moc prosím o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

mafian
Level 3.5
Level 3.5
Příspěvky: 770
Registrován: leden 07
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod mafian » 08 čer 2017 09:53

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:52:22, on 8.6.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\Av\avgfws.exe
C:\Program Files\AVG\Framework\Common\avgsvcx.exe
C:\Program Files\AVG\Av\avgwdsvcx.exe
C:\Program Files\BlueStacks\HD-LogRotatorService.exe
C:\Program Files\BlueStacks\HD-UpdaterService.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\Av\avgui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera_crashreporter.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Program Files\Opera\36.0.2130.80_1\opera.exe
C:\Documents and Settings\uživatel\Dokumenty\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=av
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} - https://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 6586 bytes


Systém je o trochu rychlejší,ale stále to není ono.
Provedl jsem i defragmentaci disku.
Nějaký další nápad? díky

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod jaro3 » 08 čer 2017 18:44

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Ještě zkontrolovat HDD na chyby ,

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 770
Registrován: leden 07
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod mafian » 08 čer 2017 21:09

----------------------------------------------------------------------------
CrystalDiskInfo 4.2.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2017/06/08 21:08:39

-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller (IDE Mode) [ATA]
+ Primární kanál IDE (0)
- TSSTcorp CDDVDW SH-S223F
- WDC WD5000AADS-00S9B0
- Sekundární kanál IDE (1)
+ AMD PCI IDE Controller [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0 : 500.1 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0
----------------------------------------------------------------------------
Model : WDC WD5000AADS-00S9B0
Firmware : 01.00A01
Serial Number : WD-WCAV9U944553
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 16519 hod.
Power On Count : 6846 krát
Temparature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 190 188 _21 000000000DA3 Čas na roztočení ploten
04 _94 _94 __0 000000001B00 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _78 _78 __0 000000004087 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _94 _94 __0 000000001ABE Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000000F6 Počet vypnutí disku
C1 153 153 __0 000000022B66 Počet cyklů načítání/vymazání
C2 116 102 __0 00000000001B Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 0000000000AF Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 56
020: 39 55 39 34 34 35 35 33 00 00 FF FF 00 32 30 31
030: 2E 30 30 41 30 31 57 44 43 20 57 44 35 30 30 30
040: 41 41 44 53 2D 30 30 53 39 42 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7D 61 41 23 74 69 BC 41 41 23
0B0: 40 7F 00 39 00 39 00 00 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 57 EF 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 04 8A 50 7F
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 D9 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8E A5


memtest udělám zítra.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod jaro3 » 08 čer 2017 22:33

000000000DA3 Čas na roztočení ploten
a zítra udělej i znovu CDI.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 770
Registrován: leden 07
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod mafian » 09 čer 2017 10:45

----------------------------------------------------------------------------
CrystalDiskInfo 4.2.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2017/06/09 10:45:00

-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller (IDE Mode) [ATA]
+ Primární kanál IDE (0)
- TSSTcorp CDDVDW SH-S223F
- WDC WD5000AADS-00S9B0
- Sekundární kanál IDE (1)
+ AMD PCI IDE Controller [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0 : 500.1 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0
----------------------------------------------------------------------------
Model : WDC WD5000AADS-00S9B0
Firmware : 01.00A01
Serial Number : WD-WCAV9U944553
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 16524 hod.
Power On Count : 6847 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 190 188 _21 000000000DAC Čas na roztočení ploten
04 _94 _94 __0 000000001B01 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _78 _78 __0 00000000408C Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _94 _94 __0 000000001ABF Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000000F6 Počet vypnutí disku
C1 153 153 __0 000000022B68 Počet cyklů načítání/vymazání
C2 109 102 __0 000000000022 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 0000000000AF Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 56
020: 39 55 39 34 34 35 35 33 00 00 FF FF 00 32 30 31
030: 2E 30 30 41 30 31 57 44 43 20 57 44 35 30 30 30
040: 41 41 44 53 2D 30 30 53 39 42 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7D 61 41 23 74 69 BC 41 41 23
0B0: 40 7F 00 39 00 39 00 00 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 57 EF 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 04 8A 50 7F
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 D9 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8E A5


memtest 0 chyb nechal jsem ho běžet 2,5h 2x

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod jaro3 » 09 čer 2017 18:45

000000000DA3 Čas na roztočení ploten
000000000DAC Čas na roztočení ploten
údaj se trochu zvyšuje..

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 770
Registrován: leden 07
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod mafian » 09 čer 2017 19:34

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-06-2017 01
Ran by uživatel (09-06-2017 19:32:42)
Running from C:\Documents and Settings\uživatel\Local Settings\temp\scoped_dir2280_7618
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2011-12-28 09:25:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-854245398-1383384898-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-854245398-1383384898-839522115-1007 - Limited - Enabled)
Guest (S-1-5-21-854245398-1383384898-839522115-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-854245398-1383384898-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-854245398-1383384898-839522115-1002 - Limited - Disabled)
uživatel (S-1-5-21-854245398-1383384898-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\uživatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security (Disabled) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
3D Morris 2.02 (HKLM\...\3D Morris_is1) (Version: - Lobstersoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.724.5507 - ABBYY)
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Acronis Disk Director (HKLM\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis)
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AIDA64 Extreme v4.70 (HKLM\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)
Ashampoo Burning Studio FREE (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.31121 - ATI Technologies Inc.)
ATI Parental Control & Encoder (Version: 3.0 - Název společnosti:) Hidden
ATI Problem Report Wizard (HKLM\...\{5DA6F06A-B389-407B-BF8C-1548767914D8}) (Version: 8.10 - ATI Technologies)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.6.11 - Autodesk, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
AVG (Version: 16.151.8013 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4776 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.151.8013 - AVG Technologies)
Balíček ovladače systému Windows - Advanced Micro Devices (amdide) hdc (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Balíček ovladače systému Windows - LG Monitor (11/16/2006 1.3) (HKLM\...\591196B86D6AB052BD2AB3227EA1EB79A226E8D9) (Version: 11/16/2006 1.3 - LG)
Balíček ovladače systému Windows - Wacom (WacomISDPen) HIDClass (01/16/2006 2.5.0.0) (HKLM\...\06BA12C2FD6352D410C15EC9E359E80332E24487) (Version: 01/16/2006 2.5.0.0 - Wacom)
BlueStacks App Player (HKLM\...\{F22E13B7-2C58-4BE6-BA9D-24303403B494}) (Version: 0.10.6.8001 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Connectivity Abstraction Layer (HKLM\...\{510414A2-0F14-4DB8-BDF2-C98A6E1D1367}) (Version: 1.3.014 - Deere & Company)
CrystalDiskInfo 4.2.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 4.2.0a - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Easy Tune 6 B09.0918.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B09.0918.1 (Version: 1.00.0000 - GIGABYTE) Hidden
EasyCapture 1.0.0.0 (HKLM\...\EasyCapture_is1) (Version: - )
ECULP 4.0 (HKLM\...\ECULP4_is1) (Version: - John Deere FOCUS)
Epson Easy Photo Print 2 (HKLM\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation)
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FCleaner 1.3.1.621 (HKLM\...\FCleaner_is1) (Version: - FTweak, Inc.)
ffdshow (remove only) (HKLM\...\ffdshow) (Version: - )
FilesTuber (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\a49b2cdf927707e4) (Version: 1.1.0.2 - FilesTuber)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
FormApps Plug-in (HKLM\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.21.2.70 - Software602 a.s.)
FormApps Signing Extension (HKLM\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
FormatFactory 4.1.0.0 (HKLM\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
GetDataBack for FAT (HKLM\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 3.66.000 - Runtime Software)
GetDataBack for NTFS (HKLM\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.03.017 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glary Utilities 2.53.0.1726 (HKLM\...\Glary Utilities_is1) (Version: 2.53.0.1726 - Glarysoft Ltd)
Google Chrome (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (Version: 1.3.25.0 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jpeg Resampler Vs 6+ (HKLM\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
JPG To PDF 2.2.1 (HKLM\...\JPG To PDF_is1) (Version: - JPG To PDF Developer Team)
KMP Media Toolbar (HKLM\...\{4B4D5056-3700-A76A-76A7-A758B70C0600}) (Version: 12.6.0.1645 - APN, LLC)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Light Image Resizer 4.7.7.0 (HKLM\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{90120405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 52.1.2 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.1.2 ESR (x86 cs)) (Version: 52.1.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.1.2.6346 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
NEXIQ Readings (HKLM\...\{5DE5512A-6F6F-43FB-82C6-9A523E3AC771}) (Version: 3.01.320 - )
nLite 1.4.8 (HKLM\...\nLite_is1) (Version: 1.4.8 - Dino Nuhagic (nuhi))
Nuclear Coffee - VideoGet (HKLM\...\VideoGet_is1) (Version: 2012 - Nuclear Coffee)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.80) (Version: 36.0.2130.80 - Opera Software)
PDF Editor 4 (HKLM\...\PDF Editor 4) (Version: - )
PDF Shrink 2 (HKLM\...\PDF Shrink 2) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Polda III čára (HKLM\...\Polda III čára_is1) (Version: - )
Polda III karty (HKLM\...\Polda III karty_is1) (Version: - )
Pošta & kancelář 2.3 (HKLM\...\Pošta & kancelář_is1) (Version: - PS Media s.r.o.)
Pošta a kancelář 3.7 (HKLM\...\Pošta a kancelář 3_is1) (Version: - PS Media s.r.o.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Seznam Software (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\SeznamInstall) (Version: - Seznam.cz)
Software602 Form Filler (HKLM\...\{C6E36857-F622-4DF5-B458-05752A4D13F0}) (Version: 4.13 - Software602 a.s.)
Software602 Print2PDF (HKLM\...\{32C74893-0243-4235-A6F3-201F0E5D2C03}) (Version: 9.1.11.0421 - Software602 a.s.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.0 - Sophos Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
The Settlers Online - Standalone Client (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\The Settlers Online) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMR Client Install (Version: 1.00.0000 - Deere & Company) Hidden
Výpočet DPH podle §37 (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\8357c2ac6d1f07c9) (Version: 1.0.0.2 - OFIS)
WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
Window Handler (HKLM\...\ST5UNST #1) (Version: - )
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinUtilities Professional Edition 14.51 (HKLM\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 14.51 - YL Computing, Inc)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.388 - Zemana Ltd.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.5 - ZONER software)
Аrdamаx Kеylogger 4.6.2 (HKLM\...\Аrdamаx Kеylogger 4.6.2) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{0561E9ED-1BA8-A8E6-8873-14E47B15E3D8}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\46.0.2490.86\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{9D1CC63A-3313-563A-189B-00AB5A3A87D8}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{D5B39FC5-8683-5FAF-724A-A5E25BBD0B10}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\psuser.dll (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG EUpdate Task.job => C:\Program Files\AVG\Setup AVG Technologies  0 ߡ ;   0ߡ ;  
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1374932067.job => C:\Program Files\Opera\launcher.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Documents and Settings\uživatel\Plocha\programy\Secustamp Smart Form.lnk -> C:\Program Files\Software602\602XML\Filler\Filler602.exe (Software602 a.s.) -> "<?xml version='1.0' ?><d:root xmlns:d='hxxp://www.software602.cz/signmastercz'/>"

==================== Loaded Modules (Whitelisted) ==============

2012-01-13 19:44 - 2001-10-28 18:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2014-05-01 16:15 - 2014-05-01 16:15 - 00463360 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll
2010-10-28 20:31 - 2010-10-28 20:31 - 02156952 _____ () C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
2016-11-28 18:36 - 2016-11-28 18:36 - 48920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2016-12-31 18:29 - 2016-08-05 14:29 - 63846920 _____ () C:\Program Files\Opera\36.0.2130.80_1\opera.dll
2011-12-28 12:23 - 2008-04-14 09:51 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2017-06-08 21:50 - 2017-06-08 21:50 - 19700728 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll
2017-06-08 21:57 - 2017-06-08 21:57 - 17779192 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer32_25_0_0_171.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 [232]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8927A071 [398]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 [294]
AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34 [27982]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-10-12 20:45 - 2017-06-07 23:29 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854245398-1383384898-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Nebe.bmp
DNS Servers: 10.100.0.100 - 10.10.10.10
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: Sony Ericsson PC Suite => "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\Epson Software\Event Manager\EEventManager.exe] => Enabled:EEventManager Application
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\soft602\langserv.exe] => Enabled:Software602 Spell Checker
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\msiexec.exe] => Enabled:UpdateManagerSetup
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\uživatel\Plocha\Microsoft-Office-2010-v1.0-CZ-Portable\Microsoft Office 2010 Portable CZ by Sparrow v1.0\MSO_2010_by_Sparrow.dat] => Enabled:MSO_2010_by_Sparrow
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoLAN\VLC\vlc.exe] => Enabled:VLC media player 2.1.0
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [F:\FormatFactory\FormatFactory.exe] => Enabled:Format Factory
StandardProfile\AuthorizedApplications: [F:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe] => Enabled:EBook Codec Downloader
StandardProfile\AuthorizedApplications: [F:\FormatFactory\FFModules\Package\PTInstOnline.exe] => Enabled:Picosmos P2P Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\Av\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [56411:TCP] => Enabled:Pando Media Booster
DomainProfile\GloballyOpenPorts: [56411:UDP] => Enabled:Pando Media Booster
StandardProfile\GloballyOpenPorts: [56411:TCP] => Enabled:Pando Media Booster
StandardProfile\GloballyOpenPorts: [56411:UDP] => Enabled:Pando Media Booster

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Komunikační port (COM1)
Description: Wacom Penabled HID MiniDriver
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: Wacom
Service: WacomISDPen
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2017 07:19:25 PM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/09/2017 07:19:25 PM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (06/09/2017 01:45:31 PM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/09/2017 01:45:31 PM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (06/09/2017 12:33:30 PM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/09/2017 12:33:30 PM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (06/09/2017 08:28:13 AM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/09/2017 08:28:13 AM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (06/08/2017 10:31:39 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Chybný blok 1556758075

Error: (06/08/2017 10:31:39 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: Chybný blok 1556804317
Výměna klíčů nezajistila nastavení zabezpečeného připojení po ověření 802.1x. Aktuální nastavení bylo označeno za neplatné a bezdrátové připojení bude odpojeno.


System errors:
=============
Error: (06/09/2017 07:19:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.

Error: (06/09/2017 07:19:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.

Error: (06/09/2017 07:19:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.

Error: (06/09/2017 07:19:01 PM) (Source: 0) (EventID: 259) (User: )
Description: Event-ID 259

Error: (06/09/2017 07:19:01 PM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/09/2017 07:19:01 PM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/09/2017 07:19:01 PM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/09/2017 07:19:01 PM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/09/2017 07:19:01 PM) (Source: 0) (EventID: 260) (User: )
Description: Event-ID 260

Error: (06/09/2017 07:19:01 PM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256



= = = = = = = = = = = = = = = = = = = = M e m o r y i n f o = = = = = = = = = = = = = = = = = = = = = = = = = = =



P r o c e s s o r : A M D P h e n o m ( t m ) I I X 4 9 2 0 P r o c e s s o r

P e r c e n t a g e o f m e m o r y i n u s e : 7 6 %

T o t a l p h y s i c a l R A M : 3 3 2 6 . 4 2 M B

A v a i l a b l e p h y s i c a l R A M : 7 7 3 . 8 8 M B

T o t a l V i r t u a l : 5 2 0 9 . 2 8 M B

A v a i l a b l e V i r t u a l : 2 5 7 2 . 4 6 M B



= = = = = = = = = = = = = = = = = = = = D r i v e s = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =



Drive c: () (Fixed) (Total:68.36 GB) (Free:24.51 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:59.63 GB) (Free:32.32 GB) NTFS
Drive f: () (Fixed) (Total:337.77 GB) (Free:103.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 9AE79AE7)
Partition 1: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59.6 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=337.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

mafian
Level 3.5
Level 3.5
Příspěvky: 770
Registrován: leden 07
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod mafian » 09 čer 2017 19:34

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-06-2017 01
Ran by uživatel (administrator) on ADMIN (09-06-2017 19:31:43)
Running from C:\Documents and Settings\uživatel\Local Settings\temp\scoped_dir2280_7618
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_1\opera.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2012-03-09] (ATI Technologies Inc.)
HKLM\ DisallowedCertificates: 08738A96A4853A52ACEF23F782E8E1FEA7BCED02 (U)
HKLM\ DisallowedCertificates: 09271DD621EBD3910C2EA1D059F99B8181405A17 (U)
HKLM\ DisallowedCertificates: 09FF2CC86CEEFA8A8BB3F2E3E84D6DA3FABBF63E (U)
HKLM\ DisallowedCertificates: 23EF3384E21F70F034C467D4CBA6EB61429F174E (U)
HKLM\ DisallowedCertificates: 330D8D3FD325A0E5FDDDA27013A2E75E7130165F (U)
HKLM\ DisallowedCertificates: 374D5B925B0BD83494E656EB8087127275DB83CE (U)
HKLM\ DisallowedCertificates: 3A26012171855D4020C973BEC3F4F9DA45BD2B83 (U)
HKLM\ DisallowedCertificates: 4D8547B7F864132A7F62D9B75B068521F10B68E3 (U)
HKLM\ DisallowedCertificates: 4DF13947493CFF69CDE554881C5F114E97C3D03B (U)
HKLM\ DisallowedCertificates: 4ED8AA06D1BC72CA64C47B1DFE05ACC8D51FC76F (U)
HKLM\ DisallowedCertificates: 587B59FB52D8A683CBE1CA00E6393D7BB923BC92 (U)
HKLM\ DisallowedCertificates: 5CE339465F41A1E423149F65544095404DE6EBE2 (U)
HKLM\ DisallowedCertificates: 5D5185DF1EB7DC76015422EC8138A5724BEE2886 (U)
HKLM\ DisallowedCertificates: 6690C02B922CBD3FF0D0A5994DBD336592887E3F (U)
HKLM\ DisallowedCertificates: 7613BF0BA261006CAC3ED2DDBEF343425357F18B (U)
HKLM\ DisallowedCertificates: 838FFD509DE868F481C29819992E38A4F7082873 (U)
HKLM\ DisallowedCertificates: 8977E8569D2A633AF01D0394851681CE122683A6 (U)
HKLM\ DisallowedCertificates: A1505D9843C826DD67ED4EA5209804BDBB0DF502 (U)
HKLM\ DisallowedCertificates: A221D360309B5C3C4097C44CC779ACC5A9845B66 (U)
HKLM\ DisallowedCertificates: A35A8C727E88BCCA40A3F9679CE8CA00C26789FD (U)
HKLM\ DisallowedCertificates: A7B5531DDC87129E2C3BB14767953D6745FB14A6 (U)
HKLM\ DisallowedCertificates: A81706D31E6F5C791CD9D3B1B9C63464954BA4F5 (U)
HKLM\ DisallowedCertificates: BED412B1334D7DFCEBA3015E5F9F905D571C45CF (U)
HKLM\ DisallowedCertificates: C69F28C825139E65A646C434ACA5A1D200295DB1 (U)
HKLM\ DisallowedCertificates: D0BB3E3DFBFB86C0EEE2A047E328609E6E1F185E (U)
HKLM\ DisallowedCertificates: D43153C8C25F0041287987250F1E3CABAC8C2177 (U)
HKLM\ DisallowedCertificates: D8CE8D07F9F19D2569C2FB854401BC99C1EB7C3B (U)
HKLM\ DisallowedCertificates: E38A2B7663B86796436D8DF5898D9FAA6835B238 (U)
HKLM\ DisallowedCertificates: E95DD86F32C771F0341743EBD75EC33C74A3DED9 (U)
HKLM\ DisallowedCertificates: E9809E023B4512AA4D4D53F40569C313C1D0294D (U)
HKLM\ DisallowedCertificates: F5A874F3987EB0A9961A564B669A9050F770308A (U)
HKLM\ DisallowedCertificates: F92BE5266CC05DB2DC0DC3F2DC74E02DEFD949CB (U)
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
BootExecute: C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{90248221-6BF5-42EE-9CE9-B25DB8FA3F8C}: [DhcpNameServer] 10.100.0.100 10.10.10.10

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-854245398-1383384898-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-10-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-10-16] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\5hb9nwi2.default [2017-06-09]
FF NewTab: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\5hb9nwi2.default -> about:newtab
FF Homepage: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\5hb9nwi2.default -> about:home
FF Extension: (YouTube™ Flash® Player) - C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\5hb9nwi2.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-06-08]
FF Extension: (Adblock Plus) - C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\5hb9nwi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Seznam lištička) - C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\5hb9nwi2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-30] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-08] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\npGoogleUpdate3.dll [2015-10-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\npGoogleUpdate3.dll [2015-10-14] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2017-06-08]
CHR Extension: (Prezentace Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-21]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-21]
CHR Extension: (Disk Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-21]
CHR Extension: (Seznam Lištička - Email) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-05-25]
CHR Extension: (Seznam Lištička - Slovník) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-05-25]
CHR Extension: (YouTube) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-21]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-21]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-21]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-25]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-05-25]
CHR Extension: (Gmail) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-21]
StartMenuInternet: Google Chrome.EFIX7PDXVMH4TSHU4JU2LULLNI - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-03-22]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-01-13] () [File not signed]
R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1458360 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4153408 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [606360 2017-04-11] (AVG Technologies CZ, s.r.o.)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437880 2015-09-30] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [417400 2015-09-30] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [855672 2015-09-30] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-10-28] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 AODDriver; C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [7168 2009-02-23] () [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [247552 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [43296 2014-12-10] (AVG Technologies)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132216 2015-09-30] (BlueStack Systems)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-10] (DT Soft Ltd)
S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2016-12-10] (Windows (R) 2000 DDK provider)
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2016-12-10] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S2 PAR1284; C:\WINDOWS\system32\PAR1284.sys [54792 2009-06-29] (Warp Nine Engineering) [File not signed]
S3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMI.sys [3684352 2008-08-26] (Realtek Semiconductor Corp.)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-08-31] () [File not signed]
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2017-06-07] ()
S3 WacomISDPen; C:\WINDOWS\System32\DRIVERS\wacomisdpen.sys [23040 2007-05-24] (Wacom Technology)
R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [193696 2009-06-29] (Jungo) [File not signed]
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2017-01-01] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2017-01-01] (Zemana Ltd.)
U5 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2016-12-10] ()
S4 hpt3xx; no ImagePath
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 trufos; system32\drivers\trufos.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-09 19:31 - 2017-06-09 19:31 - 01775104 _____ (Farbar) C:\Documents and Settings\uživatel\Dokumenty\FRST.exe
2017-06-09 19:31 - 2017-06-09 19:31 - 00000000 ____D C:\FRST
2017-06-09 08:32 - 2017-06-09 08:32 - 00015600 _____ C:\Documents and Settings\uživatel\Dokumenty\MemTest.zip
2017-06-08 22:45 - 2017-06-08 23:06 - 984226899 _____ C:\Documents and Settings\uživatel\Dokumenty\Rychly-prachy-130.-ulovek---Lucka-Miami-6.6.2017.mp4
2017-06-08 21:57 - 2017-06-08 21:57 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-06-08 21:56 - 2017-06-08 21:56 - 01202184 _____ (Adobe Systems Incorporated) C:\Documents and Settings\uživatel\Dokumenty\flashplayer25pp_ha_install.exe
2017-06-08 21:50 - 2017-06-09 16:14 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-06-08 21:50 - 2017-06-08 21:57 - 00803320 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-06-08 21:50 - 2017-06-08 21:57 - 00144888 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-06-08 14:45 - 2017-06-08 14:45 - 00188780 _____ C:\Documents and Settings\uživatel\Dokumenty\PRV_PRINT_OUTPUT_S (8).pdf
2017-06-08 14:29 - 2017-06-09 19:19 - 00000314 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job
2017-06-08 09:50 - 2017-06-08 21:48 - 00000045 _____ C:\WINDOWS\system32\_WKERNEL.SYL
2017-06-08 09:47 - 2017-06-08 09:47 - 00000000 ___SD C:\ComboFix
2017-06-07 23:34 - 2017-06-09 19:32 - 00000000 ____D C:\Documents and Settings\uživatel\Local Settings\temp
2017-06-07 23:34 - 2017-06-07 23:34 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2017-06-07 23:34 - 2017-06-07 23:34 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2017-06-07 23:34 - 2017-06-07 23:34 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2017-06-07 20:27 - 2017-06-07 20:27 - 00000000 ____D C:\zoek
2017-06-07 20:16 - 2017-06-07 20:16 - 00000000 ____D C:\zoek_backup
2017-06-07 13:33 - 2017-06-07 13:48 - 1046146955 _____ C:\Documents and Settings\uživatel\Dokumenty\cztaxi.15.07.14.taxi.29.mp4
2017-06-06 22:29 - 2017-06-07 12:53 - 00002465 _____ C:\Documents and Settings\All Users\Plocha\Sophos Virus Removal Tool.lnk
2017-06-06 22:29 - 2017-06-06 22:29 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sophos
2017-06-06 22:28 - 2017-06-06 22:28 - 00000000 ____D C:\Program Files\Sophos
2017-06-02 23:18 - 2017-06-07 23:35 - 00000000 ____D C:\AdwCleaner
2017-06-02 14:23 - 2017-06-02 14:23 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Zemana AntiMalware
2017-06-01 22:20 - 2017-06-01 22:20 - 00000849 _____ C:\Documents and Settings\All Users\Plocha\Light Image Resizer 4.lnk
2017-06-01 22:18 - 2017-06-01 22:18 - 00552552 _____ C:\Documents and Settings\uživatel\Dokumenty\light_image_resizer4_setup_CB-DL-Manager.exe
2017-06-01 22:16 - 2017-06-01 22:16 - 07306240 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 01897408 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
2017-06-01 22:16 - 2017-06-01 22:16 - 00140800 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 00140800 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\installer.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 00126464 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 00070800 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 00018432 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
2017-06-01 22:16 - 2017-06-01 22:16 - 00016512 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 00011568 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\InstallationConfiguration.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 00005568 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
2017-05-31 09:48 - 2017-05-31 09:48 - 00190954 _____ C:\Documents and Settings\uživatel\Dokumenty\Faktura č. 200170278.pdf
2017-05-30 19:14 - 2017-05-30 19:14 - 00466811 _____ C:\Documents and Settings\uživatel\Dokumenty\PRV_PRINT_OUTPUT_S (7).pdf
2017-05-30 19:11 - 2017-05-30 19:11 - 00121491 _____ C:\Documents and Settings\uživatel\Dokumenty\PRV_PRINT_OUTPUT_S (6).pdf
2017-05-28 20:47 - 2017-05-28 20:47 - 00001718 _____ C:\Documents and Settings\uživatel\Dokumenty\Osev 3-01_05.2017_(DKOD_319580008).txt
2017-05-28 20:20 - 2017-05-28 20:20 - 00550793 _____ C:\Documents and Settings\uživatel\Dokumenty\osev301_319580008_2017.pdf
2017-05-25 21:11 - 2017-06-01 22:26 - 00000000 ____D C:\Documents and Settings\uživatel\Data aplikací\ObviousIdea
2017-05-25 21:10 - 2017-06-01 22:22 - 00000000 ____D C:\Program Files\ObviousIdea
2017-05-25 21:10 - 2017-06-01 22:22 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\ObviousIdea
2017-05-15 16:47 - 2017-05-15 16:47 - 00285936 _____ C:\Documents and Settings\uživatel\Plocha\Rozhodnutí původní Švec.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-09 19:31 - 2017-01-01 12:07 - 00028368 _____ C:\WINDOWS\ZAM.krnl.trace
2017-06-09 19:31 - 2017-01-01 12:07 - 00011918 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-06-09 19:31 - 2011-12-28 11:29 - 00000000 ___RD C:\Documents and Settings\uživatel\Dokumenty
2017-06-09 19:22 - 2012-03-29 20:57 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2017-06-09 19:19 - 2015-05-21 17:06 - 00000400 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1374932067.job
2017-06-09 19:19 - 2011-12-28 11:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-09 19:19 - 2001-10-25 14:00 - 00013002 _____ C:\WINDOWS\system32\wpa.dbl
2017-06-09 16:40 - 2012-03-02 11:24 - 00032580 _____ C:\WINDOWS\Tasks\SCHEDLGU.TXT
2017-06-09 16:40 - 2011-12-28 11:29 - 00000178 ___SH C:\Documents and Settings\uživatel\ntuser.ini
2017-06-09 15:16 - 2014-06-09 14:09 - 00000150 _____ C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
2017-06-08 23:01 - 2012-05-23 13:51 - 00000000 ____D C:\Program Files\The KMPlayer
2017-06-08 21:58 - 2011-12-28 14:45 - 00000000 ____D C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Adobe
2017-06-08 21:57 - 2011-12-28 11:22 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-08 21:50 - 2015-10-05 14:35 - 00000000 ____D C:\Documents and Settings\uživatel\Dokumenty\Stažené soubory
2017-06-08 21:48 - 2011-12-28 12:11 - 00000000 ___RD C:\Documents and Settings\All Users\Data aplikací
2017-06-08 21:48 - 2011-12-28 11:29 - 00000000 ___RD C:\Documents and Settings\uživatel\Data aplikací
2017-06-08 21:47 - 2011-12-28 11:29 - 00000000 ____D C:\Documents and Settings\uživatel
2017-06-08 21:03 - 2011-12-28 11:29 - 00000000 ____D C:\Documents and Settings\uživatel\Plocha
2017-06-08 21:01 - 2011-12-28 11:27 - 00000000 ___SD C:\Documents and Settings\NetworkService
2017-06-08 09:49 - 2016-01-03 16:50 - 00000000 ____D C:\Documents and Settings\uživatel\Plocha\programy
2017-06-08 09:49 - 2014-07-20 14:29 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\DVDVideoSoft
2017-06-08 09:48 - 2011-12-28 13:08 - 00032600 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2017-06-08 09:47 - 2016-05-26 22:00 - 00000000 ____D C:\WINDOWS\erdnt
2017-06-08 09:44 - 2011-12-28 12:11 - 00207304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-07 23:30 - 2001-10-25 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2017-06-07 21:18 - 2011-12-28 11:29 - 00000000 ___HD C:\Documents and Settings\uživatel\Local Settings\Data aplikací
2017-06-07 20:28 - 2017-03-14 16:58 - 00002928 _____ C:\runcheck.txt
2017-06-07 12:59 - 2016-05-29 08:05 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-06-06 22:29 - 2011-12-28 12:12 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2017-06-06 22:29 - 2011-12-28 12:12 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-06-04 23:16 - 2011-12-28 11:27 - 00000178 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2017-06-04 10:19 - 2011-12-29 12:50 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-02 23:03 - 2017-03-15 10:10 - 00000056 _____ C:\WINDOWS\Lic.xxx
2017-06-02 22:46 - 2001-10-25 14:00 - 00001160 _____ C:\WINDOWS\win.ini
2017-06-02 14:23 - 2017-01-01 12:07 - 00001605 _____ C:\Documents and Settings\All Users\Plocha\Zemana AntiMalware.lnk
2017-06-02 14:23 - 2017-01-01 12:07 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2017-06-01 22:16 - 2011-12-28 11:27 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2017-06-01 21:38 - 2012-05-05 19:38 - 00002495 _____ C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
2017-05-30 18:55 - 2012-08-20 09:22 - 00000038 _____ C:\Documents and Settings\uživatel\Dokumenty\dxc_error.txt
2017-05-28 09:34 - 2013-01-16 10:48 - 00000000 ____D C:\Documents and Settings\uživatel\Data aplikací\vlc
2017-05-27 18:24 - 2013-04-30 19:54 - 00000000 ____D C:\Documents and Settings\uživatel\Plocha\nafta
2017-05-27 18:21 - 2014-07-15 18:58 - 00000000 ____D C:\Documents and Settings\uživatel\Plocha\přiznání 2014
2017-05-21 20:05 - 2011-12-31 11:00 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2017-05-20 20:07 - 2013-03-03 11:16 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-20 18:01 - 2016-11-17 23:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-17 20:13 - 2015-11-22 19:59 - 00000000 ____D C:\Documents and Settings\uživatel\Local Settings\Data aplikací\AvgSetupLog
2017-05-17 20:12 - 2014-05-30 09:07 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2017-05-17 20:12 - 2011-12-28 12:06 - 00000000 ____D C:\WINDOWS\inf
2017-05-11 10:45 - 2011-12-31 16:52 - 00000149 _____ C:\WINDOWS\posta2.ini

==================== Files in the root of some directories =======

2012-02-17 17:43 - 2012-02-17 17:43 - 0001057 _____ () C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 7306240 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 0070800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
2012-08-29 21:43 - 2012-11-07 12:10 - 0047104 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-17 09:03 - 2012-04-17 09:03 - 0000128 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 0016512 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 0140800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 0018432 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
2017-06-01 22:16 - 2017-06-01 22:16 - 0005568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 0126464 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
2014-02-20 19:32 - 2014-02-20 19:32 - 0002709 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\recently-used.xbel
2017-06-01 22:16 - 2017-06-01 22:16 - 1897408 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
2013-09-13 19:56 - 2013-09-13 20:03 - 0000865 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.err
2012-02-24 11:23 - 2013-09-13 20:03 - 0001352 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
2017-06-01 22:16 - 2017-06-01 22:16 - 0032038 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\uninstall_temp.ico

Files to move or delete:
====================
C:\Documents and Settings\uživatel\config.dat


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod jaro3 » 09 čer 2017 23:16

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.28.17\psuser.dll (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 [232]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8927A071 [398]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 [294]
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\ DisallowedCertificates: 08738A96A4853A52ACEF23F782E8E1FEA7BCED02 (U)
HKLM\ DisallowedCertificates: 09271DD621EBD3910C2EA1D059F99B8181405A17 (U)
HKLM\ DisallowedCertificates: 09FF2CC86CEEFA8A8BB3F2E3E84D6DA3FABBF63E (U)
HKLM\ DisallowedCertificates: 23EF3384E21F70F034C467D4CBA6EB61429F174E (U)
HKLM\ DisallowedCertificates: 330D8D3FD325A0E5FDDDA27013A2E75E7130165F (U)
HKLM\ DisallowedCertificates: 374D5B925B0BD83494E656EB8087127275DB83CE (U)
HKLM\ DisallowedCertificates: 3A26012171855D4020C973BEC3F4F9DA45BD2B83 (U)
HKLM\ DisallowedCertificates: 4D8547B7F864132A7F62D9B75B068521F10B68E3 (U)
HKLM\ DisallowedCertificates: 4DF13947493CFF69CDE554881C5F114E97C3D03B (U)
HKLM\ DisallowedCertificates: 4ED8AA06D1BC72CA64C47B1DFE05ACC8D51FC76F (U)
HKLM\ DisallowedCertificates: 587B59FB52D8A683CBE1CA00E6393D7BB923BC92 (U)
HKLM\ DisallowedCertificates: 5CE339465F41A1E423149F65544095404DE6EBE2 (U)
HKLM\ DisallowedCertificates: 5D5185DF1EB7DC76015422EC8138A5724BEE2886 (U)
HKLM\ DisallowedCertificates: 6690C02B922CBD3FF0D0A5994DBD336592887E3F (U)
HKLM\ DisallowedCertificates: 7613BF0BA261006CAC3ED2DDBEF343425357F18B (U)
HKLM\ DisallowedCertificates: 838FFD509DE868F481C29819992E38A4F7082873 (U)
HKLM\ DisallowedCertificates: 8977E8569D2A633AF01D0394851681CE122683A6 (U)
HKLM\ DisallowedCertificates: A1505D9843C826DD67ED4EA5209804BDBB0DF502 (U)
HKLM\ DisallowedCertificates: A221D360309B5C3C4097C44CC779ACC5A9845B66 (U)
HKLM\ DisallowedCertificates: A35A8C727E88BCCA40A3F9679CE8CA00C26789FD (U)
HKLM\ DisallowedCertificates: A7B5531DDC87129E2C3BB14767953D6745FB14A6 (U)
HKLM\ DisallowedCertificates: A81706D31E6F5C791CD9D3B1B9C63464954BA4F5 (U)
HKLM\ DisallowedCertificates: BED412B1334D7DFCEBA3015E5F9F905D571C45CF (U)
HKLM\ DisallowedCertificates: C69F28C825139E65A646C434ACA5A1D200295DB1 (U)
HKLM\ DisallowedCertificates: D0BB3E3DFBFB86C0EEE2A047E328609E6E1F185E (U)
HKLM\ DisallowedCertificates: D43153C8C25F0041287987250F1E3CABAC8C2177 (U)
HKLM\ DisallowedCertificates: D8CE8D07F9F19D2569C2FB854401BC99C1EB7C3B (U)
HKLM\ DisallowedCertificates: E38A2B7663B86796436D8DF5898D9FAA6835B238 (U)
HKLM\ DisallowedCertificates: E95DD86F32C771F0341743EBD75EC33C74A3DED9 (U)
HKLM\ DisallowedCertificates: E9809E023B4512AA4D4D53F40569C313C1D0294D (U)
HKLM\ DisallowedCertificates: F5A874F3987EB0A9961A564B669A9050F770308A (U)
HKLM\ DisallowedCertificates: F92BE5266CC05DB2DC0DC3F2DC74E02DEFD949CB (U)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-854245398-1383384898-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S4 hpt3xx; no ImagePath
S4 IntelIde; no ImagePath
S3 trufos; system32\drivers\trufos.sys [X]
C:\WINDOWS\Lic.xxx
C:\Documents and Settings\uživatel\config.dat

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34 [27982]
říká Ti to něco?



FF Extension: (Seznam lištička) -- odinstaluj!

Аrdamаx Kеylogger tam máš schválně??
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 770
Registrován: leden 07
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod mafian » 10 čer 2017 08:32

Fix result of Farbar Recovery Scan Tool (x86) Version: 07-06-2017 01
Ran by uživatel (10-06-2017 08:24:19) Run:1
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD}\InprocServer32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Google\Update\1.3.28.17\psuser.dll (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\TEMP:0B4227B4 [232]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\TEMP:8927A071 [398]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\TEMP:D1B5B4F1 [294]
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\ DisallowedCertificates: 08738A96A4853A52ACEF23F782E8E1FEA7BCED02 (U)
HKLM\ DisallowedCertificates: 09271DD621EBD3910C2EA1D059F99B8181405A17 (U)
HKLM\ DisallowedCertificates: 09FF2CC86CEEFA8A8BB3F2E3E84D6DA3FABBF63E (U)
HKLM\ DisallowedCertificates: 23EF3384E21F70F034C467D4CBA6EB61429F174E (U)
HKLM\ DisallowedCertificates: 330D8D3FD325A0E5FDDDA27013A2E75E7130165F (U)
HKLM\ DisallowedCertificates: 374D5B925B0BD83494E656EB8087127275DB83CE (U)
HKLM\ DisallowedCertificates: 3A26012171855D4020C973BEC3F4F9DA45BD2B83 (U)
HKLM\ DisallowedCertificates: 4D8547B7F864132A7F62D9B75B068521F10B68E3 (U)
HKLM\ DisallowedCertificates: 4DF13947493CFF69CDE554881C5F114E97C3D03B (U)
HKLM\ DisallowedCertificates: 4ED8AA06D1BC72CA64C47B1DFE05ACC8D51FC76F (U)
HKLM\ DisallowedCertificates: 587B59FB52D8A683CBE1CA00E6393D7BB923BC92 (U)
HKLM\ DisallowedCertificates: 5CE339465F41A1E423149F65544095404DE6EBE2 (U)
HKLM\ DisallowedCertificates: 5D5185DF1EB7DC76015422EC8138A5724BEE2886 (U)
HKLM\ DisallowedCertificates: 6690C02B922CBD3FF0D0A5994DBD336592887E3F (U)
HKLM\ DisallowedCertificates: 7613BF0BA261006CAC3ED2DDBEF343425357F18B (U)
HKLM\ DisallowedCertificates: 838FFD509DE868F481C29819992E38A4F7082873 (U)
HKLM\ DisallowedCertificates: 8977E8569D2A633AF01D0394851681CE122683A6 (U)
HKLM\ DisallowedCertificates: A1505D9843C826DD67ED4EA5209804BDBB0DF502 (U)
HKLM\ DisallowedCertificates: A221D360309B5C3C4097C44CC779ACC5A9845B66 (U)
HKLM\ DisallowedCertificates: A35A8C727E88BCCA40A3F9679CE8CA00C26789FD (U)
HKLM\ DisallowedCertificates: A7B5531DDC87129E2C3BB14767953D6745FB14A6 (U)
HKLM\ DisallowedCertificates: A81706D31E6F5C791CD9D3B1B9C63464954BA4F5 (U)
HKLM\ DisallowedCertificates: BED412B1334D7DFCEBA3015E5F9F905D571C45CF (U)
HKLM\ DisallowedCertificates: C69F28C825139E65A646C434ACA5A1D200295DB1 (U)
HKLM\ DisallowedCertificates: D0BB3E3DFBFB86C0EEE2A047E328609E6E1F185E (U)
HKLM\ DisallowedCertificates: D43153C8C25F0041287987250F1E3CABAC8C2177 (U)
HKLM\ DisallowedCertificates: D8CE8D07F9F19D2569C2FB854401BC99C1EB7C3B (U)
HKLM\ DisallowedCertificates: E38A2B7663B86796436D8DF5898D9FAA6835B238 (U)
HKLM\ DisallowedCertificates: E95DD86F32C771F0341743EBD75EC33C74A3DED9 (U)
HKLM\ DisallowedCertificates: E9809E023B4512AA4D4D53F40569C313C1D0294D (U)
HKLM\ DisallowedCertificates: F5A874F3987EB0A9961A564B669A9050F770308A (U)
HKLM\ DisallowedCertificates: F92BE5266CC05DB2DC0DC3F2DC74E02DEFD949CB (U)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-854245398-1383384898-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S4 hpt3xx; no ImagePath
S4 IntelIde; no ImagePath
S3 trufos; system32\drivers\trufos.sys [X]
C:\WINDOWS\Lic.xxx
C:\Documents and Settings\uivatel\config.dat

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{724FE766-71C2-4E6E-8379-CD0EF5E51BDD} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750} => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F} => key removed successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":0B4227B4" ADS removed successfully..
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":8927A071" ADS removed successfully..
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":D1B5B4F1" ADS removed successfully..
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\08738A96A4853A52ACEF23F782E8E1FEA7BCED02 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\09271DD621EBD3910C2EA1D059F99B8181405A17 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\09FF2CC86CEEFA8A8BB3F2E3E84D6DA3FABBF63E => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\23EF3384E21F70F034C467D4CBA6EB61429F174E => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\330D8D3FD325A0E5FDDDA27013A2E75E7130165F => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\374D5B925B0BD83494E656EB8087127275DB83CE => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A26012171855D4020C973BEC3F4F9DA45BD2B83 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4D8547B7F864132A7F62D9B75B068521F10B68E3 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4DF13947493CFF69CDE554881C5F114E97C3D03B => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4ED8AA06D1BC72CA64C47B1DFE05ACC8D51FC76F => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\587B59FB52D8A683CBE1CA00E6393D7BB923BC92 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5CE339465F41A1E423149F65544095404DE6EBE2 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5D5185DF1EB7DC76015422EC8138A5724BEE2886 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6690C02B922CBD3FF0D0A5994DBD336592887E3F => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7613BF0BA261006CAC3ED2DDBEF343425357F18B => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\838FFD509DE868F481C29819992E38A4F7082873 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8977E8569D2A633AF01D0394851681CE122683A6 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A1505D9843C826DD67ED4EA5209804BDBB0DF502 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A221D360309B5C3C4097C44CC779ACC5A9845B66 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A35A8C727E88BCCA40A3F9679CE8CA00C26789FD => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A7B5531DDC87129E2C3BB14767953D6745FB14A6 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A81706D31E6F5C791CD9D3B1B9C63464954BA4F5 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BED412B1334D7DFCEBA3015E5F9F905D571C45CF => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C69F28C825139E65A646C434ACA5A1D200295DB1 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D0BB3E3DFBFB86C0EEE2A047E328609E6E1F185E => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D43153C8C25F0041287987250F1E3CABAC8C2177 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D8CE8D07F9F19D2569C2FB854401BC99C1EB7C3B => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E38A2B7663B86796436D8DF5898D9FAA6835B238 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E95DD86F32C771F0341743EBD75EC33C74A3DED9 => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E9809E023B4512AA4D4D53F40569C313C1D0294D => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F5A874F3987EB0A9961A564B669A9050F770308A => key removed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F92BE5266CC05DB2DC0DC3F2DC74E02DEFD949CB => key removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-854245398-1383384898-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\System\CurrentControlSet\Services\hpt3xx => key removed successfully.
hpt3xx => service removed successfully.
HKLM\System\CurrentControlSet\Services\IntelIde => key removed successfully.
IntelIde => service removed successfully.
HKLM\System\CurrentControlSet\Services\trufos => key removed successfully.
trufos => service removed successfully.
C:\WINDOWS\Lic.xxx => moved successfully
C:\Documents and Settings\uživatel\config.dat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 61611 B
Java, Flash, Steam htmlcache => 1475 B
Windows/system/dllcache/drivers => 1348533 B
Edge => 0 B
Chrome => 809328 B
Firefox => 236356157 B
Opera => 289939261 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 16610 B
All Users => 0 B
systemprofile => 65762 B
LocalService => 360 B
NetworkService => 66164 B
uživatel => 7877700 B
Administrator => 49885 B

RecycleBin => 3080149535 B
EmptyTemp: => 3.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:25:09 ====


Аrdamаx Kеylogger ani nevím co to je,abych řekl pravdu.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod jaro3 » 10 čer 2017 09:46

https://cs.wikipedia.org/wiki/Keylogger
někdo Ti ho tam musel nainstalovat. Není to virus , je to špehovací program
http://www.studna.cz/ardamax-keylogger-p-5613.html

pokud ho chceš odinstalovat:
Stáhněte si a nainstalujte Revo Uninstaller FreePlease download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.
Podívej se , jestli je v programech nějaký neznámý program , keylogger.
Ze seznamu programů klikněte dvakrát na programu odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
další na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.

nebo:
https://www.ardamax.com/download.html
https://mega.nz/#!tAZggKYL!mjocatDHjJJH ... dKR6R33y5Y

000000000DA3 Čas na roztočení ploten
000000000DAC Čas na roztočení ploten
udělej ještě jednou CDI.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 770
Registrován: leden 07
Pohlaví: Muž
Stav:
Offline

Re: moc prosím o kontrolu

Příspěvekod mafian » 11 čer 2017 12:04

----------------------------------------------------------------------------
CrystalDiskInfo 4.2.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2017/06/11 12:00:54

-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller (IDE Mode) [ATA]
+ Primární kanál IDE (0)
- TSSTcorp CDDVDW SH-S223F
- WDC WD5000AADS-00S9B0
- Sekundární kanál IDE (1)
+ AMD PCI IDE Controller [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0 : 500.1 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0
----------------------------------------------------------------------------
Model : WDC WD5000AADS-00S9B0
Firmware : 01.00A01
Serial Number : WD-WCAV9U944553
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 16542 hod.
Power On Count : 6855 krát
Temparature : 25 C (77 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 190 188 _21 000000000DA3 Čas na roztočení ploten
04 _94 _94 __0 000000001B09 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _78 _78 __0 00000000409E Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _94 _94 __0 000000001AC7 Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000000F6 Počet vypnutí disku
C1 153 153 __0 000000022B83 Počet cyklů načítání/vymazání
C2 118 102 __0 000000000019 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 0000000000AF Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 56
020: 39 55 39 34 34 35 35 33 00 00 FF FF 00 32 30 31
030: 2E 30 30 41 30 31 57 44 43 20 57 44 35 30 30 30
040: 41 41 44 53 2D 30 30 53 39 42 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7D 61 41 23 74 69 BC 41 41 23
0B0: 40 7F 00 39 00 39 00 00 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 57 EF 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 04 8A 50 7F
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 D9 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8E A5



Pc už jede lépe jen mám problém s videi na facebooku ve firefoxu.Flash player jsem odinstaloval jejich programem,pc vyčistil ccleanerem restartoval,stahnul jejich instalátor a videa stále nejdou,přitom jiná videa krom facebooku jdou v pohodě.V chromu videa jedou.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 5 hostů