System32\DRIVERS\mv61xx.sys [143256 2007-06-15] (Marvell Semiconductor, Inc.)
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-09-15] () [File not signed]
R1 SSHDRV65; C:\WINDOWS\system32\drivers\SSHDRV65.sys [120320 2009-06-13] () [File not signed]
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [262912 2007-06-08] (Marvell)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 gtcdcmdm; system32\DRIVERS\gtusbmdm_gpc6400.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 15:55 - 2015-09-27 15:55 - 00013931 _____ C:\Documents and Settings\TO2\Plocha\FRST.txt
2015-09-27 15:55 - 2015-09-27 15:55 - 00000000 ___DC C:\FRST
2015-09-27 15:54 - 2015-09-27 15:54 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\TO2\Plocha\FRSTLauncher.exe
2015-09-27 15:54 - 2015-09-27 15:52 - 01695744 _____ (Farbar) C:\Documents and Settings\TO2\Plocha\FRST.exe
2015-09-26 21:22 - 2015-09-26 21:22 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2015-09-26 21:22 - 2015-09-26 21:22 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2015-09-26 21:22 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-26 21:06 - 2015-09-26 21:09 - 00000000 ___DC C:\AdwCleaner
2015-09-26 21:05 - 2015-09-26 21:05 - 00004435 _____ C:\Documents and Settings\TO2\Plocha\c.txt
2015-09-26 21:04 - 2015-09-26 21:04 - 00000000 ____D C:\Documents and Settings\TO2\Plocha\v
2015-09-26 19:18 - 2015-09-26 19:18 - 00000000 ___DC C:\rsit
2015-09-26 19:13 - 2015-09-26 19:13 - 00000000 ____D C:\Documents and Settings\TO2\Dokumenty\Stažené soubory
2015-09-26 18:56 - 2015-09-26 18:56 - 00000000 ___DC C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2015-09-26 18:46 - 2015-09-26 18:46 - 00000613 _____ C:\Documents and Settings\TO2\Plocha\HD Tune.lnk
2015-09-26 18:46 - 2015-09-26 18:46 - 00000000 ____D C:\Program Files\HD Tune
2015-09-26 18:46 - 2015-09-26 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
2015-09-26 15:05 - 2015-09-26 13:11 - 00000194 _RSHC C:\boot.ini
2015-09-26 13:34 - 2015-09-26 13:38 - 00000000 ____D C:\Documents and Settings\TO2\Dokumenty\Záloha dokumentů
2015-09-26 13:33 - 2015-09-26 13:33 - 00000368 _____ C:\Documents and Settings\TO2\Dokumenty\Stažené soubory.lnk
2015-09-26 11:12 - 2015-09-26 11:12 - 00001689 _____ C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
2015-09-26 11:12 - 2015-09-26 11:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-09-26 11:12 - 2015-09-26 11:12 - 00000000 ____D C:\Documents and Settings\TO2\Data aplikací\AVAST Software
2015-09-26 11:12 - 2015-09-26 11:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVAST Software
2015-09-26 11:11 - 2015-09-27 11:11 - 00000358 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-09-26 11:11 - 2015-09-26 11:12 - 00010307 _____ C:\WINDOWS\Wdf01009Inst.log
2015-09-26 11:11 - 2015-09-26 11:11 - 00789296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00434184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-09-26 11:11 - 2015-09-26 11:11 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00157888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-26 11:11 - 2015-09-26 11:11 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-09-26 11:11 - 2015-09-26 11:11 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-26 11:10 - 2015-09-26 11:10 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-26 11:08 - 2015-09-26 11:08 - 00000000 ___DC C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-09-26 10:53 - 2015-09-26 10:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-09-26 10:47 - 2015-09-26 10:47 - 00000000 ____D C:\Documents and Settings\TO2\Local Settings\Data aplikací\Scansoft
2015-09-15 10:24 - 2015-09-15 10:24 - 00001718 _____ C:\Documents and Settings\All Users\Plocha\Kao - 2nd round.lnk
2015-09-15 10:24 - 2015-09-15 10:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\JoWooD
2015-09-15 10:22 - 2015-09-15 10:22 - 00000000 ____D C:\Program Files\JoWooD
2015-09-12 22:12 - 2015-09-12 22:12 - 00000057 _____ C:\Documents and Settings\TO2\Plocha\Nový objekt - Textový dokument.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 15:55 - 2010-07-29 17:14 - 00000000 ____D C:\Documents and Settings\TO2\Plocha
2015-09-27 15:55 - 2010-07-29 17:14 - 00000000 ____D C:\Documents and Settings\TO2\Local Settings\Temp
2015-09-27 15:54 - 2010-07-29 17:14 - 00000000 ___HD C:\Documents and Settings\TO2\Local Settings\Data aplikací
2015-09-27 15:50 - 2010-09-15 20:59 - 00000000 ____D C:\Program Files\trend micro
2015-09-27 15:04 - 2013-04-01 19:53 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-27 11:31 - 2009-06-08 19:30 - 01364714 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-27 09:38 - 2009-06-09 19:44 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-09-27 09:29 - 2009-06-08 20:58 - 01146944 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-27 08:36 - 2009-06-08 19:35 - 00032442 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-27 08:31 - 2014-03-28 11:36 - 00000218 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-27 08:31 - 2009-06-09 19:37 - 00000283 ____C C:\WINDOWS\system32\61xx.xml
2015-09-27 08:31 - 2009-06-08 21:00 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-09-27 08:31 - 2009-06-08 21:00 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-09-27 08:31 - 2009-06-08 19:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-27 08:31 - 2004-08-18 14:00 - 00013668 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-27 08:30 - 2010-07-29 17:14 - 00000272 ___SH C:\Documents and Settings\TO2\ntuser.ini
2015-09-27 08:30 - 2009-06-08 20:49 - 00000000 ____D C:\WINDOWS\PeerNet
2015-09-26 21:22 - 2010-09-15 18:57 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2015-09-26 21:22 - 2009-06-08 20:57 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-09-26 21:22 - 2009-06-08 20:57 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-09-26 21:13 - 2010-07-29 17:14 - 00000000 ____D C:\Documents and Settings\TO2
2015-09-26 21:09 - 2009-06-08 20:57 - 00000000 _RHDC C:\Documents and Settings\All Users\Data aplikací
2015-09-26 19:36 - 2010-08-28 19:38 - 00000472 _____ C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2015-09-26 19:13 - 2010-07-31 17:59 - 00144896 _____ C:\Documents and Settings\TO2\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-26 19:13 - 2010-07-29 17:14 - 00000000 ___RD C:\Documents and Settings\TO2\Dokumenty
2015-09-26 19:11 - 2010-07-29 17:14 - 00000000 __RHD C:\Documents and Settings\TO2\Data aplikací
2015-09-26 13:31 - 2010-08-01 13:43 - 00000142 _____ C:\Documents and Settings\TO2\default.pls
2015-09-26 13:31 - 2009-06-22 16:21 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2015-09-26 13:11 - 2004-08-18 14:00 - 00000682 _____ C:\WINDOWS\win.ini
2015-09-26 13:11 - 2004-08-18 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2015-09-26 11:12 - 2012-04-26 17:00 - 00020057 _____ C:\WINDOWS\setupapi.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00738268 ____C C:\WINDOWS\iis6.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00680103 ____C C:\WINDOWS\FaxSetup.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00325160 ____C C:\WINDOWS\ocgen.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00310311 ____C C:\WINDOWS\tsoc.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00226337 ____C C:\WINDOWS\comsetup.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00213788 ____C C:\WINDOWS\msmqinst.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00137088 ____C C:\WINDOWS\ntdtcsetup.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00119130 ____C C:\WINDOWS\netfxocm.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00046750 ____C C:\WINDOWS\MedCtrOC.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00042460 ____C C:\WINDOWS\ocmsn.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00034210 ____C C:\WINDOWS\tabletoc.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00033990 ____C C:\WINDOWS\msgsocm.log
2015-09-26 11:12 - 2012-04-12 19:32 - 00001374 _____ C:\WINDOWS\imsins.log
2015-09-26 10:58 - 2012-05-04 17:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-09-26 10:24 - 2010-09-15 20:17 - 00000000 ____D C:\Program Files\Spyware Terminator
2015-09-26 10:12 - 2012-04-26 17:00 - 01076950 ____C C:\WINDOWS\setupapi.log.0.old
2015-09-26 09:55 - 2013-06-08 15:13 - 00000000 ____D C:\Documents and Settings\TO2\Local Settings\Data aplikací\Unity
2015-09-26 09:53 - 2010-07-29 17:14 - 00000000 ___RD C:\Documents and Settings\TO2\Nabídka Start
2015-09-26 09:45 - 2009-06-08 20:57 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-09-26 09:35 - 2012-04-12 19:32 - 00004919 _____ C:\WINDOWS\setupact.log
2015-09-22 19:04 - 2013-04-01 19:53 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-22 19:04 - 2012-04-20 21:59 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-09-22 09:25 - 2012-12-28 14:18 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-09-21 16:21 - 2012-04-29 19:35 - 00068608 __SHC C:\Documents and Settings\TO2\Plocha\Thumbs.db
2015-09-18 13:45 - 2014-04-10 10:45 - 00000000 ____D C:\Documents and Settings\TO2\Plocha\Zuzanka
2015-09-14 10:20 - 2013-05-21 13:38 - 00000000 ____D C:\WINDOWS\system32\cache
2015-09-09 18:42 - 2013-08-15 14:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 15:05 - 2014-03-28 11:36 - 00000212 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
==================== Files in the root of some directories =======
2013-06-26 14:12 - 2014-06-23 16:44 - 0003728 ____C () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2010-09-15 18:52 - 2010-09-15 18:52 - 0002528 ____C () C:\Documents and Settings\TO2\Data aplikací\$_hpcst$.hpc
2010-07-31 17:59 - 2015-09-26 19:13 - 0144896 _____ () C:\Documents and Settings\TO2\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\TO2\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:37.55 GB) (Free:22.14 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:195.32 GB) (Free:163.2 GB) NTFS
Available physical RAM: 1133.04 MB
Total physical RAM: 2047.23 MB
Percentage of memory in use: 44%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 232.9 GB) (Disk ID: 28A028A0)
Partition 1: (Active) - (Size=37.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\TO2\Plocha" je 1294 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
%systemroot%\system32\dumprep 0 -k [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate
"C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate
"C:\Program Files\AVG Secure Search\vprot.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
Reim ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
vToolbarUpdater18.8.0 REG_DWORD 0x2
sp_rssrv REG_DWORD 0x2
SkypeUpdate REG_DWORD 0x2
PnkBstrB REG_DWORD 0x3
AdobeFlashPlayerUpdateSvc REG_DWORD 0x3
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\ICQ7.6\\ICQ.exe"="C:\\Program Files\\ICQ7.6\\ICQ.exe:*:Enabled:ICQ7.6"
"D:\\Program Files\\Winamp\\winamp.exe"="D:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"="D:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\\Program Files\\RadLight Company\\RadLight 4.0\\rlkernel.exe"="C:\\Program Files\\RadLight Company\\RadLight 4.0\\rlkernel.exe:*:Enabled:Kernel Executable"
"C:\\Program Files\\Valve\\hl.exe"="C:\\Program Files\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Documents and Settings\\Administrator\\Plocha\\sdc222\\StrongDC.exe"="C:\\Documents and Settings\\Administrator\\Plocha\\sdc222\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (9.41 KiB) Staženo 65 x
Re: Prosím o kontrolu logu
Pokud jste to neudelal, zapnete zase funkci vytvareni bodu obnovy.***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\TO2\Plocha" je 1294 MB.
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-854245398-412668190-725345543-1003 - (No Name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll No File
FF Keyword.URL: hxxp://search.icq.com/search/afe_result ... r=1.5.3&q=
FF HKLM\...\Firefox\Extensions: [avg@igeared] - C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
S4 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [496128 2011-11-24] (Crawler.com) [File not signed]
S4 PnkBstrB; C:\windows\system32\PnkBstrB.exe [X]
S4 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
C:\Program Files\Spyware Terminator
C:\Program Files\AVG
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Plocha pročištěna....
U toho FRST systém po chvilce napsal, že přestal pracovat a bude ukončen, tak jsem to zkusil ještě jednou a pak to proběhlo normálně. Tak snad je to v pořádku?
Fix result of Farbar Recovery Scan Tool (x86) Version:27-09-2015 01
Ran by TO2 (2015-09-28 11:51:04) Run:2
Running from C:\Documents and Settings\TO2\Plocha
Loaded Profiles: TO2 (Available Profiles: TO2 & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-854245398-412668190-725345543-1003 - (No Name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll No File
FF Keyword.URL: hxxp://search.icq.com/search/afe_result ... r=1.5.3&q=
FF HKLM\...\Firefox\Extensions: [avg@igeared] - C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
S4 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [496128 2011-11-24] (Crawler.com) [File not signed]
S4 PnkBstrB; C:\windows\system32\PnkBstrB.exe [X]
S4 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
C:\Program Files\Spyware Terminator
C:\Program Files\AVG
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} => key not found.
HKCR\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} => key not found.
HKCR\PROTOCOLS\Handler\linkscanner => key not found.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => key removed successfully.
Firefox "Keyword.URL" removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\avg@igeared => value removed successfully.
sp_rssrv => service removed successfully.
PnkBstrB => service removed successfully.
SkypeUpdate => service removed successfully.
C:\Program Files\Spyware Terminator => moved successfully
"C:\Program Files\AVG" => File/Folder not found.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => moved successfully
C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 2 GB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 11:54:09 ====
U toho FRST systém po chvilce napsal, že přestal pracovat a bude ukončen, tak jsem to zkusil ještě jednou a pak to proběhlo normálně. Tak snad je to v pořádku?
Fix result of Farbar Recovery Scan Tool (x86) Version:27-09-2015 01
Ran by TO2 (2015-09-28 11:51:04) Run:2
Running from C:\Documents and Settings\TO2\Plocha
Loaded Profiles: TO2 (Available Profiles: TO2 & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-854245398-412668190-725345543-1003\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-854245398-412668190-725345543-1003 - (No Name) - *{EEE6C35D-6118-11DC-9C72-001320C79847} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll No File
FF Keyword.URL: hxxp://search.icq.com/search/afe_result ... r=1.5.3&q=
FF HKLM\...\Firefox\Extensions: [avg@igeared] - C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
S4 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [496128 2011-11-24] (Crawler.com) [File not signed]
S4 PnkBstrB; C:\windows\system32\PnkBstrB.exe [X]
S4 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
C:\Program Files\Spyware Terminator
C:\Program Files\AVG
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\windows\system32\xp_eos.exe
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value not found.
HKU\S-1-5-21-854245398-412668190-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} => key not found.
HKCR\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} => key not found.
HKCR\PROTOCOLS\Handler\linkscanner => key not found.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => key removed successfully.
Firefox "Keyword.URL" removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\avg@igeared => value removed successfully.
sp_rssrv => service removed successfully.
PnkBstrB => service removed successfully.
SkypeUpdate => service removed successfully.
C:\Program Files\Spyware Terminator => moved successfully
"C:\Program Files\AVG" => File/Folder not found.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => moved successfully
C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 2 GB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 11:54:09 ====
Re: Prosím o kontrolu logu
Vypada to, ze to provedlo vse co melo.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.
vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Vše jsem provedl, teď ještě běží defragmentace, asi nebude trvat dlouho, už jsem ji dělal nástrojem ve windows... Že je lepší odinstalovat programy ccleanerem jsem nevěděl, díky za tuto informaci, budu jej používat.
PC je zase o něco rychlejší (v rámci možností hardwaru), a od té doby co jsme začali tak nezamrzlo... Takže děkuji velmi za pomoc, a samozřejmě hned přispívám na provoz fóra.
Měl bych ještě dotaz ohledně antiviru, ten Avast je podle Vás obstojný, nebo by jste doporučil spíše jiný freeware antivir? A jaký máte názor na Windows Defender ve Win 8.1? Děkuji
PC je zase o něco rychlejší (v rámci možností hardwaru), a od té doby co jsme začali tak nezamrzlo... Takže děkuji velmi za pomoc, a samozřejmě hned přispívám na provoz fóra.
Měl bych ještě dotaz ohledně antiviru, ten Avast je podle Vás obstojný, nebo by jste doporučil spíše jiný freeware antivir? A jaký máte názor na Windows Defender ve Win 8.1? Děkuji
Re: Prosím o kontrolu logu
Tak zase tak rychlá defragmentace to nebude, píše to 2:45 hod
Re: Prosím o kontrolu logu
Defragmentace windows a specializovaneho programu se neda srovnavat
Za pripadny prispevek dekujeme
Co se antiviru tyka, Avast je dobra volba, sam jej pouzivam uz 10 let. Defender je hodne slaby, doporucuji ho nahradit necim jinym.
Jeste muzem zkusit trosku zrychlit... (po defragmentaci)
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Za pripadny prispevek dekujeme
Co se antiviru tyka, Avast je dobra volba, sam jej pouzivam uz 10 let. Defender je hodne slaby, doporucuji ho nahradit necim jinym.
Jeste muzem zkusit trosku zrychlit... (po defragmentaci)
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?