prosím o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38960
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 17 říj 2018 19:54

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&29D96644&0&0050
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Zkus ve správci zařízení ten návod.


Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 17 říj 2018 20:28

Co tím myslíš? ta síťovka je zakázaná možná už 2 roky.když jí povolím nestane se nic

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38960
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 17 říj 2018 22:02

Ta druhá síťová karta je nefunkční,jednou prostě přestal jít net tak jsem koupil externí lupnul do pc a net šel,a dále jsem již nezjišťoval proč nešla interní na kartě.


Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&29D96644&0&0050
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

This device is disabled
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 17 říj 2018 22:13

To jsem předtím zkoušel a byla předtím zaplá,a když jsem jí teď zapnul strčil do ní kabel net opět nešel.Divné je že třeba rádio online hraje v pořádku,stream online videí také,ale prostě stahování odkudkoliv ne,dokonce i některé programy co jsem měl tady stahnout se prostě přerušilo.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38960
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 18 říj 2018 20:04

A tu co nejde máš ve správci zakázanou?

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 18 říj 2018 20:57

OTL Extras logfile created on: 18.10.2018 20:37:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 45,32% Memory free
5,09 Gb Paging File | 3,12 Gb Available in Paging File | 61,37% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 99,36 Gb Total Space | 44,39 Gb Free Space | 44,67% Space Free | Partition Type: NTFS
Drive D: | 59,63 Gb Total Space | 33,95 Gb Free Space | 56,93% Space Free | Partition Type: NTFS
Drive F: | 306,78 Gb Total Space | 115,18 Gb Free Space | 37,54% Space Free | Partition Type: NTFS
Drive G: | 68,36 Gb Total Space | 41,86 Gb Free Space | 61,23% Space Free | Partition Type: NTFS
Drive H: | 127,99 Gb Total Space | 46,76 Gb Free Space | 36,53% Space Free | Partition Type: NTFS
Drive K: | 171,77 Gb Total Space | 165,85 Gb Free Space | 96,56% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 81,91 Gb Free Space | 83,88% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56411:TCP" = 56411:TCP:*:Enabled:Pando Media Booster
"56411:UDP" = 56411:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"56411:TCP" = 56411:TCP:*:Enabled:Pando Media Booster
"56411:UDP" = 56411:UDP:*:Enabled:Pando Media Booster

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\Common Files\soft602\langserv.exe" = C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker -- ()
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Documents and Settings\uživatel\Plocha\Microsoft-Office-2010-v1.0-CZ-Portable\Microsoft Office 2010 Portable CZ by Sparrow v1.0\MSO_2010_by_Sparrow.dat" = C:\Documents and Settings\uživatel\Plocha\Microsoft-Office-2010-v1.0-CZ-Portable\Microsoft Office 2010 Portable CZ by Sparrow v1.0\MSO_2010_by_Sparrow.dat:*:Enabled:MSO_2010_by_Sparrow -- ()
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.1.0 -- (VideoLAN)
"C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"F:\FormatFactory\FormatFactory.exe" = F:\FormatFactory\FormatFactory.exe:*:Enabled:Format Factory -- (Free Time Co., Ltd.)
"F:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe" = F:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe:*:Enabled:EBook Codec Downloader -- (Free Time Co., Ltd.)
"F:\FormatFactory\FFModules\Package\PTInstOnline.exe" = F:\FormatFactory\FFModules\Package\PTInstOnline.exe:*:Enabled:Picosmos P2P Installer -- (Free Time)
"C:\Program Files\BlueStacks\HD-Player.exe" = C:\Program Files\BlueStacks\HD-Player.exe:*:Enabled:BlueStacks Android Host -- (BlueStack Systems, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox) -- (Mozilla Corporation)
"C:\Program Files\UnHackMe\wu.exe" = C:\Program Files\UnHackMe\wu.exe:*:Enabled:UnHackMe Updater -- (Greais Software)
"C:\Program Files\UnHackMe\RegRunInfo.exe" = C:\Program Files\UnHackMe\RegRunInfo.exe:*:Enabled:UnHackMe Info -- (Greatis Software)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{045ECA18-1DB2-64C8-2279-F73A8DCE3B5E}" = CCC Help Hungarian
"{06E34C00-0446-4176-81C8-A5DAFE53CA36}" = Acronis Disk Director
"{09C6A4C7-A2D2-1DD9-A81C-44C30042A00C}" = CCC Help Greek
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A173336-214D-0609-4897-5E2547D0395D}" = CCC Help Dutch
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1896CB18-36FE-4AA6-8F9C-F42C087941CD}" = FormApps Signing Extension
"{1B9E212F-DFDC-F1D4-D1FD-986149513125}" = CCC Help Russian
"{1CAEFAE2-D12E-CA26-62BC-DF452004B3B1}" = CCC Help Swedish
"{1D9B2B74-82B1-9CE7-0A9A-6234008D11EE}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83218051F0}" = Java 8 Update 51
"{26C3A7CB-30DC-798B-21CC-63BDF56F0657}" = CCC Help Chinese Traditional
"{28240E4E-E367-7844-846E-4E8427B53211}" = CCC Help Spanish
"{2A1BC0F0-110B-EDD7-4C3D-0864DEF60677}" = CCC Help Turkish
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3828EC4B-D4B9-A742-4D81-9C0A3C72DF8A}" = CCC Help English
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C637334-FE5D-E488-4F11-BF9EFD6ADAA9}" = CCC Help English
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FAF52DB-8007-48D1-98E0-A388B92057CC}" = VMR Client Install
"{406AE7DC-5FD1-FC3A-00F5-024AD25DF01B}" = CCC Help Danish
"{41BCC278-007E-993C-61DC-25B86926F45E}" = CCC Help Finnish
"{433AA25B-442D-D97B-6492-71D2747355DB}" = ccc-utility
"{4644EC10-EFE8-0235-41CC-C48491CF83E3}" = CCC Help Greek
"{4655D394-1F7C-F51A-70BC-0561FF71E9D7}" = CCC Help Norwegian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A742CBE-078E-03FF-C7D5-B3E1B676BDF2}" = CCC Help Czech
"{4B6DD00B-BC05-185B-BE8B-997A23B367C4}" = CCC Help Chinese Traditional
"{4BE9562E-A31B-A5FF-5DF9-A69F9CB74746}" = CCC Help Japanese
"{510414A2-0F14-4DB8-BDF2-C98A6E1D1367}" = Connectivity Abstraction Layer
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D1EA3CE-3356-2EB7-A5C7-2F2608BDEACB}" = CCC Help German
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE5512A-6F6F-43FB-82C6-9A523E3AC771}" = NEXIQ Readings
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5F1AE198-965A-C65D-218A-B76F19B86BEC}" = CCC Help German
"{5FEEB4D3-31F1-FF10-5F61-A988CD44CA59}" = CCC Help Hungarian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{651CD0A0-8B64-B3F1-23B9-294C39F09A31}" = CCC Help Finnish
"{6C8C4577-8E15-4C63-96ED-D40F2072FF74}" = System Requirements Lab CYRI
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{77514C51-66D9-2F7C-56D8-5495B8CFAF5E}" = CCC Help French
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7AB96F30-68CC-1F9E-A7C4-7A80FF06EFAC}" = CCC Help Dutch
"{81A917A1-DBA3-3639-53DA-B6E833D41A57}" = ccc-utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{856499F9-51B6-C958-BADC-0B2F930ED59E}" = CCC Help Swedish
"{860BD052-49CB-7220-8792-15523D08C2A2}" = CCC Help Korean
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8C93615B-5333-B61B-625E-0D4DCD9E09CA}" = CCC Help Norwegian
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91B33C97-91F8-FFB3-581B-BC952C901685}_is1" = Ashampoo Burning Studio FREE
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9a1d8d96-8b6f-4b5e-9281-abf022feb360}" = FormApps Plug-in
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A8248F67-8160-7AAB-371F-03221340D539}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB0BFB0B-116C-54DA-1B41-CBBE94B43007}" = CCC Help Czech
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0043B14-E6FE-67F1-54A8-DA2C8DA5B1FA}" = CCC Help Portuguese
"{B17C8039-DDDE-E6DE-3632-40186451799C}" = CCC Help Polish
"{B2420CAA-ADC1-8581-938A-2B25C22EF17A}" = ccc-utility
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3736663-7797-9F1E-77E8-6D78021B2921}" = CCC Help Danish
"{B57890F1-05B2-265D-62A6-C4B8EF212786}" = CCC Help French
"{B81D9181-67D7-6A90-78EA-34108EBBCF7F}" = CCC Help Thai
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BA314F9D-8401-1E44-11BF-F112E93F465E}" = CCC Help English
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{BEB0B424-3692-E0DC-8D25-04A36C7AB580}" = CCC Help Portuguese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4574477-C9FA-CF5F-B5AC-D379D655A962}" = CCC Help Chinese Standard
"{C4842EAA-7ACA-3466-9DC0-D0BF174B9F6E}" = CCC Help Chinese Standard
"{C6E36857-F622-4DF5-B458-05752A4D13F0}" = Software602 Form Filler
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CBA4DD0F-0871-39EB-A48B-03BC9E5E437B}" = CCC Help Japanese
"{CE09BA21-399C-FCE7-E2E5-C9BCF14D61F3}" = CCC Help Russian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE0C72A8-B4A3-4B80-3CF9-2DC45CF865D5}" = CCC Help Spanish
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E5B2C34F-BEDE-5AF8-DBD3-C05E8C030588}" = CCC Help Italian
"{E5DD5532-5CE8-8A47-C05F-DD8EC0ED3557}" = CCC Help Korean
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E8BEDB28-151D-465C-9BE0-F6EB930A629C}" = Microsoft SQL Server Compact 4.0 CSY
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.7.7.0
"{F0A6D1C4-7E73-963B-C4C6-C97121B1992B}" = CCC Help Turkish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1100000-0008-0000-0001-074957833700}" = ABBYY FineReader 11
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F937494E-4340-FFB4-6911-54E9FB4B5998}" = CCC Help Thai
"06BA12C2FD6352D410C15EC9E359E80332E24487" = Balíček ovladače systému Windows - Wacom (WacomISDPen) HIDClass (01/16/2006 2.5.0.0)
"3D Morris_is1" = 3D Morris 2.02
"591196B86D6AB052BD2AB3227EA1EB79A226E8D9" = Balíček ovladače systému Windows - LG Monitor (11/16/2006 1.3)
"7-Zip" = 7-Zip 9.20
"8B3D7924-ED89-486B-8322-E8594065D5CB_is1" = RogueKiller version 12.13.4.0
"92CABF192AE59FEC7A26BF526AE067A4C700A858" = Balíček ovladače systému Windows - Advanced Micro Devices (amdide) hdc (12/04/2012 5.2.2.0179)
"Adobe Flash Player NPAPI" = Adobe Flash Player 31 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 31 PPAPI
"AIDA64 Extreme_is1" = AIDA64 Extreme v4.70
"ANDY OS" = ANDY OS
"Bloody3" = Bloody6
"BlueStacks" = BlueStacks App Player
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.2.0a
"DAEMON Tools Lite" = DAEMON Tools Lite
"EasyCapture_is1" = EasyCapture 1.0.0.0
"ECULP4_is1" = ECULP 4.0
"EPSON Scanner" = EPSON Scan
"EPSON SX420W Series" = EPSON SX420W Series Printer Uninstall
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FCleaner_is1" = FCleaner 1.3.1.621
"ffdshow" = ffdshow (remove only)
"FormatFactory" = FormatFactory 4.1.0.0
"GIMP-2_is1" = GIMP 2.8.10
"Glary Utilities_is1" = Glary Utilities 2.53.0.1726
"HD Tune_is1" = HD Tune 2.55
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"JpegResampler2010_is1" = Jpeg Resampler Vs 6+
"JPG To PDF_is1" = JPG To PDF 2.2.1
"League of Legends 3.0.1" = League of Legends
"MEGAsync" = MEGAsync
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MiniTool Power Data Recovery Free Edition_is1" = MiniTool Power Data Recovery Free Edition 7.0
"Mozilla Firefox 52.9.0 ESR (x86 cs)" = Mozilla Firefox 52.9.0 ESR (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nLite_is1" = nLite 1.4.8
"Opera 36.0.2130.80" = Opera Stable 36.0.2130.80
"Opera 36.0.2130.801" = Opera Stable 36.0.2130.80
"PDF Editor 4" = PDF Editor 4
"PDF Shrink 2" = PDF Shrink 2
"Polda III čára_is1" = Polda III čára
"Polda III karty_is1" = Polda III karty
"Pošta & kancelář_is1" = Pošta & kancelář 2.3
"Pošta a kancelář 3_is1" = Pošta a kancelář 3.7
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.95
"ST5UNST #1" = Window Handler
"The KMPlayer" = KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"UnHackMe_is1" = UnHackMe 9.96
"Unlocker" = Unlocker 1.9.2
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VLC media player" = VLC media player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"a49b2cdf927707e4" = FilesTuber
"The Settlers Online" = The Settlers Online - Standalone Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 17.10.2018 13:04:26 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 17.10.2018 13:04:26 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 3:14:12 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 3:14:12 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 5:33:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 5:33:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 6:48:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 6:48:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 11:47:11 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 11:47:11 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

[ Application Events ]
Error - 17.10.2018 13:04:26 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 17.10.2018 13:04:26 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 3:14:12 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 3:14:12 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 5:33:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 5:33:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 6:48:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 6:48:30 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 18.10.2018 11:47:11 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 18.10.2018 11:47:11 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

[ System Events ]
Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = WacomISDPen | ID = 327940
Description =

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = WacomISDPen | ID = 327936
Description =

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = WacomISDPen | ID = 327936
Description =

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = WacomISDPen | ID = 327936
Description =

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = WacomISDPen | ID = 327936
Description =

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = WacomISDPen | ID = 327939
Description =

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek G: spustit nástroj chkdsk.

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek H: spustit nástroj chkdsk.

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek K: spustit nástroj chkdsk.

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek L: spustit nástroj chkdsk.


< End of report >

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 18 říj 2018 20:58

OTL logfile created on: 18.10.2018 20:37:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 45,32% Memory free
5,09 Gb Paging File | 3,12 Gb Available in Paging File | 61,37% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 99,36 Gb Total Space | 44,39 Gb Free Space | 44,67% Space Free | Partition Type: NTFS
Drive D: | 59,63 Gb Total Space | 33,95 Gb Free Space | 56,93% Space Free | Partition Type: NTFS
Drive F: | 306,78 Gb Total Space | 115,18 Gb Free Space | 37,54% Space Free | Partition Type: NTFS
Drive G: | 68,36 Gb Total Space | 41,86 Gb Free Space | 61,23% Space Free | Partition Type: NTFS
Drive H: | 127,99 Gb Total Space | 46,76 Gb Free Space | 36,53% Space Free | Partition Type: NTFS
Drive K: | 171,77 Gb Total Space | 165,85 Gb Free Space | 96,56% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 81,91 Gb Free Space | 83,88% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\uživatel\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll ()
MOD - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll ()
MOD - C:\Program Files\Combined Community Codec Pack\Filters\LAVFilters\libbluray.dll ()
MOD - C:\Program Files\Combined Community Codec Pack\Filters\LAVFilters\avcodec-lav-53.dll ()
MOD - C:\Program Files\Combined Community Codec Pack\Filters\LAVFilters\avformat-lav-53.dll ()
MOD - C:\Program Files\Combined Community Codec Pack\Filters\LAVFilters\avutil-lav-51.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Program Files\ffdshow\ffdshow.ax ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (Správce výběru OS) -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (PCIDump) -- File not found
DRV - (trufos) -- C:\WINDOWS\system32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (Partizan) -- C:\WINDOWS\system32\drivers\Partizan.sys (Greatis Software)
DRV - (TrueSight) -- C:\WINDOWS\system32\drivers\TrueSight.sys ()
DRV - (etdrv) -- C:\WINDOWS\etdrv.sys (Windows (R) 2000 DDK provider)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (BstkDrv) -- C:\Program Files\BlueStacks\BstkDrv.sys (Bluestack System Inc. )
DRV - (eamonm) -- C:\WINDOWS\system32\drivers\eamonm.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (amdide) -- C:\WINDOWS\system32\drivers\amdide.sys (Advanced Micro Devices Inc.)
DRV - (SCT_SKMScan) -- C:\WINDOWS\system32\drivers\sct_skmscan.sys (Sophos Limited)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (AtiHDAudioService) -- C:\WINDOWS\system32\drivers\AtihdXP3.sys (Advanced Micro Devices)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (EverestDriver) -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt ()
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (PAR1284) -- C:\WINDOWS\system32\Par1284.sys (Warp Nine Engineering)
DRV - (WinDriver6) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (WacomISDPen) -- C:\WINDOWS\system32\drivers\wacomisdpen.sys (Wacom Technology)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (usbfilter) -- C:\WINDOWS\system32\drivers\usbfilter.sys (Advanced Micro Devices)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Old Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.9.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2015.04.30 20:21:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.9.0 ESR\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.9.0 ESR\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.12.15 20:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Extensions
[2012.12.24 22:05:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2018.04.16 14:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390\extensions
[2018.06.27 08:49:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2018.10.16 23:27:48 | 000,025,382 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 0.0.0.0 0x1f4b0.com
O1 - Hosts: 0.0.0.0 1q2w3.fun
O1 - Hosts: 0.0.0.0 1q2w3.website
O1 - Hosts: 0.0.0.0 2giga.dowload
O1 - Hosts: 0.0.0.0 2giga.link
O1 - Hosts: 0.0.0.0 8jd2lfsq.me
O1 - Hosts: 0.0.0.0 aalbbh84.info
O1 - Hosts: 0.0.0.0 acbp0020171456.page.tl
O1 - Hosts: 0.0.0.0 adless.io
O1 - Hosts: 0.0.0.0 ad-miner.com
O1 - Hosts: 0.0.0.0 adplusplus.fr
O1 - Hosts: 0.0.0.0 adrenali.gq
O1 - Hosts: 0.0.0.0 afflow.18-plus.net
O1 - Hosts: 0.0.0.0 afminer.com
O1 - Hosts: 0.0.0.0 ajcryptominer.com
O1 - Hosts: 0.0.0.0 ajplugins.com
O1 - Hosts: 0.0.0.0 akvideo.stream
O1 - Hosts: 0.0.0.0 allfontshere.press
O1 - Hosts: 0.0.0.0 altavista.ovh
O1 - Hosts: 0.0.0.0 amhixwqagiz.ru
O1 - Hosts: 0.0.0.0 analytics.blue
O1 - Hosts: 0.0.0.0 andlache.com
O1 - Hosts: 0.0.0.0 anime.reactor.cc
O1 - Hosts: 0.0.0.0 a-o.ninja
O1 - Hosts: 962 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} https://forms.celnisprava.cz/webfiller/ ... bff_cs.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90248221-6BF5-42EE-9CE9-B25DB8FA3F8C}: DhcpNameServer = 10.100.0.100 10.10.10.10
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018.10.18 20:33:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2018.10.16 23:32:08 | 000,428,832 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2018.10.16 23:31:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2018.10.16 23:31:58 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2018.10.16 23:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2018.10.16 21:18:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\uživatel\Recent
[2018.10.15 21:06:44 | 000,040,304 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2018.10.15 20:41:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\RegRun
[2018.10.15 20:39:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\RegRunInfo
[2018.10.15 20:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\RegRun2
[2018.10.15 20:39:22 | 000,049,968 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\partizan.exe
[2018.10.15 20:39:22 | 000,014,984 | ---- | C] (Greatis Software, LLC.) -- C:\WINDOWS\System32\drivers\UnHackMeDrv.sys
[2018.10.15 20:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\UnHackMe
[2018.10.15 20:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2018.10.15 19:55:25 | 000,892,416 | ---- | C] (Farbar) -- C:\Documents and Settings\uživatel\Dokumenty\MiniToolBox.exe
[2018.10.12 20:24:36 | 000,000,000 | ---D | C] -- C:\FRST
[2018.10.12 20:13:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2018.10.12 19:56:54 | 001,774,592 | ---- | C] (Farbar) -- C:\Documents and Settings\uživatel\Plocha\FRST.exe
[2018.10.11 21:16:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2018.10.11 20:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\Zemana AntiMalware
[2018.10.09 19:48:20 | 007,567,568 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\uživatel\Dokumenty\AdwCleaner (1).exe
[2018.10.09 19:46:59 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\uživatel\Dokumenty\ATF-Cleaner (1).exe
[2018.10.09 19:02:38 | 000,043,008 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys
[2018.10.09 19:02:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7
[2018.10.03 18:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\BoYans
[2018.10.02 16:39:27 | 000,033,096 | ---- | C] (Sophos Limited) -- C:\WINDOWS\System32\drivers\sct_skmscan.sys
[1 C:\Documents and Settings\uživatel\Dokumenty\*.tmp files -> C:\Documents and Settings\uživatel\Dokumenty\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018.10.18 20:33:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2018.10.18 17:47:24 | 000,013,002 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2018.10.18 17:47:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2018.10.18 17:46:55 | 3488,075,776 | -HS- | M] () -- C:\hiberfil.sys
[2018.10.18 14:48:10 | 000,000,150 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
[2018.10.16 23:55:55 | 000,000,056 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2018.10.16 23:32:07 | 000,428,832 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2018.10.16 23:31:49 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\MWAVSCAN.lnk
[2018.10.16 23:31:15 | 265,102,192 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\mwav.exe
[2018.10.16 23:27:48 | 000,025,382 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2018.10.16 22:35:42 | 010,744,757 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\routeros-mipsbe-6.42.9.npk
[2018.10.16 19:25:53 | 000,322,701 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\0720_150302074559_001.pdf
[2018.10.16 19:25:38 | 000,027,168 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\1844_180916084801_001.pdf
[2018.10.16 19:24:13 | 000,414,754 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\asavet_cenik_sluzeb_01122017.pdf
[2018.10.16 19:23:52 | 000,154,736 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\cenik pitev.pdf
[2018.10.16 18:15:41 | 000,069,253 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (7).rtf
[2018.10.16 18:15:26 | 000,052,338 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (6).rtf
[2018.10.16 18:14:58 | 000,055,683 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (5).rtf
[2018.10.16 08:47:22 | 194,901,128 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.01x02.DVB-T.CZ.avi
[2018.10.15 21:59:22 | 416,667,648 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 1x02 cz.avi
[2018.10.15 21:24:07 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
[2018.10.15 21:06:44 | 000,040,304 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2018.10.15 20:39:22 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\UnHackMe.lnk
[2018.10.15 20:36:06 | 019,077,265 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\unhackme (1).zip
[2018.10.15 20:26:18 | 019,077,265 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\unhackme.zip
[2018.10.15 19:55:27 | 000,892,416 | ---- | M] (Farbar) -- C:\Documents and Settings\uživatel\Dokumenty\MiniToolBox.exe
[2018.10.14 19:29:40 | 000,745,424 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\zakon_o_stretu_zajmu.rtf
[2018.10.14 19:09:24 | 338,826,696 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x13.DVB-T.CZ.avi
[2018.10.14 11:55:32 | 338,516,374 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x12.DVB-T.CZ.avi
[2018.10.13 23:15:00 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player NPAPI Notifier.job
[2018.10.13 22:48:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
[2018.10.13 22:10:31 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2018.10.13 22:10:30 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2018.10.13 22:10:30 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2018.10.12 21:20:32 | 000,016,526 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2018.10.12 20:15:31 | 000,024,753 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2018.10.12 20:11:40 | 000,207,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2018.10.12 19:57:07 | 001,774,592 | ---- | M] (Farbar) -- C:\Documents and Settings\uživatel\Plocha\FRST.exe
[2018.10.12 16:44:10 | 314,502,880 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x11.DVB-T.CZ.avi
[2018.10.11 21:24:51 | 319,947,110 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x10.DVB-T.CZ.avi
[2018.10.11 20:59:28 | 338,741,166 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x09.DVB-T.CZ.avi
[2018.10.11 19:57:42 | 000,000,753 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.old
[2018.10.11 10:15:30 | 000,094,750 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\ceny jat_zvirat 24_9_2018.pdf
[2018.10.11 09:22:13 | 000,024,688 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2018.10.10 18:53:46 | 000,031,762 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\fa agregát.pdf
[2018.10.09 20:16:05 | 335,231,544 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x08.DVB-T.CZ.avi
[2018.10.09 19:48:22 | 007,567,568 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\uživatel\Dokumenty\AdwCleaner (1).exe
[2018.10.09 19:47:00 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\uživatel\Dokumenty\ATF-Cleaner (1).exe
[2018.10.09 19:46:12 | 388,765,696 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x07 cz.avi
[2018.10.09 19:00:34 | 004,980,528 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7.zip
[2018.10.08 22:15:10 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2018.10.06 23:13:27 | 000,002,098 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\papascheeseria_backup_Scarlett_day18.papa
[2018.10.03 18:36:20 | 000,000,327 | -HS- | M] () -- C:\boot.ini
[2018.10.02 21:22:17 | 439,611,392 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x02 cz.avi
[2018.10.02 12:21:08 | 000,020,106 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Švec Souhlas ke kolaudaci.pdf
[2018.09.26 18:31:27 | 000,055,683 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (3).rtf
[2018.09.26 18:29:43 | 000,069,253 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (2).rtf
[2018.09.26 18:28:35 | 000,069,253 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (1).rtf
[2018.09.25 19:59:33 | 000,077,077 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\prehled_nejpodstatnejsich_zmen_.pdf
[2018.09.25 19:59:17 | 000,330,051 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\souhrnny_prehled_s_vyznacenymi_zmenami_soukroma_klientela.pdf
[2018.09.23 11:38:52 | 391,190,528 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x17 cz.avi
[2018.09.21 20:03:27 | 398,069,760 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x16 cz.avi
[1 C:\Documents and Settings\uživatel\Dokumenty\*.tmp files -> C:\Documents and Settings\uživatel\Dokumenty\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018.10.16 23:31:49 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\MWAVSCAN.lnk
[2018.10.16 23:29:14 | 265,102,192 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\mwav.exe
[2018.10.16 22:35:24 | 010,744,757 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\routeros-mipsbe-6.42.9.npk
[2018.10.16 19:25:52 | 000,322,701 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\0720_150302074559_001.pdf
[2018.10.16 19:25:38 | 000,027,168 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\1844_180916084801_001.pdf
[2018.10.16 19:24:12 | 000,414,754 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\asavet_cenik_sluzeb_01122017.pdf
[2018.10.16 19:23:52 | 000,154,736 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\cenik pitev.pdf
[2018.10.16 18:15:41 | 000,069,253 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (7).rtf
[2018.10.16 18:15:25 | 000,052,338 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (6).rtf
[2018.10.16 18:14:57 | 000,055,683 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (5).rtf
[2018.10.16 08:45:46 | 194,901,128 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.01x02.DVB-T.CZ.avi
[2018.10.15 21:56:19 | 416,667,648 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 1x02 cz.avi
[2018.10.15 20:39:22 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\UnHackMe.lnk
[2018.10.15 20:35:57 | 019,077,265 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\unhackme (1).zip
[2018.10.15 20:26:07 | 019,077,265 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\unhackme.zip
[2018.10.14 19:29:39 | 000,745,424 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\zakon_o_stretu_zajmu.rtf
[2018.10.14 19:00:45 | 338,826,696 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x13.DVB-T.CZ.avi
[2018.10.14 11:24:48 | 338,516,374 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x12.DVB-T.CZ.avi
[2018.10.11 22:31:19 | 314,502,880 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x11.DVB-T.CZ.avi
[2018.10.11 21:22:51 | 319,947,110 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x10.DVB-T.CZ.avi
[2018.10.11 21:16:48 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2018.10.11 20:56:04 | 338,741,166 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x09.DVB-T.CZ.avi
[2018.10.11 10:15:29 | 000,094,750 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\ceny jat_zvirat 24_9_2018.pdf
[2018.10.10 18:53:42 | 000,031,762 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\fa agregát.pdf
[2018.10.09 20:08:41 | 335,231,544 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn.99.04x08.DVB-T.CZ.avi
[2018.10.09 19:38:00 | 388,765,696 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x07 cz.avi
[2018.10.09 19:00:19 | 004,980,528 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\realtek_rtl8139_6111_win7.zip
[2018.10.06 22:43:16 | 000,002,098 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\papascheeseria_backup_Scarlett_day18.papa
[2018.10.02 21:18:26 | 439,611,392 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 4x02 cz.avi
[2018.10.02 12:20:09 | 000,020,106 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Švec Souhlas ke kolaudaci.pdf
[2018.09.26 18:31:27 | 000,055,683 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (3).rtf
[2018.09.26 18:29:42 | 000,069,253 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (2).rtf
[2018.09.26 18:28:34 | 000,069,253 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\hlaseni (1).rtf
[2018.09.25 19:59:32 | 000,077,077 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\prehled_nejpodstatnejsich_zmen_.pdf
[2018.09.25 19:59:16 | 000,330,051 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\souhrnny_prehled_s_vyznacenymi_zmenami_soukroma_klientela.pdf
[2018.09.23 11:30:59 | 391,190,528 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x17 cz.avi
[2018.09.21 19:48:31 | 398,069,760 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Brooklyn 99 - 3x16 cz.avi
[2017.06.01 22:16:35 | 000,140,800 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\installer.dat
[2017.06.01 22:16:35 | 000,011,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\InstallationConfiguration.xml
[2017.06.01 22:16:28 | 000,126,464 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
[2017.06.01 22:16:28 | 000,070,800 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
[2017.06.01 22:16:28 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
[2017.06.01 22:16:28 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
[2017.06.01 22:16:27 | 007,306,240 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
[2017.06.01 22:16:27 | 001,897,408 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
[2017.06.01 22:16:11 | 000,140,800 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
[2017.06.01 22:16:11 | 000,016,512 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
[2014.02.20 19:32:01 | 000,002,709 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\recently-used.xbel
[2013.09.13 19:56:27 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.err
[2013.06.02 12:13:51 | 001,330,057 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-854245398-1383384898-839522115-1003-0.dat
[2013.06.02 12:13:50 | 000,192,190 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.08.29 21:43:43 | 000,047,104 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.13 16:46:11 | 006,639,616 | ---- | C] () -- C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
[2012.04.17 09:03:49 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
[2012.02.24 11:23:47 | 000,001,352 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
[2012.02.17 17:43:14 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
[2012.02.01 18:39:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\uživatel\netstat
[2011.12.31 16:14:53 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\uživatel\default.pls

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2011.12.28 12:30:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 09:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 09:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2011.12.29 12:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2013.03.14 12:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Applian
[2016.07.02 17:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2018.01.13 23:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2018.01.24 00:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlueStacks
[2018.01.24 00:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlueStacksSetup
[2018.10.03 18:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BoYans
[2013.07.25 13:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2013.12.04 22:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2012.03.29 20:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.01.20 16:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CORE
[2011.12.31 21:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.08.24 19:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Data aplikací
[2012.03.22 21:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.03.22 21:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2016.06.19 21:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2018.01.14 00:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2018.06.22 14:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FNI
[2012.01.15 12:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FTWeak
[2012.02.19 12:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HideIPEasy
[2018.06.22 14:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HIW
[2013.01.31 18:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2018.01.13 23:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2017.12.24 17:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2013.01.31 19:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2018.06.22 14:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NYG
[2015.05.10 11:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Oracle
[2018.01.28 20:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Particles
[2013.01.31 18:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2014.10.04 15:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1995-09.com.example
[2018.10.15 21:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RegRun
[2015.04.25 12:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RogueKiller
[2012.01.29 18:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Service ADVISOR
[2015.08.15 20:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2016.10.13 11:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sophos
[2013.05.01 12:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Steam
[2012.10.07 11:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SuperHideIP
[2014.10.31 20:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SystemRequirementsLab
[2018.10.12 20:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TDC
[2013.11.28 16:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2016.11.05 18:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.04.04 10:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2018.01.14 10:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\XZB
[2013.03.18 16:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Zoner
[2012.04.08 15:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\602Installer
[2014.09.14 11:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\602XML
[2013.02.07 14:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Agrowin 2012
[2016.07.02 17:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Ashampoo
[2015.11.22 20:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\AVG
[2013.05.06 20:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\CAD-KAS
[2014.04.10 14:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014.02.14 18:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Copy
[2012.02.19 12:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
[2012.02.19 12:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy 5.1.4.8_Crack_HideIPEasy.exe
[2015.08.22 17:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\DAEMON Tools Lite
[2018.01.28 20:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\DominiGames
[2012.04.09 12:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Dropbox
[2013.08.19 22:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\EMCO
[2018.02.28 11:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Epson
[2013.12.03 16:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\fizzy
[2012.01.15 12:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\FTweak
[2014.02.13 23:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\GHISLER
[2012.11.04 23:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\GlarySoft
[2012.02.19 12:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\HideIPEasy
[2014.08.02 20:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\ICQ
[2014.08.15 10:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Jpeg Resampler
[2013.12.10 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\LolClient
[2014.04.21 13:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\MultiBit
[2013.01.31 19:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Nokia
[2012.04.28 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Nuclear Coffee
[2017.06.01 22:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\ObviousIdea
[2012.02.13 22:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\OpenOffice.org
[2012.07.09 10:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Opera
[2013.11.16 21:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Opera Software
[2015.05.10 11:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Oracle
[2013.01.31 18:29:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\PC Suite
[2012.11.05 18:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Posta
[2012.01.23 20:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Product_RM
[2013.12.10 18:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Riot Games
[2013.04.10 11:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\ScanMaster-ELM
[2013.01.30 19:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\SimpleTV V03
[2012.10.07 11:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\SuperHideIP
[2012.02.13 15:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Teleca
[2018.04.18 19:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Thinstall
[2012.01.10 20:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Trine2
[2012.10.28 12:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\TuneUp Software
[2013.12.17 22:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\TV Online
[2012.01.08 17:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Ubisoft
[2014.04.12 18:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Unity
[2012.03.15 19:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Updatem
[2012.01.29 14:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\VitySoft
[2015.03.11 20:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Webshare
[2013.09.29 19:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Zoner

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 5632 bytes -> C:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys
@Alternate Data Stream - 5120 bytes -> C:\Documents and Settings\uživatel\Dokumenty\desktop.ini:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Šablony:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Plocha:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Data aplikací\desktop.ini:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Cookies:gs5sys
@Alternate Data Stream - 27982 bytes -> C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34

< End of report >

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38960
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 18 říj 2018 23:08

Odinstaluj:
MWAV
RegRun
RegRun2
TuneUp Software

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\uživatel\Dokumenty\*.tmp
C:\WINDOWS\system32\drivers\trufos.sys
C:\WINDOWS\System32\drivers\etc\hosts.old
C:\Documents and Settings\All Users\Data aplikací\AVG
C:\Documents and Settings\uživatel\Data aplikací\AVG
DRV - (PCIDump) -- File not found
DRV - (trufos) -- C:\WINDOWS\system32\drivers\trufos.sys (BitDefender S.R.L.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: File not found
[2012.12.15 20:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Extensions
[2012.12.24 22:05:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2018.04.16 14:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390\extensions
[2018.06.27 08:49:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 0.0.0.0 0x1f4b0.com
O1 - Hosts: 0.0.0.0 1q2w3.fun
O1 - Hosts: 0.0.0.0 1q2w3.website
O1 - Hosts: 0.0.0.0 2giga.dowload
O1 - Hosts: 0.0.0.0 2giga.link
O1 - Hosts: 0.0.0.0 8jd2lfsq.me
O1 - Hosts: 0.0.0.0 aalbbh84.info
O1 - Hosts: 0.0.0.0 acbp0020171456.page.tl
O1 - Hosts: 0.0.0.0 adless.io
O1 - Hosts: 0.0.0.0 ad-miner.com
O1 - Hosts: 0.0.0.0 adplusplus.fr
O1 - Hosts: 0.0.0.0 adrenali.gq
O1 - Hosts: 0.0.0.0 afflow.18-plus.net
O1 - Hosts: 0.0.0.0 afminer.com
O1 - Hosts: 0.0.0.0 ajcryptominer.com
O1 - Hosts: 0.0.0.0 ajplugins.com
O1 - Hosts: 0.0.0.0 akvideo.stream
O1 - Hosts: 0.0.0.0 allfontshere.press
O1 - Hosts: 0.0.0.0 altavista.ovh
O1 - Hosts: 0.0.0.0 amhixwqagiz.ru
O1 - Hosts: 0.0.0.0 analytics.blue
O1 - Hosts: 0.0.0.0 andlache.com
O1 - Hosts: 0.0.0.0 anime.reactor.cc
O1 - Hosts: 0.0.0.0 a-o.ninja
O1 - Hosts: 962 more lines...
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} https://forms.celnisprava.cz/webfiller/ ... bff_cs.cab (Reg Error: Key error.)
[2011.12.28 12:30:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 09:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 09:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
@Alternate Data Stream - 5632 bytes -> C:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys
@Alternate Data Stream - 5120 bytes -> C:\Documents and Settings\uživatel\Dokumenty\desktop.ini:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Šablony:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Plocha:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Data aplikací\desktop.ini:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Documents and Settings\uživatel\Cookies:gs5sys
@Alternate Data Stream - 27982 bytes -> C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" =-

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

C:\Documents and Settings\All Users\Data aplikací\BoYans
C:\Documents and Settings\All Users\Data aplikací\NYG
C:\Documents and Settings\All Users\Data aplikací\TDC
C:\Documents and Settings\All Users\Data aplikací\UDL
C:\Documents and Settings\All Users\Data aplikací\XZB
C:\Documents and Settings\uživatel\Data aplikací\Copy
--- to jsou programy?

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek G: spustit nástroj chkdsk.

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek H: spustit nástroj chkdsk.

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek K: spustit nástroj chkdsk.

Error - 18.10.2018 11:47:22 | Computer Name = ADMIN | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek L: spustit nástroj chkdsk.


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 19 říj 2018 09:00

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player NPAPI Notifier.job moved successfully.
c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job moved successfully.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\Opera scheduled Autoupdate 1374932067.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\uživatel\Dokumenty\62.tmp moved successfully.
C:\WINDOWS\system32\drivers\trufos.sys moved successfully.
C:\WINDOWS\System32\drivers\etc\hosts.old moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2012 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AV\DB folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AV\cfgall folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AV\$AVG\$VAULT folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AV\$AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AV folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\uživatel\Data aplikací\AVG\AWL2012\Dashboard folder moved successfully.
C:\Documents and Settings\uživatel\Data aplikací\AVG\AWL2012\Backups folder moved successfully.
C:\Documents and Settings\uživatel\Data aplikací\AVG\AWL2012 folder moved successfully.
C:\Documents and Settings\uživatel\Data aplikací\AVG\AV\cfgall folder moved successfully.
C:\Documents and Settings\uživatel\Data aplikací\AVG\AV folder moved successfully.
C:\Documents and Settings\uživatel\Data aplikací\AVG folder moved successfully.
File\Folder DRV - (PCIDump) -- File not found not found.
File\Folder DRV - (trufos) -- C:\WINDOWS\system32\drivers\trufos.sys (BitDefender S.R.L.) not found.
File\Folder IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
Invalid Switch: search?q={searchTerms}&FORM=IE8SRC
File\Folder IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
Invalid Switch: search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
Invalid Switch: PandoWebPlugin: File not found
Invalid Switch: vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
Invalid Switch: vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
Invalid Switch: vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
Invalid Switch: UnityPlayer,version=1.0: File not found
File\Folder [2012.12.15 20:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Extensions not found.
File\Folder [2012.12.24 22:05:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} not found.
File\Folder [2018.04.16 14:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390\extensions not found.
File\Folder [2018.06.27 08:49:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions not found.
File\Folder CHR - plugin: Error reading preferences file not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0 not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0 not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0 not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0 not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0 not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0 not found.
Folder CHR - Extension: No name found = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 not found.
File\Folder O1 - Hosts: 127.0.0.1 localhost not found.
File\Folder O1 - Hosts: 0.0.0.0 0x1f4b0.com not found.
File\Folder O1 - Hosts: 0.0.0.0 1q2w3.fun not found.
File\Folder O1 - Hosts: 0.0.0.0 1q2w3.website not found.
File\Folder O1 - Hosts: 0.0.0.0 2giga.dowload not found.
File\Folder O1 - Hosts: 0.0.0.0 2giga.link not found.
File\Folder O1 - Hosts: 0.0.0.0 8jd2lfsq.me not found.
File\Folder O1 - Hosts: 0.0.0.0 aalbbh84.info not found.
File\Folder O1 - Hosts: 0.0.0.0 acbp0020171456.page.tl not found.
File\Folder O1 - Hosts: 0.0.0.0 adless.io not found.
File\Folder O1 - Hosts: 0.0.0.0 ad-miner.com not found.
File\Folder O1 - Hosts: 0.0.0.0 adplusplus.fr not found.
File\Folder O1 - Hosts: 0.0.0.0 adrenali.gq not found.
File\Folder O1 - Hosts: 0.0.0.0 afflow.18-plus.net not found.
File\Folder O1 - Hosts: 0.0.0.0 afminer.com not found.
File\Folder O1 - Hosts: 0.0.0.0 ajcryptominer.com not found.
File\Folder O1 - Hosts: 0.0.0.0 ajplugins.com not found.
File\Folder O1 - Hosts: 0.0.0.0 akvideo.stream not found.
File\Folder O1 - Hosts: 0.0.0.0 allfontshere.press not found.
File\Folder O1 - Hosts: 0.0.0.0 altavista.ovh not found.
File\Folder O1 - Hosts: 0.0.0.0 amhixwqagiz.ru not found.
File\Folder O1 - Hosts: 0.0.0.0 analytics.blue not found.
File\Folder O1 - Hosts: 0.0.0.0 andlache.com not found.
File\Folder O1 - Hosts: 0.0.0.0 anime.reactor.cc not found.
File\Folder O1 - Hosts: 0.0.0.0 a-o.ninja not found.
File\Folder O1 - Hosts: 962 more lines... not found.
File\Folder O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found not found.
File\Folder O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present not found.
File\Folder O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present not found.
Invalid Switch: ... bff_cs.cab (Reg Error: Key error.)
File\Folder [2011.12.28 12:30:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini not found.
File\Folder [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File\Folder [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File\Folder [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File\Folder " = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 09:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation not found.
File\Folder ThreadingModel" = Apartmen not found.
File\Folder [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] not found.
File\Folder " = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation not found.
File\Folder ThreadingModel" = Fre not found.
File\Folder [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] not found.
File\Folder " = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 09:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation not found.
File\Folder ThreadingModel" = Bot not found.
ADS C:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys deleted successfully.
ADS C:\Documents and Settings\uživatel\Dokumenty\desktop.ini:gs5sys deleted successfully.
ADS C:\Documents and Settings\uživatel\Šablony:gs5sys deleted successfully.
ADS C:\Documents and Settings\uživatel\Plocha:gs5sys deleted successfully.
ADS C:\Documents and Settings\uživatel\Data aplikací\desktop.ini:gs5sys deleted successfully.
ADS C:\Documents and Settings\uživatel\Cookies:gs5sys deleted successfully.
ADS C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34 deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User

User: u~ivatel

User: uživatel

User: u×ivatel
->Temporary Internet Files folder emptied: 0 bytes

User: uživatel
->Temp folder emptied: 645115594 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 373683492 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3105 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 230313 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 4123222665 bytes

Total Files Cleaned = 4 904,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: User

User: u~ivatel

User: uživatel

User: u×ivatel

User: uživatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10192018_085247

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7bc.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 19 říj 2018 09:01

----------------------------------------------------------------------------
CrystalDiskInfo 4.2.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2018/10/19 9:01:12

-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller (IDE Mode) [ATA]
+ Primární kanál IDE (0)
- TSSTcorp CDDVDW SH-S223F
- WDC WD5000AADS-00S9B0
+ Sekundární kanál IDE (1)
- SAMSUNG HD502IJ
+ AMD PCI IDE Controller [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0 : 500.1 GB [0-0-0, pd1]
(2) SAMSUNG HD502IJ : 500.1 GB [1-1-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AADS-00S9B0
----------------------------------------------------------------------------
Model : WDC WD5000AADS-00S9B0
Firmware : 01.00A01
Serial Number : WD-WCAV9U944553
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 20519 hod.
Power On Count : 8463 krát
Temparature : 28 C (82 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 190 188 _21 000000000D93 Čas na roztočení ploten
04 _92 _92 __0 000000002163 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _72 _72 __0 000000005027 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _92 _92 __0 00000000210F Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000131 Počet vypnutí disku
C1 145 145 __0 000000028E3A Počet cyklů načítání/vymazání
C2 115 102 __0 00000000001C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 0000000000CD Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 56
020: 39 55 39 34 34 35 35 33 00 00 FF FF 00 32 30 31
030: 2E 30 30 41 30 31 57 44 43 20 57 44 35 30 30 30
040: 41 41 44 53 2D 30 30 53 39 42 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7D 61 41 23 74 69 BC 41 41 23
0B0: 40 7F 00 39 00 39 00 00 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 57 EF 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 04 8A 50 7F
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 D9 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8E A5

----------------------------------------------------------------------------
(2) SAMSUNG HD502IJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502IJ
Firmware : 1AA01113
Serial Number : S13TJ1MS201620
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 14988 hod.
Power On Count : 7747 krát
Temparature : 21 C (69 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _86 _86 _11 00000000139C Čas na roztočení ploten
04 _92 _92 __0 000000001E56 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _97 _97 __0 000000003A8C Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000001 Počet pokusů o překalibrování
0C _92 _92 __0 000000001E43 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000012 Neznámý
B8 _98 _98 __0 000000000002 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _84 _66 __0 0000100E0010 Teplota toku vzduchu
C2 _79 _65 __0 0000150E0015 Teplota
C3 100 100 __0 000000000E82 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 _99 __0 000000000149 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 40 3F FF C8 37 00 10 88 56 02 2A 00 3F 00 00
010: 00 00 00 00 53 31 33 54 4A 31 4D 53 32 30 31 36
020: 32 30 20 20 20 20 20 20 00 03 80 00 00 04 31 41
030: 41 30 31 31 31 33 53 41 4D 53 55 4E 47 20 48 44
040: 35 30 32 49 4A 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 4C 00 40
0A0: 00 F8 00 52 74 6B 7F 69 41 33 74 69 BC 41 41 23
0B0: 40 FF 00 39 00 39 00 00 FF FE 00 00 FE 00 00 08
0C0: 00 05 00 5D 86 A0 00 01 57 EF 3A 38 00 00 00 00
0D0: 00 64 00 00 00 00 00 00 50 02 4E 90 01 0D 2C 61
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 04 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B7 A5

mafian
Level 3.5
Level 3.5
Příspěvky: 714
Registrován: leden 07
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod mafian » 19 říj 2018 09:06

C:\Documents and Settings\All Users\Data aplikací\BoYans ----Byl program odstraněn.
C:\Documents and Settings\All Users\Data aplikací\NYG----prázdná složka
C:\Documents and Settings\All Users\Data aplikací\TDC---- nějaké soubory neznám
C:\Documents and Settings\All Users\Data aplikací\UDL----- nějaké soubory neznám
C:\Documents and Settings\All Users\Data aplikací\XZB---- nějaké soubory neznám
C:\Documents and Settings\uživatel\Data aplikací\Copy----- nějaké soubory neznám

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38960
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu

Příspěvekod jaro3 » 19 říj 2018 19:53

Co neznáš tak odinstaluj , smaž.

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 3 hosti