Re: prosím o kontrolu
Napsal: 12 říj 2018 20:39
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10.10.2018
Ran by uživatel (administrator) on ADMIN (12-10-2018 20:35:57)
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2012-03-09] (ATI Technologies Inc.)
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
BootExecute:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{90248221-6BF5-42EE-9CE9-B25DB8FA3F8C}: [DhcpNameServer] 10.100.0.100 10.10.10.10
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-10-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-10-16] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390 [2018-10-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-30] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-29] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-10-02]
CHR Extension: (Prezentace) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-06]
CHR Extension: (Dokumenty) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-06]
CHR Extension: (Disk Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-06]
CHR Extension: (YouTube) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-06]
CHR Extension: (Tabulky) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-06]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-06]
CHR Extension: (Gmail) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-06]
StartMenuInternet: Google Chrome.EFIX7PDXVMH4TSHU4JU2LULLNI - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (Mining Blocker) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\nbpfigdgbjgoejmnffbpgmbcnppjjokp [2018-09-21]
OPR Extension: (Adblock Plus) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-09-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-09-29] (Adobe Systems Incorporated) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-01-13] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1983264 2016-03-04] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-10-28] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2018-01-10] (Bluestack System Inc. )
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-10] (DT Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206312 2016-04-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [146024 2016-04-14] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [127496 2016-04-14] (ESET)
S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [27760 2010-03-31] ()
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S2 PAR1284; C:\WINDOWS\system32\PAR1284.sys [54792 2009-06-29] (Warp Nine Engineering) [File not signed]
S3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMI.sys [3684352 2008-08-26] (Realtek Semiconductor Corp.)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [43008 2009-07-23] (Realtek Semiconductor Corporation ) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SCT_SKMScan; C:\WINDOWS\System32\drivers\sct_skmscan.sys [33096 2012-10-12] (Sophos Limited)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-08-31] ()
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2018-10-11] ()
S3 WacomISDPen; C:\WINDOWS\System32\DRIVERS\wacomisdpen.sys [23040 2007-05-24] (Wacom Technology)
R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [193696 2009-06-29] (Jungo) [File not signed]
U5 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2018-03-03] ()
S1 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X]
R1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-12 20:32 - 2018-10-12 20:32 - 000000409 _____ C:\Documents and Settings\uživatel\Plocha\Addition.txt
2018-10-12 20:30 - 2018-10-12 20:36 - 000014563 _____ C:\Documents and Settings\uživatel\Plocha\FRST.txt
2018-10-12 20:24 - 2018-10-12 20:30 - 000000000 ____D C:\FRST
2018-10-12 19:56 - 2018-10-12 19:57 - 001774592 _____ (Farbar) C:\Documents and Settings\uživatel\Plocha\FRST.exe
2018-10-11 23:08 - 2018-10-12 20:36 - 000000000 ____D C:\Documents and Settings\uživatel\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2018-10-11 22:31 - 2018-10-12 16:44 - 314502880 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x11.DVB-T.CZ.avi
2018-10-11 21:22 - 2018-10-11 21:24 - 319947110 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x10.DVB-T.CZ.avi
2018-10-11 21:16 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-10-11 20:56 - 2018-10-11 20:59 - 338741166 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x09.DVB-T.CZ.avi
2018-10-11 20:51 - 2018-10-12 20:15 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2018-10-11 10:15 - 2018-10-11 10:15 - 000094750 _____ C:\Documents and Settings\uživatel\Dokumenty\ceny jat_zvirat 24_9_2018.pdf
2018-10-10 18:53 - 2018-10-10 18:53 - 000031762 _____ C:\Documents and Settings\uživatel\Plocha\fa agregát.pdf
2018-10-09 20:08 - 2018-10-09 20:16 - 335231544 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x08.DVB-T.CZ.avi
2018-10-09 19:48 - 2018-10-09 19:48 - 007567568 _____ (Malwarebytes) C:\Documents and Settings\uživatel\Dokumenty\AdwCleaner (1).exe
2018-10-09 19:46 - 2018-10-09 19:47 - 000050688 _____ (Atribune.org) C:\Documents and Settings\uživatel\Dokumenty\ATF-Cleaner (1).exe
2018-10-09 19:38 - 2018-10-09 19:46 - 388765696 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x07 cz.avi
2018-10-09 19:02 - 2018-10-09 19:02 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7
2018-10-09 19:02 - 2009-07-23 22:02 - 000043008 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\Rtnicxp.sys
2018-10-09 19:00 - 2018-10-09 19:00 - 004980528 _____ C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7.zip
2018-10-06 22:43 - 2018-10-06 23:13 - 000002098 _____ C:\Documents and Settings\uživatel\Plocha\papascheeseria_backup_Scarlett_day18.papa
2018-10-04 19:19 - 2018-10-04 19:19 - 000102400 _____ C:\WINDOWS\Minidump\Mini100418-01.dmp
2018-10-03 18:24 - 2018-10-03 18:24 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\BoYans
2018-10-02 21:18 - 2018-10-02 21:22 - 439611392 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x02 cz.avi
2018-10-02 16:39 - 2012-10-12 15:34 - 000033096 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\sct_skmscan.sys
2018-10-02 12:20 - 2018-10-02 12:21 - 000020106 _____ C:\Documents and Settings\uživatel\Plocha\Švec Souhlas ke kolaudaci.pdf
2018-09-25 19:59 - 2018-09-25 19:59 - 000330051 _____ C:\Documents and Settings\uživatel\Dokumenty\souhrnny_prehled_s_vyznacenymi_zmenami_soukroma_klientela.pdf
2018-09-25 19:59 - 2018-09-25 19:59 - 000077077 _____ C:\Documents and Settings\uživatel\Dokumenty\prehled_nejpodstatnejsich_zmen_.pdf
2018-09-23 11:30 - 2018-09-23 11:38 - 391190528 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x17 cz.avi
2018-09-21 19:48 - 2018-09-21 20:03 - 398069760 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x16 cz.avi
2018-09-17 19:41 - 2018-09-17 19:41 - 000411296 _____ C:\Documents and Settings\uživatel\Dokumenty\přeložka.pdf
2018-09-14 11:23 - 2018-09-14 11:23 - 000001662 _____ C:\Documents and Settings\All Users\Plocha\Bloody6.lnk
2018-09-14 11:23 - 2018-09-14 11:23 - 000000000 ____D C:\Program Files\Bloody6
2018-09-14 11:23 - 2018-09-14 11:23 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Bloody
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-12 20:35 - 2017-01-01 12:07 - 000011741 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-10-12 20:32 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel\Plocha
2018-10-12 20:15 - 2018-05-05 19:47 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\TDC
2018-10-12 20:15 - 2017-01-01 12:07 - 000024753 _____ C:\WINDOWS\ZAM.krnl.trace
2018-10-12 20:15 - 2011-12-28 12:12 - 000000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-10-12 20:15 - 2011-12-28 12:12 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2018-10-12 20:14 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Dokumenty
2018-10-12 20:12 - 2001-10-25 14:00 - 000013002 _____ C:\WINDOWS\system32\wpa.dbl
2018-10-12 20:11 - 2011-12-28 12:11 - 000207304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-12 20:11 - 2011-12-28 11:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-12 20:10 - 2012-03-02 11:24 - 000032576 _____ C:\WINDOWS\Tasks\SCHEDLGU.TXT
2018-10-12 20:10 - 2011-12-28 11:29 - 000000178 ___SH C:\Documents and Settings\uživatel\ntuser.ini
2018-10-12 20:05 - 2016-05-26 22:00 - 000000000 ____D C:\WINDOWS\erdnt
2018-10-12 19:31 - 2012-05-23 13:51 - 000000000 ____D C:\Program Files\The KMPlayer
2018-10-11 23:07 - 2001-10-25 14:00 - 000000227 _____ C:\WINDOWS\system.ini
2018-10-11 22:58 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Data aplikací
2018-10-11 20:52 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel
2018-10-11 14:43 - 2014-06-09 14:09 - 000000150 _____ C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
2018-10-11 09:22 - 2016-05-29 08:05 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-10-11 09:21 - 2015-10-05 14:23 - 000000000 ____D C:\Program Files\RogueKiller
2018-10-11 09:21 - 2015-10-05 14:23 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\RogueKiller
2018-10-11 09:20 - 2015-10-05 14:35 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\Stažené soubory
2018-10-11 09:19 - 2011-12-28 13:16 - 000000000 ____D C:\WINDOWS\network diagnostic
2018-10-10 18:47 - 2012-05-05 19:38 - 000002495 _____ C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
2018-10-09 19:08 - 2011-12-28 12:10 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2018-10-09 19:06 - 2011-12-28 12:06 - 000000000 ____D C:\WINDOWS\inf
2018-10-09 19:05 - 2011-12-28 12:28 - 000000000 ____D C:\WINDOWS\system32\ReinstallBackups
2018-10-08 22:15 - 2011-12-31 11:00 - 000000069 _____ C:\WINDOWS\NeroDigital.ini
2018-10-06 23:15 - 2018-03-14 09:03 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-10-06 23:15 - 2011-12-28 11:22 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-06 22:48 - 2018-03-04 11:47 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-10-04 19:19 - 2011-12-29 12:50 - 000000000 ____D C:\WINDOWS\Minidump
2018-10-03 18:36 - 2011-12-28 12:10 - 000000327 ___SH C:\boot.ini
2018-10-03 18:24 - 2011-12-28 12:11 - 000000000 ___RD C:\Documents and Settings\All Users\Data aplikací
2018-10-02 23:24 - 2011-12-28 11:27 - 000000042 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2018-10-02 20:49 - 2013-06-02 12:13 - 000192190 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2018-10-02 16:34 - 2012-06-29 19:49 - 000002345 _____ C:\Documents and Settings\uživatel\Nabídka Start\Programy\Windows Install Clean Up.lnk
2018-10-02 16:33 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Nabídka Start
2018-10-02 16:33 - 2011-12-28 11:29 - 000000000 ___HD C:\Documents and Settings\uživatel\Local Settings\Data aplikací
2018-09-29 09:47 - 2018-03-04 11:51 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-09-29 09:47 - 2011-12-28 14:45 - 000000000 ____D C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Adobe
2018-09-29 09:46 - 2018-03-04 11:47 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-09-29 09:46 - 2018-03-04 11:47 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-09-25 22:09 - 2013-01-16 10:48 - 000000000 ____D C:\Documents and Settings\uživatel\Data aplikací\vlc
2018-09-25 12:21 - 2011-12-28 13:08 - 000032600 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2018-09-14 11:23 - 2011-12-28 12:12 - 000000000 ____D C:\Documents and Settings\All Users\Šablony
==================== Files in the root of some directories =======
2012-02-17 17:43 - 2012-02-17 17:43 - 000001057 _____ () C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 007306240 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000070800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
2012-08-29 21:43 - 2012-11-07 12:10 - 000047104 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-17 09:03 - 2012-04-17 09:03 - 000000128 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000016512 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000140800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000018432 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
2017-06-01 22:16 - 2017-06-01 22:16 - 000005568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000126464 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
2014-02-20 19:32 - 2014-02-20 19:32 - 000002709 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\recently-used.xbel
2017-06-01 22:16 - 2017-06-01 22:16 - 001897408 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
2013-09-13 19:56 - 2013-09-13 20:03 - 000000865 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.err
2012-02-24 11:23 - 2013-09-13 20:03 - 000001352 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
2017-06-01 22:16 - 2017-06-01 22:16 - 000032038 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\uninstall_temp.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Ran by uživatel (administrator) on ADMIN (12-10-2018 20:35:57)
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2012-03-09] (ATI Technologies Inc.)
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
BootExecute:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{90248221-6BF5-42EE-9CE9-B25DB8FA3F8C}: [DhcpNameServer] 10.100.0.100 10.10.10.10
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-10-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-10-16] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390 [2018-10-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-30] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-29] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-10-02]
CHR Extension: (Prezentace) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-06]
CHR Extension: (Dokumenty) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-06]
CHR Extension: (Disk Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-06]
CHR Extension: (YouTube) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-06]
CHR Extension: (Tabulky) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-06]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-06]
CHR Extension: (Gmail) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-06]
StartMenuInternet: Google Chrome.EFIX7PDXVMH4TSHU4JU2LULLNI - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (Mining Blocker) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\nbpfigdgbjgoejmnffbpgmbcnppjjokp [2018-09-21]
OPR Extension: (Adblock Plus) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-09-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-09-29] (Adobe Systems Incorporated) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-01-13] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1983264 2016-03-04] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-10-28] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2018-01-10] (Bluestack System Inc. )
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-10] (DT Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206312 2016-04-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [146024 2016-04-14] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [127496 2016-04-14] (ESET)
S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [27760 2010-03-31] ()
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S2 PAR1284; C:\WINDOWS\system32\PAR1284.sys [54792 2009-06-29] (Warp Nine Engineering) [File not signed]
S3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMI.sys [3684352 2008-08-26] (Realtek Semiconductor Corp.)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [43008 2009-07-23] (Realtek Semiconductor Corporation ) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SCT_SKMScan; C:\WINDOWS\System32\drivers\sct_skmscan.sys [33096 2012-10-12] (Sophos Limited)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-08-31] ()
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2018-10-11] ()
S3 WacomISDPen; C:\WINDOWS\System32\DRIVERS\wacomisdpen.sys [23040 2007-05-24] (Wacom Technology)
R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [193696 2009-06-29] (Jungo) [File not signed]
U5 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2018-03-03] ()
S1 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X]
R1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-12 20:32 - 2018-10-12 20:32 - 000000409 _____ C:\Documents and Settings\uživatel\Plocha\Addition.txt
2018-10-12 20:30 - 2018-10-12 20:36 - 000014563 _____ C:\Documents and Settings\uživatel\Plocha\FRST.txt
2018-10-12 20:24 - 2018-10-12 20:30 - 000000000 ____D C:\FRST
2018-10-12 19:56 - 2018-10-12 19:57 - 001774592 _____ (Farbar) C:\Documents and Settings\uživatel\Plocha\FRST.exe
2018-10-11 23:08 - 2018-10-12 20:36 - 000000000 ____D C:\Documents and Settings\uživatel\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2018-10-11 23:08 - 2018-10-11 23:08 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2018-10-11 22:31 - 2018-10-12 16:44 - 314502880 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x11.DVB-T.CZ.avi
2018-10-11 21:22 - 2018-10-11 21:24 - 319947110 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x10.DVB-T.CZ.avi
2018-10-11 21:16 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-10-11 20:56 - 2018-10-11 20:59 - 338741166 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x09.DVB-T.CZ.avi
2018-10-11 20:51 - 2018-10-12 20:15 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2018-10-11 10:15 - 2018-10-11 10:15 - 000094750 _____ C:\Documents and Settings\uživatel\Dokumenty\ceny jat_zvirat 24_9_2018.pdf
2018-10-10 18:53 - 2018-10-10 18:53 - 000031762 _____ C:\Documents and Settings\uživatel\Plocha\fa agregát.pdf
2018-10-09 20:08 - 2018-10-09 20:16 - 335231544 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x08.DVB-T.CZ.avi
2018-10-09 19:48 - 2018-10-09 19:48 - 007567568 _____ (Malwarebytes) C:\Documents and Settings\uživatel\Dokumenty\AdwCleaner (1).exe
2018-10-09 19:46 - 2018-10-09 19:47 - 000050688 _____ (Atribune.org) C:\Documents and Settings\uživatel\Dokumenty\ATF-Cleaner (1).exe
2018-10-09 19:38 - 2018-10-09 19:46 - 388765696 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x07 cz.avi
2018-10-09 19:02 - 2018-10-09 19:02 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7
2018-10-09 19:02 - 2009-07-23 22:02 - 000043008 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\Rtnicxp.sys
2018-10-09 19:00 - 2018-10-09 19:00 - 004980528 _____ C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7.zip
2018-10-06 22:43 - 2018-10-06 23:13 - 000002098 _____ C:\Documents and Settings\uživatel\Plocha\papascheeseria_backup_Scarlett_day18.papa
2018-10-04 19:19 - 2018-10-04 19:19 - 000102400 _____ C:\WINDOWS\Minidump\Mini100418-01.dmp
2018-10-03 18:24 - 2018-10-03 18:24 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\BoYans
2018-10-02 21:18 - 2018-10-02 21:22 - 439611392 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x02 cz.avi
2018-10-02 16:39 - 2012-10-12 15:34 - 000033096 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\sct_skmscan.sys
2018-10-02 12:20 - 2018-10-02 12:21 - 000020106 _____ C:\Documents and Settings\uživatel\Plocha\Švec Souhlas ke kolaudaci.pdf
2018-09-25 19:59 - 2018-09-25 19:59 - 000330051 _____ C:\Documents and Settings\uživatel\Dokumenty\souhrnny_prehled_s_vyznacenymi_zmenami_soukroma_klientela.pdf
2018-09-25 19:59 - 2018-09-25 19:59 - 000077077 _____ C:\Documents and Settings\uživatel\Dokumenty\prehled_nejpodstatnejsich_zmen_.pdf
2018-09-23 11:30 - 2018-09-23 11:38 - 391190528 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x17 cz.avi
2018-09-21 19:48 - 2018-09-21 20:03 - 398069760 _____ C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x16 cz.avi
2018-09-17 19:41 - 2018-09-17 19:41 - 000411296 _____ C:\Documents and Settings\uživatel\Dokumenty\přeložka.pdf
2018-09-14 11:23 - 2018-09-14 11:23 - 000001662 _____ C:\Documents and Settings\All Users\Plocha\Bloody6.lnk
2018-09-14 11:23 - 2018-09-14 11:23 - 000000000 ____D C:\Program Files\Bloody6
2018-09-14 11:23 - 2018-09-14 11:23 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Bloody
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-12 20:35 - 2017-01-01 12:07 - 000011741 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-10-12 20:32 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel\Plocha
2018-10-12 20:15 - 2018-05-05 19:47 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\TDC
2018-10-12 20:15 - 2017-01-01 12:07 - 000024753 _____ C:\WINDOWS\ZAM.krnl.trace
2018-10-12 20:15 - 2011-12-28 12:12 - 000000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-10-12 20:15 - 2011-12-28 12:12 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2018-10-12 20:14 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Dokumenty
2018-10-12 20:12 - 2001-10-25 14:00 - 000013002 _____ C:\WINDOWS\system32\wpa.dbl
2018-10-12 20:11 - 2011-12-28 12:11 - 000207304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-12 20:11 - 2011-12-28 11:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-12 20:10 - 2012-03-02 11:24 - 000032576 _____ C:\WINDOWS\Tasks\SCHEDLGU.TXT
2018-10-12 20:10 - 2011-12-28 11:29 - 000000178 ___SH C:\Documents and Settings\uživatel\ntuser.ini
2018-10-12 20:05 - 2016-05-26 22:00 - 000000000 ____D C:\WINDOWS\erdnt
2018-10-12 19:31 - 2012-05-23 13:51 - 000000000 ____D C:\Program Files\The KMPlayer
2018-10-11 23:07 - 2001-10-25 14:00 - 000000227 _____ C:\WINDOWS\system.ini
2018-10-11 22:58 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Data aplikací
2018-10-11 20:52 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel
2018-10-11 14:43 - 2014-06-09 14:09 - 000000150 _____ C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
2018-10-11 09:22 - 2016-05-29 08:05 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-10-11 09:21 - 2015-10-05 14:23 - 000000000 ____D C:\Program Files\RogueKiller
2018-10-11 09:21 - 2015-10-05 14:23 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\RogueKiller
2018-10-11 09:20 - 2015-10-05 14:35 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\Stažené soubory
2018-10-11 09:19 - 2011-12-28 13:16 - 000000000 ____D C:\WINDOWS\network diagnostic
2018-10-10 18:47 - 2012-05-05 19:38 - 000002495 _____ C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
2018-10-09 19:08 - 2011-12-28 12:10 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2018-10-09 19:06 - 2011-12-28 12:06 - 000000000 ____D C:\WINDOWS\inf
2018-10-09 19:05 - 2011-12-28 12:28 - 000000000 ____D C:\WINDOWS\system32\ReinstallBackups
2018-10-08 22:15 - 2011-12-31 11:00 - 000000069 _____ C:\WINDOWS\NeroDigital.ini
2018-10-06 23:15 - 2018-03-14 09:03 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-10-06 23:15 - 2011-12-28 11:22 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-06 22:48 - 2018-03-04 11:47 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-10-04 19:19 - 2011-12-29 12:50 - 000000000 ____D C:\WINDOWS\Minidump
2018-10-03 18:36 - 2011-12-28 12:10 - 000000327 ___SH C:\boot.ini
2018-10-03 18:24 - 2011-12-28 12:11 - 000000000 ___RD C:\Documents and Settings\All Users\Data aplikací
2018-10-02 23:24 - 2011-12-28 11:27 - 000000042 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2018-10-02 20:49 - 2013-06-02 12:13 - 000192190 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2018-10-02 16:34 - 2012-06-29 19:49 - 000002345 _____ C:\Documents and Settings\uživatel\Nabídka Start\Programy\Windows Install Clean Up.lnk
2018-10-02 16:33 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Nabídka Start
2018-10-02 16:33 - 2011-12-28 11:29 - 000000000 ___HD C:\Documents and Settings\uživatel\Local Settings\Data aplikací
2018-09-29 09:47 - 2018-03-04 11:51 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-09-29 09:47 - 2011-12-28 14:45 - 000000000 ____D C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Adobe
2018-09-29 09:46 - 2018-03-04 11:47 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-09-29 09:46 - 2018-03-04 11:47 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-09-25 22:09 - 2013-01-16 10:48 - 000000000 ____D C:\Documents and Settings\uživatel\Data aplikací\vlc
2018-09-25 12:21 - 2011-12-28 13:08 - 000032600 _____ C:\Documents and Settings\uživatel\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2018-09-14 11:23 - 2011-12-28 12:12 - 000000000 ____D C:\Documents and Settings\All Users\Šablony
==================== Files in the root of some directories =======
2012-02-17 17:43 - 2012-02-17 17:43 - 000001057 _____ () C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 007306240 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000070800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
2012-08-29 21:43 - 2012-11-07 12:10 - 000047104 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-17 09:03 - 2012-04-17 09:03 - 000000128 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000016512 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000140800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000018432 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
2017-06-01 22:16 - 2017-06-01 22:16 - 000005568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000126464 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
2014-02-20 19:32 - 2014-02-20 19:32 - 000002709 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\recently-used.xbel
2017-06-01 22:16 - 2017-06-01 22:16 - 001897408 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
2013-09-13 19:56 - 2013-09-13 20:03 - 000000865 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.err
2012-02-24 11:23 - 2013-09-13 20:03 - 000001352 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
2017-06-01 22:16 - 2017-06-01 22:16 - 000032038 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\uninstall_temp.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================