prosím o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 12 říj 2018 20:39

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10.10.2018
Ran by uživatel (administrator) on ADMIN (12-10-2018 20:35:57)
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2012-03-09] (ATI Technologies Inc.)
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{90248221-6BF5-42EE-9CE9-B25DB8FA3F8C}: [DhcpNameServer] 10.100.0.100 10.10.10.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-10-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-10-16] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390 [2018-10-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-30] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-29] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-10-02]
CHR Extension: (Prezentace) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-06]
CHR Extension: (Dokumenty) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-06]
CHR Extension: (Disk Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-06]
CHR Extension: (YouTube) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-06]
CHR Extension: (Tabulky) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-06]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-06]
CHR Extension: (Gmail) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-06]
StartMenuInternet: Google Chrome.EFIX7PDXVMH4TSHU4JU2LULLNI - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (Mining Blocker) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\nbpfigdgbjgoejmnffbpgmbcnppjjokp [2018-09-21]
OPR Extension: (Adblock Plus) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-09-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-09-29] (Adobe Systems Incorporated) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-01-13] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1983264 2016-03-04] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-10-28] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2018-01-10] (Bluestack System Inc. )
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-10] (DT Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206312 2016-04-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [146024 2016-04-14] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [127496 2016-04-14] (ESET)
S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [27760 2010-03-31] ()
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S2 PAR1284; C:\WINDOWS\system32\PAR1284.sys [54792 2009-06-29] (Warp Nine Engineering) [File not signed]
S3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMI.sys [3684352 2008-08-26] (Realtek Semiconductor Corp.)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [43008 2009-07-23] (Realtek Semiconductor Corporation ) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SCT_SKMScan; C:\WINDOWS\System32\drivers\sct_skmscan.sys [33096 2012-10-12] (Sophos Limited)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-08-31] ()
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2018-10-11] ()
S3 WacomISDPen; C:\WINDOWS\System32\DRIVERS\wacomisdpen.sys [23040 2007-05-24] (Wacom Technology)
R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [193696 2009-06-29] (Jungo) [File not signed]
U5 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2018-03-03] ()
S1 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X]
R1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-12 20:32 - 2018-10-12 20:32 - 000000409 _____ C:\Documents and Settings\uživatel\Plocha\Addition.txt
2018-10-12 20:30 - 2018-10-12 20:36 - 000014563 _____ C:\Documents and Settings\uživatel\Plocha\FRST.txt
2018-10-12 20:24 - 2018-10-12 20:30 - 000000000 ____D C:\FRST
2018-10-12 19:56 - 2018-10-12 19:57 - 001774592 _____ (Farbar) C:\Documents and Settings\uživatel\Plocha\FRST.exe
2018-10-11 23:08 - 2018-10-12 20:36 - 000000000 ____D C:\Documents and Settings\uživatel\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2018-10-11 22:31 - 2018-10-12 16:44 - 314502880 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x11.DVB-T.CZ.avi
2018-10-11 21:22 - 2018-10-11 21:24 - 319947110 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x10.DVB-T.CZ.avi
2018-10-11 21:16 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-10-11 20:56 - 2018-10-11 20:59 - 338741166 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x09.DVB-T.CZ.avi
2018-10-11 20:51 - 2018-10-12 20:15 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2018-10-11 10:15 - 2018-10-11 10:15 - 000094750 _____ C:\Documents and Settings\uživatel\Dokumenty\ceny jat_zvirat 24_9_2018.pdf
2018-10-10 18:53 - 2018-10-10 18:53 - 000031762 _____ C:\Documents and Settings\uživatel\Plocha\fa agregát.pdf
2018-10-09 20:08 - 2018-10-09 20:16 - 335231544 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x08.DVB-T.CZ.avi
2018-10-09 19:48 - 2018-10-09 19:48 - 007567568 _____ (Malwarebytes) C:\Documents and Settings\uživatel\Dokumenty\AdwCleaner (1).exe
2018-10-09 19:46 - 2018-10-09 19:47 - 000050688 _____ (Atribune.org) C:\Documents and Settings\uživatel\Dokumenty\ATF-Cleaner (1).exe
2018-10-09 19:38 - 2018-10-09 19:46 - 388765696 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x07 cz.avi
2018-10-09 19:02 - 2018-10-09 19:02 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7
2018-10-09 19:02 - 2009-07-23 22:02 - 000043008 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\Rtnicxp.sys
2018-10-09 19:00 - 2018-10-09 19:00 - 004980528 _____ C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7.zip
2018-10-06 22:43 - 2018-10-06 23:13 - 000002098 _____ C:\Documents and Settings\uživatel\Plocha\papascheeseria_backup_Scarlett_day18.papa
2018-10-04 19:19 - 2018-10-04 19:19 - 000102400 _____ C:\WINDOWS\Minidump\Mini100418-01.dmp
2018-10-03 18:24 - 2018-10-03 18:24 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\BoYans
2018-10-02 21:18 - 2018-10-02 21:22 - 439611392 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x02 cz.avi
2018-10-02 16:39 - 2012-10-12 15:34 - 000033096 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\sct_skmscan.sys
2018-10-02 12:20 - 2018-10-02 12:21 - 000020106 _____ C:\Documents and Settings\uživatel\Plocha\Švec Souhlas ke kolaudaci.pdf
2018-09-25 19:59 - 2018-09-25 19:59 - 000330051 _____ C:\Documents and Settings\uživatel\Dokumenty\souhrnny_prehled_s_vyznacenymi_zmenami_soukroma_klientela.pdf
2018-09-25 19:59 - 2018-09-25 19:59 - 000077077 _____ C:\Documents and Settings\uživatel\Dokumenty\prehled_nejpodstatnejsich_zmen_.pdf
2018-09-23 11:30 - 2018-09-23 11:38 - 391190528 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x17 cz.avi
2018-09-21 19:48 - 2018-09-21 20:03 - 398069760 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x16 cz.avi
2018-09-17 19:41 - 2018-09-17 19:41 - 000411296 _____ C:\Documents and Settings\uživatel\Dokumenty\přeložka.pdf
2018-09-14 11:23 - 2018-09-14 11:23 - 000001662 _____ C:\Documents and Settings\All Users\Plocha\Bloody6.lnk
2018-09-14 11:23 - 2018-09-14 11:23 - 000000000 ____D C:\Program Files\Bloody6
2018-09-14 11:23 - 2018-09-14 11:23 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Bloody

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-12 20:35 - 2017-01-01 12:07 - 000011741 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-10-12 20:32 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel\Plocha
2018-10-12 20:15 - 2018-05-05 19:47 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\TDC
2018-10-12 20:15 - 2017-01-01 12:07 - 000024753 _____ C:\WINDOWS\ZAM.krnl.trace
2018-10-12 20:15 - 2011-12-28 12:12 - 000000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-10-12 20:15 - 2011-12-28 12:12 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2018-10-12 20:14 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Dokumenty
2018-10-12 20:12 - 2001-10-25 14:00 - 000013002 _____ C:\WINDOWS\system32\wpa.dbl
2018-10-12 20:11 - 2011-12-28 12:11 - 000207304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-12 20:11 - 2011-12-28 11:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-12 20:10 - 2012-03-02 11:24 - 000032576 _____ C:\WINDOWS\Tasks\SCHEDLGU.TXT
2018-10-12 20:10 - 2011-12-28 11:29 - 000000178 ___SH C:\Documents and Settings\uživatel\ntuser.ini
2018-10-12 20:05 - 2016-05-26 22:00 - 000000000 ____D C:\WINDOWS\erdnt
2018-10-12 19:31 - 2012-05-23 13:51 - 000000000 ____D C:\Program Files\The KMPlayer
2018-10-11 23:07 - 2001-10-25 14:00 - 000000227 _____ C:\WINDOWS\system.ini
2018-10-11 22:58 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Data aplikací
2018-10-11 20:52 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel
2018-10-11 14:43 - 2014-06-09 14:09 - 000000150 _____ C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
2018-10-11 09:22 - 2016-05-29 08:05 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-10-11 09:21 - 2015-10-05 14:23 - 000000000 ____D C:\Program Files\RogueKiller
2018-10-11 09:21 - 2015-10-05 14:23 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\RogueKiller
2018-10-11 09:20 - 2015-10-05 14:35 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\Stažené soubory
2018-10-11 09:19 - 2011-12-28 13:16 - 000000000 ____D C:\WINDOWS\network diagnostic
2018-10-10 18:47 - 2012-05-05 19:38 - 000002495 _____ C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
2018-10-09 19:08 - 2011-12-28 12:10 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2018-10-09 19:06 - 2011-12-28 12:06 - 000000000 ____D C:\WINDOWS\inf
2018-10-09 19:05 - 2011-12-28 12:28 - 000000000 ____D C:\WINDOWS\system32\ReinstallBackups
2018-10-08 22:15 - 2011-12-31 11:00 - 000000069 _____ C:\WINDOWS\NeroDigital.ini
2018-10-06 23:15 - 2018-03-14 09:03 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-10-06 23:15 - 2011-12-28 11:22 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-06 22:48 - 2018-03-04 11:47 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-10-04 19:19 - 2011-12-29 12:50 - 000000000 ____D C:\WINDOWS\Minidump
2018-10-03 18:36 - 2011-12-28 12:10 - 000000327 ___SH C:\boot.ini
2018-10-03 18:24 - 2011-12-28 12:11 - 000000000 ___RD C:\Documents and Settings\All Users\Data aplikací
2018-10-02 23:24 - 2011-12-28 11:27 - 000000042 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2018-10-02 20:49 - 2013-06-02 12:13 - 000192190 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2018-10-02 16:34 - 2012-06-29 19:49 - 000002345 _____ C:\Documents and Settings\uživatel\Nabídka Start\Programy\Windows Install Clean Up.lnk
2018-10-02 16:33 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Nabídka Start
2018-10-02 16:33 - 2011-12-28 11:29 - 000000000 ___HD C:\Documents and Settings\uživatel\Local Settings\Data aplikací
2018-09-29 09:47 - 2018-03-04 11:51 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-09-29 09:47 - 2011-12-28 14:45 - 000000000 ____D C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Adobe
2018-09-29 09:46 - 2018-03-04 11:47 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-09-29 09:46 - 2018-03-04 11:47 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-09-25 22:09 - 2013-01-16 10:48 - 000000000 ____D C:\Documents and Settings\uživatel\Data aplikací\vlc
2018-09-25 12:21 - 2011-12-28 13:08 - 000032600 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2018-09-14 11:23 - 2011-12-28 12:12 - 000000000 ____D C:\Documents and Settings\All Users\Šablony

==================== Files in the root of some directories =======

2012-02-17 17:43 - 2012-02-17 17:43 - 000001057 _____ () C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 007306240 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000070800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
2012-08-29 21:43 - 2012-11-07 12:10 - 000047104 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-17 09:03 - 2012-04-17 09:03 - 000000128 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000016512 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000140800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000018432 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
2017-06-01 22:16 - 2017-06-01 22:16 - 000005568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000126464 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
2014-02-20 19:32 - 2014-02-20 19:32 - 000002709 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\recently-used.xbel
2017-06-01 22:16 - 2017-06-01 22:16 - 001897408 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
2013-09-13 19:56 - 2013-09-13 20:03 - 000000865 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.err
2012-02-24 11:23 - 2013-09-13 20:03 - 000001352 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
2017-06-01 22:16 - 2017-06-01 22:16 - 000032038 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\uninstall_temp.ico

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================



Reklama
mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 12 říj 2018 20:47

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:36, on 12.10.2018
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE

C:\Documents and Settings\uživatel\Dokumenty\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} - https://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 5881 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38967
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 12 říj 2018 22:12

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ContextMenuHandlers2: [AlcoholShellEx] -> [CC]{32020A01-506E-484D-A2A8-BE3CF17601C3} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\Documents and Settings\uživatel:gs5sys [2560]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\uživatel\Cookies:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Plocha:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Data aplikací\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Local Settings\Data aplikací:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Local Settings\History:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34 [27982]
AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\desktop.ini:gs5sys [2560]
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na https://www.virustotal.com/#/home/uploadVirustotal
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\recently-used.xbel
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.err
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\uninstall_temp.ico

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 13 říj 2018 09:00

Fix result of Farbar Recovery Scan Tool (x86) Version: 10.10.2018
Ran by uživatel (13-10-2018 08:48:24) Run:2
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers2: [AlcoholShellEx] -> [CC]{32020A01-506E-484D-A2A8-BE3CF17601C3} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\Documents and Settings\uivatel:gs5sys [2560]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\uivatel\Cookies:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Plocha:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\ablony:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Data aplikac\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Local Settings\Data aplikac:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Local Settings\History:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\uivatel\Dokumenty\43017:300x250_citysex_v34 [27982]
AlternateDataStreams: C:\Documents and Settings\uivatel\Dokumenty\desktop.ini:gs5sys [2560]
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{32020A01-506E-484D-A2A8-BE3CF17601C3} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully.
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => not found
"C:\Documents and Settings\uivatel" => ":gs5sys" ADS not found.
"C:\Documents and Settings\All Users\Data aplikac\desktop.ini" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Cookies" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Plocha" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\ablony" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Data aplikac\desktop.ini" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Local Settings\Data aplikac" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Local Settings\History" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Dokumenty\43017" => ":300x250_citysex_v34" ADS not found.
"C:\Documents and Settings\uivatel\Dokumenty\desktop.ini" => ":gs5sys" ADS not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKU\S-1-5-21-854245398-1383384898-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully.
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 48401 B
Java, Flash, Steam htmlcache => 9028 B
Windows/system/dllcache/drivers => 222691 B
Edge => 0 B
Chrome => 188416 B
Firefox => 375429732 B
Opera => 23194136 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 424 B
NetworkService => 16741 B
uživatel => 3171688 B
Administrator => 0 B

RecycleBin => 55049763 B
EmptyTemp: => 436.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:51:42 ====


Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38967
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 13 říj 2018 22:31

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
tohle si dával na VT?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 14 říj 2018 11:00


mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 14 říj 2018 11:23

Fix result of Farbar Recovery Scan Tool (x86) Version: 10.10.2018
Ran by uživatel (14-10-2018 11:01:01) Run:3
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
C:\Documents and Settings\uivatel\Local Settings\Data aplikac\agent.dat
C:\Documents and Settings\uivatel\Local Settings\Data aplikac\installer.dat
C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Main.dat.mwt
C:\Documents and Settings\uivatel\Local Settings\Data aplikac\noah.dat

EmptyTemp:
End
*****************

Processes closed successfully.
"C:\Documents and Settings\uivatel\Local Settings\Data aplikac\agent.dat" => not found
"C:\Documents and Settings\uivatel\Local Settings\Data aplikac\installer.dat" => not found
"C:\Documents and Settings\uivatel\Local Settings\Data aplikac\Main.dat.mwt" => not found
"C:\Documents and Settings\uivatel\Local Settings\Data aplikac\noah.dat" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 0 B
Java, Flash, Steam htmlcache => 2093 B
Windows/system/dllcache/drivers => 65594851 B
Edge => 0 B
Chrome => 0 B
Firefox => 366731222 B
Opera => 451400022 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 692 B
NetworkService => 0 B
uživatel => 1025400 B
Administrator => 0 B

RecycleBin => 0 B
EmptyTemp: => 843.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:02:33 ====


Ke kabelu jsem připojil jiné pc a vše fungovalo v pořádku,takže poskytovatel je ok a dělá to mé pc.A problém přetrvává stále :-(

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38967
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 15 říj 2018 19:36

Stáhni si MiniToolBox
a spusť ho.
V okně zaškrtni čtverečky:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Potom klikni na GO , po chvíli skenu se objeví log s názvem „Result“ , zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 15 říj 2018 19:58

MiniToolBox by Farbar Version: 17-06-2016
Ran by uživatel (administrator) on 15-10-2018 at 19:56:22
Running from "C:\Documents and Settings\uživatel\Local Settings\temp\scoped_dir3844_11932"
Systém Microsoft Windows XP Professional Service Pack 3 (X86)
Model: GA-MA790X-UD4 Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================

1394 Net Adapter = 1394 Připojení (Disconnected)
Realtek PCIe GBE Family Controller = Připojení k místní síti (Disconnected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Připojení k místní síti 2 (Connected)


# ----------------------------------
#Konfigurace rozhranˇ protokolu IP
# ----------------------------------
pushd interface ip


# Konfigurace protokolu IP rozhranˇ pro "Pýipojenˇ k mˇstnˇ sˇti 2"

set address name="Pýipojenˇ k mˇstnˇ sˇti 2" source=dhcp
set dns name="Pýipojenˇ k mˇstnˇ sˇti 2" source=dhcp register=PRIMARY
set wins name="Pýipojenˇ k mˇstnˇ sˇti 2" source=dhcp


popd
# Konec konfigurace protokolu IP rozhranˇ




Konfigurace protokolu IP systému Windows



Název hostitele . . . . . . . . . : admin

Primární přípona DNS. . . . . . . :

Typ uzlu . . . . . . . . . . . . : neznámý

Povoleno směrování IP . . . . . . : Ne

WINS Proxy povoleno . . . . . . . : Ne



Adaptér sítě Ethernet Připojení k místní síti 2:



Přípona DNS podle připojení . . . :

Popis . . . . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Fyzická Adresa. . . . . . . . . . : 00-E0-4C-4D-17-04

Protokol DHCP povolen . . . . . . : Ano

Automatická konfigurace povolena : Ano

Adresa IP . . . . . . . . . . . . : 192.168.10.249

Maska podsítě . . . . . . . . . . : 255.255.255.0

Výchozí brána . . . . . . . . . . : 192.168.10.1

Server DHCP . . . . . . . . . . . : 192.168.10.1

Servery DNS . . . . . . . . . . . : 10.100.0.100

10.10.10.10

Zapůjčeno . . . . . . . . . . . . : 15. října 2018 18:51:06

Zápůjčka vyprší . . . . . . . . . : 18. října 2018 18:51:06

Server: UnKnown
Address: 10.100.0.100

N˙zev: google.com
Address: 172.217.23.206



Pýˇkaz PING na google.com [172.217.23.206] s d‚lkou 32 bajt…:



OdpovŘÔ od 172.217.23.206: bajty=32 źas=9ms TTL=51

OdpovŘÔ od 172.217.23.206: bajty=32 źas=12ms TTL=51



Statistika ping pro 172.217.23.206:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:

Minimum = 9ms, Maximum = 12ms, Pr…mŘr = 10ms

Server: UnKnown
Address: 10.100.0.100

N˙zev: yahoo.com
Addresses: 98.138.219.231, 72.30.35.9, 72.30.35.10, 98.137.246.8
98.137.246.7, 98.138.219.232



Pýˇkaz PING na yahoo.com [98.138.219.231] s d‚lkou 32 bajt…:



OdpovŘÔ od 98.138.219.231: bajty=32 źas=131ms TTL=46

OdpovŘÔ od 98.138.219.231: bajty=32 źas=130ms TTL=46



Statistika ping pro 98.138.219.231:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:

Minimum = 130ms, Maximum = 131ms, Pr…mŘr = 130ms



Pýˇkaz PING na 127.0.0.1 s d‚lkou 32 bajt…:



OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128



Statistika ping pro 127.0.0.1:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms

===========================================================================
Seznam rozhranˇ
0x1 ........................... MS TCP Loopback interface
0x2 ...00 e0 4c 4d 17 04 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov  maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.249 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.0 255.255.255.0 192.168.10.249 192.168.10.249 20
192.168.10.249 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.10.255 255.255.255.255 192.168.10.249 192.168.10.249 20
224.0.0.0 240.0.0.0 192.168.10.249 192.168.10.249 20
255.255.255.255 255.255.255.255 192.168.10.249 192.168.10.249 1
Věchozˇ br na: 192.168.10.1
===========================================================================
Trval‚ trasy:
¦ dn‚
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/15/2018 06:51:20 PM) (Source: MSSQLSERVER) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (10/15/2018 06:51:20 PM) (Source: MSSQLSERVER) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (10/15/2018 02:25:03 PM) (Source: MSSQLSERVER) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (10/15/2018 02:25:03 PM) (Source: MSSQLSERVER) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (10/15/2018 12:12:58 PM) (Source: MSSQLSERVER) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (10/15/2018 12:12:58 PM) (Source: MSSQLSERVER) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (10/15/2018 08:25:41 AM) (Source: MSSQLSERVER) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (10/15/2018 08:25:41 AM) (Source: MSSQLSERVER) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (10/15/2018 08:13:15 AM) (Source: MSSQLSERVER) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (10/15/2018 08:13:15 AM) (Source: MSSQLSERVER) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.


System errors:
=============
Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description: L:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description: K:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description: H:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description: G:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description:

Error: (10/15/2018 06:51:27 PM) (Source: 0) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (10/15/2018 06:51:20 PM) (Source: MSSQLSERVER)(User: )
Description: -1

Error: (10/15/2018 06:51:20 PM) (Source: MSSQLSERVER)(User: )
Description:

Error: (10/15/2018 02:25:03 PM) (Source: MSSQLSERVER)(User: )
Description: -1

Error: (10/15/2018 02:25:03 PM) (Source: MSSQLSERVER)(User: )
Description:

Error: (10/15/2018 12:12:58 PM) (Source: MSSQLSERVER)(User: )
Description: -1

Error: (10/15/2018 12:12:58 PM) (Source: MSSQLSERVER)(User: )
Description:

Error: (10/15/2018 08:25:41 AM) (Source: MSSQLSERVER)(User: )
Description: -1

Error: (10/15/2018 08:25:41 AM) (Source: MSSQLSERVER)(User: )
Description:

Error: (10/15/2018 08:13:15 AM) (Source: MSSQLSERVER)(User: )
Description: -1

Error: (10/15/2018 08:13:15 AM) (Source: MSSQLSERVER)(User: )
Description:


=========================== Installed Programs ============================

@BIOS (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
3D Morris 2.02 (HKLM\...\3D Morris_is1) (Version: - Lobstersoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
Acronis Disk Director (HKLM\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis)
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AIDA64 Extreme v4.70 (HKLM\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)
Ashampoo Burning Studio FREE (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.31121 - ATI Technologies Inc.)
ATI Parental Control & Encoder (HKLM\...\{36CDA33B-909B-4719-97D1-C4B99309BDC7}) (Version: 3.0 - Název společnosti:) Hidden
ATI Problem Report Wizard (HKLM\...\{5DA6F06A-B389-407B-BF8C-1548767914D8}) (Version: 8.10 - ATI Technologies)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.6.11 - Autodesk, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
Balíček ovladače systému Windows - Advanced Micro Devices (amdide) hdc (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Balíček ovladače systému Windows - LG Monitor (11/16/2006 1.3) (HKLM\...\591196B86D6AB052BD2AB3227EA1EB79A226E8D9) (Version: 11/16/2006 1.3 - LG)
Balíček ovladače systému Windows - Wacom (WacomISDPen) HIDClass (01/16/2006 2.5.0.0) (HKLM\...\06BA12C2FD6352D410C15EC9E359E80332E24487) (Version: 01/16/2006 2.5.0.0 - Wacom)
Bloody6 (HKLM\...\Bloody3) (Version: 18.07.0009 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.)
CCC Help Czech (HKLM\...\{4A742CBE-078E-03FF-C7D5-B3E1B676BDF2}) (Version: 2011.1205.2145.38999 - Název společnosti:) Hidden
CCC Help Czech (HKLM\...\{AB0BFB0B-116C-54DA-1B41-CBBE94B43007}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Danish (HKLM\...\{406AE7DC-5FD1-FC3A-00F5-024AD25DF01B}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (HKLM\...\{B3736663-7797-9F1E-77E8-6D78021B2921}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Dutch (HKLM\...\{0A173336-214D-0609-4897-5E2547D0395D}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (HKLM\...\{7AB96F30-68CC-1F9E-A7C4-7A80FF06EFAC}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help English (HKLM\...\{3828EC4B-D4B9-A742-4D81-9C0A3C72DF8A}) (Version: 2011.1109.2145.39010 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (HKLM\...\{3C637334-FE5D-E488-4F11-BF9EFD6ADAA9}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help English (HKLM\...\{BA314F9D-8401-1E44-11BF-F112E93F465E}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (HKLM\...\{41BCC278-007E-993C-61DC-25B86926F45E}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Finnish (HKLM\...\{651CD0A0-8B64-B3F1-23B9-294C39F09A31}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (HKLM\...\{77514C51-66D9-2F7C-56D8-5495B8CFAF5E}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (HKLM\...\{B57890F1-05B2-265D-62A6-C4B8EF212786}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help German (HKLM\...\{5D1EA3CE-3356-2EB7-A5C7-2F2608BDEACB}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help German (HKLM\...\{5F1AE198-965A-C65D-218A-B76F19B86BEC}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (HKLM\...\{09C6A4C7-A2D2-1DD9-A81C-44C30042A00C}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (HKLM\...\{4644EC10-EFE8-0235-41CC-C48491CF83E3}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Hungarian (HKLM\...\{045ECA18-1DB2-64C8-2279-F73A8DCE3B5E}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Hungarian (HKLM\...\{5FEEB4D3-31F1-FF10-5F61-A988CD44CA59}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (HKLM\...\{C4574477-C9FA-CF5F-B5AC-D379D655A962}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (HKLM\...\{C4842EAA-7ACA-3466-9DC0-D0BF174B9F6E}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Chinese Traditional (HKLM\...\{26C3A7CB-30DC-798B-21CC-63BDF56F0657}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Chinese Traditional (HKLM\...\{4B6DD00B-BC05-185B-BE8B-997A23B367C4}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (HKLM\...\{A8248F67-8160-7AAB-371F-03221340D539}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Italian (HKLM\...\{E5B2C34F-BEDE-5AF8-DBD3-C05E8C030588}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (HKLM\...\{4BE9562E-A31B-A5FF-5DF9-A69F9CB74746}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Japanese (HKLM\...\{CBA4DD0F-0871-39EB-A48B-03BC9E5E437B}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (HKLM\...\{860BD052-49CB-7220-8792-15523D08C2A2}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (HKLM\...\{E5DD5532-5CE8-8A47-C05F-DD8EC0ED3557}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Norwegian (HKLM\...\{4655D394-1F7C-F51A-70BC-0561FF71E9D7}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Norwegian (HKLM\...\{8C93615B-5333-B61B-625E-0D4DCD9E09CA}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (HKLM\...\{1D9B2B74-82B1-9CE7-0A9A-6234008D11EE}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (HKLM\...\{B17C8039-DDDE-E6DE-3632-40186451799C}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Portuguese (HKLM\...\{B0043B14-E6FE-67F1-54A8-DA2C8DA5B1FA}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Portuguese (HKLM\...\{BEB0B424-3692-E0DC-8D25-04A36C7AB580}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (HKLM\...\{1B9E212F-DFDC-F1D4-D1FD-986149513125}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (HKLM\...\{CE09BA21-399C-FCE7-E2E5-C9BCF14D61F3}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Spanish (HKLM\...\{28240E4E-E367-7844-846E-4E8427B53211}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Spanish (HKLM\...\{DE0C72A8-B4A3-4B80-3CF9-2DC45CF865D5}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (HKLM\...\{1CAEFAE2-D12E-CA26-62BC-DF452004B3B1}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (HKLM\...\{856499F9-51B6-C958-BADC-0B2F930ED59E}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Thai (HKLM\...\{B81D9181-67D7-6A90-78EA-34108EBBCF7F}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (HKLM\...\{F937494E-4340-FFB4-6911-54E9FB4B5998}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Turkish (HKLM\...\{2A1BC0F0-110B-EDD7-4C3D-0864DEF60677}) (Version: 2009.0113.2221.40119 - ATI) Hidden
CCC Help Turkish (HKLM\...\{F0A6D1C4-7E73-963B-C4C6-C97121B1992B}) (Version: 2011.1205.2145.38999 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Connectivity Abstraction Layer (HKLM\...\{510414A2-0F14-4DB8-BDF2-C98A6E1D1367}) (Version: 1.3.014 - Deere & Company)
CrystalDiskInfo 4.2.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 4.2.0a - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
EasyCapture 1.0.0.0 (HKLM\...\EasyCapture_is1) (Version: - )
ECULP 4.0 (HKLM\...\ECULP4_is1) (Version: - John Deere FOCUS)
Epson Easy Photo Print 2 (HKLM\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation)
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FCleaner 1.3.1.621 (HKLM\...\FCleaner_is1) (Version: - FTweak, Inc.)
ffdshow (remove only) (HKLM\...\ffdshow) (Version: - )
FilesTuber (HKCU\...\a49b2cdf927707e4) (Version: 1.1.0.2 - FilesTuber)
FormApps Plug-in (HKLM\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.21.2.70 - Software602 a.s.)
FormApps Signing Extension (HKLM\...\{1896CB18-36FE-4AA6-8F9C-F42C087941CD}) (Version: 2.19.0.37 - Software602 a.s.)
FormatFactory 4.1.0.0 (HKLM\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
GetDataBack for FAT (HKLM\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 3.66.000 - Runtime Software)
GetDataBack for NTFS (HKLM\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.03.017 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glary Utilities 2.53.0.1726 (HKLM\...\Glary Utilities_is1) (Version: 2.53.0.1726 - Glarysoft Ltd)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.0 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Chromium (HKLM\...\{560ABECA-068A-6F4A-B70A-1FCA678ACC4A}) (Version: - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.51.16 - Oracle Corporation) Hidden
Jpeg Resampler Vs 6+ (HKLM\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
JPG To PDF 2.2.1 (HKLM\...\JPG To PDF_is1) (Version: - JPG To PDF Developer Team)
KMP Media Toolbar (HKLM\...\{4B4D5056-3700-A76A-76A7-A758B70C0600}) (Version: 12.6.0.1645 - APN, LLC)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
League of Legends (HKLM\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Light Image Resizer 4.7.7.0 (HKLM\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{90120405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.0.6746 - Mozilla)
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
neroxml (HKLM\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
NEXIQ Readings (HKLM\...\{5DE5512A-6F6F-43FB-82C6-9A523E3AC771}) (Version: 3.01.320 - )
nLite 1.4.8 (HKLM\...\nLite_is1) (Version: 1.4.8 - Dino Nuhagic (nuhi))
Nuclear Coffee - VideoGet (HKLM\...\VideoGet_is1) (Version: 2012 - Nuclear Coffee)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.80) (Version: 36.0.2130.80 - Opera Software)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.801) (Version: 36.0.2130.80 - Opera Software)
PDF Editor 4 (HKLM\...\PDF Editor 4) (Version: - )
PDF Shrink 2 (HKLM\...\PDF Shrink 2) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Polda III čára (HKLM\...\Polda III čára_is1) (Version: - )
Polda III karty (HKLM\...\Polda III karty_is1) (Version: - )
Pošta & kancelář 2.3 (HKLM\...\Pošta & kancelář_is1) (Version: - PS Media s.r.o.)
Pošta a kancelář 3.7 (HKLM\...\Pošta a kancelář 3_is1) (Version: - PS Media s.r.o.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RogueKiller version 12.13.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.13.4.0 - Adlice Software)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Software602 Form Filler (HKLM\...\{C6E36857-F622-4DF5-B458-05752A4D13F0}) (Version: 4.13 - Software602 a.s.)
Software602 Print2PDF (HKLM\...\{32C74893-0243-4235-A6F3-201F0E5D2C03}) (Version: 9.1.11.0421 - Software602 a.s.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
The Settlers Online - Standalone Client (HKCU\...\The Settlers Online) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMR Client Install (HKLM\...\{3FAF52DB-8007-48D1-98E0-A388B92057CC}) (Version: 1.00.0000 - Deere & Company) Hidden
WebFldrs XP (HKLM\...\{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.5318 - Microsoft Corporation) Hidden
Window Handler (HKLM\...\ST5UNST #1) (Version: - )
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.5 - ZONER software)

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 3326.42 MB
Available physical RAM: 1009.7 MB
Total Virtual: 5209.95 MB
Available Virtual: 2834.62 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:99.36 GB) (Free:48.76 GB) NTFS
3 Drive d: () (Fixed) (Total:59.63 GB) (Free:33.95 GB) NTFS
5 Drive f: () (Fixed) (Total:306.78 GB) (Free:115.18 GB) NTFS
6 Drive g: (starý disk) (Fixed) (Total:68.36 GB) (Free:41.86 GB) NTFS
7 Drive h: (system) (Fixed) (Total:127.99 GB) (Free:46.76 GB) NTFS
9 Drive k: (vše ostatní) (Fixed) (Total:171.77 GB) (Free:165.85 GB) NTFS
10 Drive l: (programy) (Fixed) (Total:97.65 GB) (Free:81.91 GB) NTFS

========================= Users: ========================================

U§ivatelsk‚ Łźty pro \\ADMIN

Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0 u§ivatel
Pýˇkaz byl ŁspŘçnŘ dokonźen.


**** End of log ****

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38967
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 15 říj 2018 22:16

máš tam dvě sítové karty , zkoušel si tu druhou?
Realtek PCIe GBE Family Controller = Připojení k místní síti (Disconnected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Připojení k místní síti 2 (Connected)

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),
Pýibli§n doba do pýijetˇ odezvy v milisekund ch:
Minimum = 9ms, Maximum = 12ms, Pr…mŘr = 10ms
Pýˇkaz PING na yahoo.com [98.138.219.231] s d‚lkou 32 bajt…:
OdpovŘÔ od 98.138.219.231: bajty=32 źas=131ms TTL=46
OdpovŘÔ od 98.138.219.231: bajty=32 źas=130ms TTL=46
to není tak špatné..
Předtím to šlo dobře?

Spusť znovu MiniToolBox.
Zaškrtni čtverečky:
Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Device * Only problem * No Driver *All
List Minidump Files
Potom klikni na GO , po chvíli skenu se objeví log s názvem „Result“ , zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 15 říj 2018 22:50

MiniToolBox by Farbar Version: 17-06-2016
Ran by uživatel (administrator) on 15-10-2018 at 22:45:58
Running from "C:\Documents and Settings\uživatel\Local Settings\temp\scoped_dir3844_24200"
Systém Microsoft Windows XP Professional Service Pack 3 (X86)
Model: GA-MA790X-UD4 Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Konfigurace protokolu IP systmu Windows



Mezipam pekldn DNS byla spn vyprzdnna.


"Reset IE Proxy Settings": IE Proxy Settings were reset.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.


========================= Devices: ================================

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&29D96644&0&0050
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Device ID: V1394\NIC1394\241D1961E0
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Komunikační port (COM1)
Description: Wacom Penabled HID MiniDriver
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: Wacom
Service: WacomISDPen
Device ID: ACPI\PNP0501\1
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: ROOT\LEGACY_SASKUTIL\0000
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini100418-01.dmp
C:\WINDOWS\Minidump\Mini101318-01.dmp

**** End of log ****

Ta druhá síťová karta je nefunkční,jednou prostě přestal jít net tak jsem koupil externí lupnul do pc a net šel,a dále jsem již nezjišťoval proč nešla interní na kartě.

Trochu pokrok je odinstaloval jsem KMP toolbar,potom nějaký chromium a avanquest update ale místo např 10x selhání při stahování 700mb souboru to padne jen 2 x.A ještě jsem zapomně i při přehrávání videa na netu se třeba načte video do půlky a pak prostě konec a jde od začátku a konec opět nikde.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 3 hosti