Ahoj,
chtěl bych poprosit o projetí scanu.
Nespěchá to. Je to jen preventivka.
Předem díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-09-2015
Ran by Standa (administrator) on HOME-COMPIK (01-10-2015 16:41:29)
Running from C:\Documents and Settings\Standa\Plocha
Loaded Profiles: Standa (Available Profiles: Standa)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16858112 2014-08-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2014-08-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-23] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-1606980848-343818398-1801674531-1003\...\Run: [GoogleChromeAutoLaunch_4927F5B6E7AE8B33101648FA135081AE] => C:\Program Files\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
AppInit_DLLs: C:\DOCUME~1\Standa\LOCALS~1\DATAAP~1\Linkey\IEEXTE~1\iedll.dll => No File
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-23] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5D64D3DF-D890-4D65-9BF8-11356B46D1D8}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1606980848-343818398-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1606980848-343818398-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1606980848-343818398-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-1606980848-343818398-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.default-search.net?sid=503&aid=112& ... 22&src=hmp
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> 14E74797A765B6DB8AB8D47AA11ADE5D URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> 93821D6CCEB3FB050AE767E2AC12B7E1 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> A86E5FE01AEDA542C6BAA11AAAC51A6F URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> DC813B2CE0F2E5E359829BF0A4B6D85B URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> {6740441D-3595-4BF2-B486-FA927C471192} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> {709DDA7F-5D81-4BB8-9EFA-EBA9EEB22799} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1606980848-343818398-1801674531-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-15] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-10] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-15] (Oracle Corporation)
Toolbar: HKLM - No Name - {31264a33-a653-46c4-af49-1232c59a7da5} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1414313559&from=cvs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8625671956719
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\nahd6ha2.default
FF NewTab: yafd:tabs
FF DefaultSearchEngine: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://www.seznam.cz/?clid=6826
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2015-07-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-1606980848-343818398-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Standa\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-15] (Unity Technologies ApS)
FF SearchPlugin: C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yqs-barff-yandex.xml [2015-07-15]
FF Extension: Visual Bookmarks - C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\vb@yandex.ru [2015-07-15]
FF Extension: &Yandex Elements& - C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\yasearch@yandex.ru [2015-07-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-20]
FF Extension: No Name - C:\Documents and Settings\Standa\Data aplikacĂ\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\yasearch@yandex.ru [not found]
FF Extension: No Name - C:\Documents and Settings\Standa\Data aplikacĂ\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\vb@yandex.ru [not found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668","hxxp://ista ... 5671956719"
CHR Profile: C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-19]
CHR Extension: (YouTube) - C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-19]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-19]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (AdBlock) - C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-19]
CHR Extension: (Gmail) - C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-25]
CHR HKU\S-1-5-21-1606980848-343818398-1801674531-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-23] (AVAST Software)
U2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-12] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-15] (Oracle Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S2 nvsvc; C:\WINDOWS\system32\nvsvc32.exe [168004 2009-05-09] (NVIDIA Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2013-06-28] (Atheros Communications, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-09-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-09-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-09-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-09-23] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [789296 2015-09-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [434184 2015-09-23] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [157888 2015-09-23] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-09-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-09-23] (AVAST Software)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-01 16:41 - 2015-10-01 16:41 - 00015189 _____ C:\Documents and Settings\Standa\Plocha\FRST.txt
2015-10-01 16:40 - 2015-10-01 16:41 - 00000000 ____D C:\FRST
2015-10-01 16:39 - 2015-10-01 16:39 - 01696256 _____ (Farbar) C:\Documents and Settings\Standa\Plocha\FRST.exe
2015-10-01 16:34 - 2015-10-01 16:36 - 00000777 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2015-10-01 16:34 - 2015-10-01 16:36 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-01 16:34 - 2015-10-01 16:36 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2015-10-01 16:34 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-01 16:34 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-01 14:12 - 2015-10-01 14:13 - 00000000 ____D C:\Documents and Settings\Standa\Plocha\moje (nesahat)
2015-09-30 13:37 - 2015-10-01 16:35 - 00000000 ____D C:\Fraps
2015-09-23 16:41 - 2015-09-23 16:39 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-09-23 16:39 - 2015-09-23 16:39 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-09-19 14:28 - 2015-09-19 14:28 - 00000000 ____D C:\Documents and Settings\Standa\Dokumenty\Curse
2015-09-16 19:13 - 2015-09-16 19:13 - 00000000 ____D C:\Documents and Settings\Standa\Plocha\cuřínova
2015-09-08 18:35 - 2015-09-08 18:35 - 00001015 _____ C:\Documents and Settings\Standa\Nabídka Start\Programy\Curse.lnk
2015-09-08 18:35 - 2015-09-08 18:35 - 00001009 _____ C:\Documents and Settings\Standa\Plocha\Curse.lnk
2015-09-08 18:33 - 2015-09-25 22:03 - 00000000 ____D C:\Documents and Settings\Standa\Data aplikací\Curse Client
2015-09-08 18:29 - 2015-09-08 18:29 - 00000000 ____D C:\Documents and Settings\Standa\Data aplikací\Curse
2015-09-04 21:18 - 2015-09-04 21:18 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-09-04 21:18 - 2015-09-04 21:18 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2015-09-04 21:17 - 2015-09-04 21:18 - 00000000 ___RD C:\Program Files\Skype
2015-09-04 21:00 - 2015-09-04 21:00 - 00000656 _____ C:\Documents and Settings\Standa\Plocha\Zástupce - lol.launcher.lnk
2015-09-04 18:53 - 2015-09-04 18:53 - 00000000 ____D C:\Documents and Settings\Standa\Data aplikací\LolClient
2015-09-04 14:58 - 2015-09-04 14:58 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Riot Games
2015-09-02 14:31 - 2015-09-02 14:31 - 00000000 ____D C:\Documents and Settings\Standa\Plocha\warcraft
2015-09-02 14:30 - 2015-09-04 21:00 - 00000000 ____D C:\Riot Games
2015-09-02 14:30 - 2015-09-02 14:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\League of Legends
2015-09-02 14:29 - 2015-09-02 14:31 - 00000000 ____D C:\Documents and Settings\Standa\Data aplikací\Riot Games
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-01 16:41 - 2014-08-19 15:36 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-10-01 16:41 - 2014-08-19 14:58 - 00000000 ____D C:\Documents and Settings\Standa\Plocha
2015-10-01 16:41 - 2014-08-19 14:58 - 00000000 ____D C:\Documents and Settings\Standa\Local Settings\Temp
2015-10-01 16:36 - 2014-08-19 16:31 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-10-01 16:35 - 2014-08-19 14:58 - 00000000 ____D C:\Documents and Settings\Standa\Nabídka Start\Programy
2015-10-01 16:34 - 2014-08-19 16:31 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-10-01 16:32 - 2014-08-19 14:54 - 01940166 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-01 16:31 - 2014-08-21 11:36 - 00000224 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-10-01 16:31 - 2014-08-21 00:38 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2015-10-01 16:31 - 2014-08-19 15:31 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-01 16:31 - 2014-08-19 14:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-01 15:29 - 2014-08-19 14:58 - 00000178 ___SH C:\Documents and Settings\Standa\ntuser.ini
2015-10-01 15:29 - 2014-08-19 14:57 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2015-10-01 15:17 - 2014-08-19 15:31 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-01 14:39 - 2015-04-30 22:24 - 00000000 ____D C:\Program Files\Hearthstone
2015-10-01 14:35 - 2015-04-30 22:22 - 00000000 ____D C:\Documents and Settings\Standa\Local Settings\Data aplikací\Battle.net
2015-10-01 14:34 - 2015-04-30 22:22 - 00000000 ____D C:\Program Files\Battle.net
2015-10-01 07:47 - 2015-06-27 14:15 - 00000216 _____ C:\WINDOWS\wiadebug.log
2015-10-01 07:43 - 2015-06-27 14:15 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-09-30 21:54 - 2015-01-01 19:44 - 00000000 ____D C:\Documents and Settings\Standa\Data aplikací\.minecraft
2015-09-30 21:06 - 2015-05-01 18:42 - 00000000 ____D C:\Program Files\Steam
2015-09-30 16:20 - 2014-08-21 14:26 - 00010240 _____ C:\Documents and Settings\Standa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 07:50 - 2014-08-19 14:58 - 00000000 ____D C:\Documents and Settings\Standa
2015-09-28 23:18 - 2014-08-19 15:31 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-09-27 14:34 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-25 22:15 - 2014-12-06 01:22 - 01452333 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1606980848-343818398-1801674531-1003-0.dat
2015-09-25 22:15 - 2014-12-06 01:22 - 00080138 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-09-23 16:44 - 2015-07-25 21:25 - 00329778 _____ C:\WINDOWS\Wdf01009Inst.log
2015-09-23 16:44 - 2015-05-02 17:21 - 00154587 _____ C:\WINDOWS\setupapi.log
2015-09-23 16:40 - 2015-07-25 21:24 - 00157888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-09-23 16:40 - 2014-08-19 15:36 - 00434184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-09-23 16:40 - 2014-08-19 15:36 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-09-23 16:40 - 2014-08-19 15:36 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-09-23 16:40 - 2014-08-19 15:36 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-09-23 16:40 - 2014-08-19 15:36 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-09-23 16:40 - 2014-08-19 15:36 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-09-23 16:40 - 2014-08-19 15:36 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-09-23 16:38 - 2014-08-19 15:36 - 00789296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-09-19 16:36 - 2014-09-15 15:50 - 00000000 ____D C:\Program Files\Java
2015-09-19 16:36 - 2014-09-15 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2015-09-19 14:28 - 2014-08-19 14:58 - 00000000 ___RD C:\Documents and Settings\Standa\Dokumenty
2015-09-19 10:16 - 2014-08-19 14:58 - 00000000 ___HD C:\Documents and Settings\Standa\Local Settings\Data aplikací
2015-09-18 13:31 - 2014-10-23 16:35 - 00000000 ____D C:\Documents and Settings\Standa\Data aplikací\Skype
2015-09-18 13:29 - 2014-10-23 16:35 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-09-14 07:25 - 2014-08-19 15:31 - 00000000 ____D C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google
2015-09-12 07:22 - 2014-08-19 14:58 - 00000000 ___RD C:\Documents and Settings\Standa\Nabídka Start\Programy\Po spuštění
2015-09-11 07:57 - 2014-10-26 12:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 18:33 - 2014-08-19 14:58 - 00000000 __RHD C:\Documents and Settings\Standa\Data aplikací
2015-09-06 09:44 - 2015-05-01 18:56 - 00000000 ____D C:\Documents and Settings\Standa\Nabídka Start\Programy\Steam
2015-09-04 21:17 - 2014-10-23 16:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2015-09-04 14:58 - 2014-08-19 16:31 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-09-02 14:31 - 2014-08-19 14:54 - 00000000 ____D C:\WINDOWS\system32\DirectX
==================== Files in the root of some directories =======
2015-03-04 22:23 - 2015-03-04 22:23 - 0000664 _____ () C:\Documents and Settings\Standa\Local Settings\Data aplikací\d3d9caps.dat
2014-08-21 14:26 - 2015-09-30 16:20 - 0010240 _____ () C:\Documents and Settings\Standa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Standa\Local Settings\Temp\APNSetup.exe
C:\Documents and Settings\Standa\Local Settings\Temp\appshat_generic.exe
C:\Documents and Settings\Standa\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Standa\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Standa\Local Settings\Temp\BSvcProcessor.exe
C:\Documents and Settings\Standa\Local Settings\Temp\BSvcUpdater.exe
C:\Documents and Settings\Standa\Local Settings\Temp\BullseyeCoverage-2-x86.dll
C:\Documents and Settings\Standa\Local Settings\Temp\drm_dialogs.dll
C:\Documents and Settings\Standa\Local Settings\Temp\drm_dyndata_7330005.dll
C:\Documents and Settings\Standa\Local Settings\Temp\drm_dyndata_7380015.dll
C:\Documents and Settings\Standa\Local Settings\Temp\DseShExt-x86.dll
C:\Documents and Settings\Standa\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Standa\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Standa\Local Settings\Temp\EReg2HWDetect.dll
C:\Documents and Settings\Standa\Local Settings\Temp\FreeZip920.exe
C:\Documents and Settings\Standa\Local Settings\Temp\GameuxInstallHelper.dll
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd1456676463381437710.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd1832317766408459679.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd2209902908548387610.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd2481712711509965706.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd3770460824023210079.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd499481219810144236.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd629699178909349583.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd6326846511116750379.exe
C:\Documents and Settings\Standa\Local Settings\Temp\i4jd6859737116309924551.exe
C:\Documents and Settings\Standa\Local Settings\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Documents and Settings\Standa\Local Settings\Temp\jre-8u51-windows-au.exe
C:\Documents and Settings\Standa\Local Settings\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Documents and Settings\Standa\Local Settings\Temp\mfc42.dll
C:\Documents and Settings\Standa\Local Settings\Temp\MSVCRT.DLL
C:\Documents and Settings\Standa\Local Settings\Temp\Need for Speed Underground 2_uninst.exe
C:\Documents and Settings\Standa\Local Settings\Temp\pcspeedup.exe
C:\Documents and Settings\Standa\Local Settings\Temp\SDShelEx-win32.dll
C:\Documents and Settings\Standa\Local Settings\Temp\sender.exe
C:\Documents and Settings\Standa\Local Settings\Temp\SIntf16.dll
C:\Documents and Settings\Standa\Local Settings\Temp\SIntf32.dll
C:\Documents and Settings\Standa\Local Settings\Temp\SIntfNT.dll
C:\Documents and Settings\Standa\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Standa\Local Settings\Temp\ubi2F0.tmp.exe
C:\Documents and Settings\Standa\Local Settings\Temp\Uninstall.exe
C:\Documents and Settings\Standa\Local Settings\Temp\WS2HELP.DLL
C:\Documents and Settings\Standa\Local Settings\Temp\WS2_32.DLL
C:\Documents and Settings\Standa\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivka
- Přílohy
-
- Addition.rar
- (7.07 KiB) Staženo 50 x
Re: Preventivka
ahoj,
vycisti PC s ADWCleanerom
vycisti PC s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?