Trojan-Banker Vyřešeno

[bbdra]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-11-09 18:50:22
-----------------------------
18:50:22.187 OS Version: Windows 5.1.2600 Service Pack 3
18:50:22.187 Number of processors: 4 586 0x403
18:50:22.187 ComputerName: BBDRA-4E56AF2B9 UserName: 1234
18:50:24.234 Initialize success
18:50:24.265 VM: initialized successfully
18:50:24.265 VM: Amd CPU supported
18:50:40.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
18:50:40.250 Disk 0 Vendor: WDC_WD20EARS-00S8B1 80.00A80 Size: 1907729MB BusType: 3
18:50:40.250 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
18:50:40.250 Disk 1 Vendor: SAMSUNG_HD502HI 1AG01113 Size: 476940MB BusType: 3
18:50:40.453 Disk 0 MBR read successfully
18:50:40.453 Disk 0 MBR scan
18:50:40.453 Disk 0 unknown MBR code
18:50:40.828 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1907727 MB offset 14
18:50:40.828 Disk 0 Boot: NTFS code=1
18:50:40.828 Disk 0 scanning sectors +3907026900
18:50:40.859 Disk 0 scanning C:\WINDOWS\system32\drivers
18:50:47.812 Service scanning
18:50:50.015 Service cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys **LOCKED** 5
18:50:51.781 Service kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5
18:50:51.781 Service klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys **LOCKED** 5
18:50:51.859 Service kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys **LOCKED** 5
18:50:51.875 Service klflt C:\WINDOWS\system32\DRIVERS\klflt.sys **LOCKED** 5
18:50:51.890 Service klhk C:\WINDOWS\system32\DRIVERS\klhk.sys **LOCKED** 5
18:50:51.937 Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5
18:50:51.984 Service klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
18:50:52.000 Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5
18:50:52.000 Service kltdf C:\WINDOWS\system32\DRIVERS\kltdf.sys **LOCKED** 5
18:50:52.015 Service kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys **LOCKED** 5
18:50:52.015 Service kneps C:\WINDOWS\system32\DRIVERS\kneps.sys **LOCKED** 5
18:50:57.562 Modules scanning
18:50:57.562 Disk 0 trace - called modules:
18:50:57.578 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys amdide.sys PCIIDEX.SYS
18:50:57.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad97ab8]
18:50:57.578 3 CLASSPNP.SYS[b80f8fd7] -> nt!IofCallDriver -> \Device\00000079[0x8ade89e8]
18:50:57.578 5 ACPI.sys[b7a59620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8ad3bd98]
18:50:57.578 Disk 0 statistics 80027/0/0 @ 5,36 MB/s
18:50:57.578 Scan finished successfully
18:51:02.390 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\1234\Plocha\MBR.dat"
18:51:02.390 The log file has been saved successfully to "C:\Documents and Settings\1234\Plocha\aswMBR.txt"

[Reklama]

[bbdra]

Jinak problémy zatím setrvávají. Špatnou zprávou je, že virus tentokrát nebyl skenem detekován.

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[bbdra]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-11-2016
Ran by 1234 (administrator) on BBDRA-4E56AF2B9 (09-11-2016 23:41:24)
Running from C:\Documents and Settings\1234\Plocha
Loaded Profiles: 1234 (Available Profiles: Adam & 1234 & znk & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo) C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(VIA Technologies, Inc.) C:\WINDOWS\system32\KaraokeSer.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [15678752 2013-10-29] (NVIDIA Corporation)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-09-13] (LogMeIn Inc.)
HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{246B0004-9250-42B2-9B04-5ED47748EC56}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-725345543-1078081533-839522115-1005 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-11-05] (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-11-05] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-725345543-1078081533-839522115-1005 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-06-15] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2016-03-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-11-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-11-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2016-11-09]
CHR Extension: (Prezentace Google) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-09]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-09]
CHR Extension: (Disk Google) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-09]
CHR Extension: (YouTube) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-09]
CHR Extension: (Ochrana Kaspersky) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-11-09]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-09]
CHR Extension: (Gmail) - C:\Documents and Settings\1234\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-09]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/deta ... ihfajigkka

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
R2 ChromodoUpdater; C:\Program Files\Comodo\Chromodo\chromodo_updater.exe [2062384 2016-02-03] (Comodo)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1023728 2015-03-31] (Disc Soft Ltd)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2016-07-12] (Macrovision Europe Ltd.) [File not signed]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1958408 2016-09-13] (LogMeIn Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2016-11-05] (Oracle Corporation)
R2 KaraokeService; C:\WINDOWS\system32\KaraokeSer.exe [88696 2015-05-02] (VIA Technologies, Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-08-31] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-03-08] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-03-08] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
S3 Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [34036 1998-06-06] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11832 2015-05-01] (Advanced Micro Devices Inc.)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [25104 2016-02-21] (Disc Soft Ltd)
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2016-08-31] (LogMeIn, Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-05-01] (REALiX(tm))
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [57712 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [66976 2016-03-25] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [150408 2015-12-06] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [44216 2015-12-06] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [766360 2016-03-25] (AO Kaspersky Lab)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [36024 2015-06-04] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [37040 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [39304 2015-12-06] (AO Kaspersky Lab)
R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [73912 2015-06-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [21104 2013-03-08] (Malwarebytes Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-08-21] (CACE Technologies, Inc.)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [138040 2015-12-16] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
R1 uzmymzq1; C:\WINDOWS\system32\Drivers\uzmymzq1.sys [11264 2016-04-16] () [File not signed]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2561968 2015-05-02] (VIA Technologies, Inc.)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-09 23:41 - 2016-11-09 23:42 - 00015564 _____ C:\Documents and Settings\1234\Plocha\FRST.txt
2016-11-09 23:41 - 2016-11-09 23:41 - 00000000 ____D C:\FRST
2016-11-09 23:40 - 2016-11-09 23:40 - 01759744 _____ (Farbar) C:\Documents and Settings\1234\Plocha\FRST.exe
2016-11-09 18:51 - 2016-11-09 18:51 - 00000512 _____ C:\Documents and Settings\1234\Plocha\MBR.dat
2016-11-09 18:44 - 2016-11-09 23:41 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\znk\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2016-11-09 18:44 - 2016-11-09 18:44 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2016-11-09 18:22 - 2016-11-09 18:22 - 00000000 ____D C:\Documents and Settings\1234\Plocha\backups
2016-11-09 14:50 - 2016-11-09 14:51 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\lastview.bmp
2016-11-09 13:15 - 2016-11-09 13:15 - 00083231 _____ C:\Documents and Settings\Adam\Plocha\lastactivityview.zip
2016-11-09 12:52 - 2016-11-09 12:53 - 00000229 _____ C:\Documents and Settings\Adam\Plocha\ekniha.txt
2016-11-08 18:01 - 2016-11-08 18:02 - 00000000 ____D C:\Documents and Settings\1234\Plocha\Kolja
2016-11-08 11:39 - 2016-11-08 11:39 - 00435730 _____ C:\Documents and Settings\1234\Plocha\DSRC.bmp
2016-11-08 02:33 - 2016-11-08 02:33 - 00000756 _____ C:\Documents and Settings\All Users\Plocha\Exterminate It!.lnk
2016-11-07 21:40 - 2016-11-07 21:40 - 00000000 _____ C:\Documents and Settings\1234\Plocha\Nový objekt - Textový dokument (5).txt
2016-11-07 14:11 - 2016-11-07 14:11 - 00000159 _____ C:\Documents and Settings\Adam\Plocha\Nový objekt - Textový dokument (2).txt
2016-11-07 13:05 - 2016-11-07 13:05 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\dddfdffd.bmp
2016-11-07 11:02 - 2016-11-07 11:02 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\hlava.bmp
2016-11-07 10:51 - 2016-11-07 10:51 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\sdgsdg.bmp
2016-11-05 18:10 - 2016-11-05 18:10 - 03932214 _____ C:\Documents and Settings\1234\Plocha\skajpy.bmp
2016-11-05 17:22 - 2016-11-05 17:22 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\.minecraft
2016-11-05 16:53 - 2016-11-09 14:33 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:53 - 2016-11-05 16:53 - 00000000 __SHD C:\Documents and Settings\Default User\IETldCache
2016-11-05 16:53 - 2016-11-05 16:53 - 00000000 ____D C:\Documents and Settings\Default User\Data aplikací\Adobe
2016-11-05 16:53 - 2016-11-05 16:53 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\LogMeIn
2016-11-05 16:52 - 2016-11-06 09:59 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:52 - 2016-11-05 16:52 - 00000697 _____ C:\Documents and Settings\Adam\Plocha\LogMeIn Hamachi.lnk
2016-11-05 16:52 - 2016-11-05 16:52 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2016-11-05 16:52 - 2016-11-05 16:52 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2016-11-05 16:52 - 2016-08-31 15:46 - 00026176 ____H (LogMeIn, Inc.) C:\WINDOWS\system32\hamachi.sys
2016-11-05 16:51 - 2016-11-09 23:38 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:51 - 2016-11-09 23:38 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\LogMeIn Hamachi
2016-11-05 16:51 - 2016-11-05 16:51 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2016-11-05 16:51 - 2016-11-05 16:51 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\LogMeIn
2016-11-05 16:47 - 2016-11-05 16:47 - 08409088 _____ C:\Documents and Settings\Adam\Plocha\hamachi.msi
2016-11-05 12:14 - 2016-11-05 12:26 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\.technic
2016-11-05 12:01 - 2016-11-05 17:15 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\.technic
2016-11-05 12:01 - 2016-11-05 12:01 - 00000000 ____D C:\Program Files\Common Files\Java
2016-11-05 12:01 - 2016-11-05 12:00 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-11-05 12:00 - 2016-11-05 12:00 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-11-05 12:00 - 2016-11-05 12:00 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-11-05 12:00 - 2016-11-05 12:00 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-11-05 12:00 - 2016-11-05 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2016-11-05 11:58 - 2016-11-05 11:58 - 29141928 _____ (Oracle Corporation) C:\Documents and Settings\Adam\Plocha\jre-7u51-windows-i586.exe
2016-11-05 11:54 - 2016-11-05 11:54 - 04959431 _____ (Mc Phoenix Launcher) C:\Documents and Settings\Adam\Plocha\TLv4.0-238-32b-win.exe
2016-11-05 11:51 - 2016-11-05 12:00 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2016-11-05 11:43 - 2016-11-05 11:44 - 00000000 ____D C:\Documents and Settings\Adam\Plocha\.minecraft
2016-11-05 11:25 - 2016-11-05 11:25 - 05128391 _____ (Mc Phoenix Launcher) C:\Documents and Settings\Adam\Plocha\TLv4.0-238-64b-win.exe
2016-11-04 10:26 - 2016-11-04 10:26 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\ProductData
2016-11-03 20:35 - 2016-11-03 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2016-11-03 20:35 - 2016-11-03 20:35 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\ProductData
2016-11-03 20:33 - 2016-11-09 14:51 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Temp
2016-11-03 20:33 - 2016-11-03 20:20 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-11-03 20:19 - 2016-11-03 20:19 - 04186040 _____ C:\Documents and Settings\1234\Plocha\zoek.zip
2016-11-03 20:19 - 2003-01-24 00:11 - 01309184 _____ C:\Documents and Settings\1234\Plocha\zoek.exe
2016-11-03 19:07 - 2016-11-03 20:17 - 00006366 _____ C:\Documents and Settings\1234\Plocha\rklast.txt
2016-11-03 19:04 - 2016-11-03 19:04 - 00006274 _____ C:\Documents and Settings\1234\Plocha\rk_33.tmp
2016-11-03 06:28 - 2016-11-03 06:28 - 00014562 _____ C:\Documents and Settings\1234\Plocha\SophosVirusRemovalTool2.txt
2016-11-02 23:18 - 2016-11-02 23:18 - 00002465 _____ C:\Documents and Settings\All Users\Plocha\Sophos Virus Removal Tool.lnk
2016-11-02 23:18 - 2016-11-02 23:18 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sophos
2016-11-02 23:18 - 2016-11-02 23:18 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sophos
2016-11-02 23:17 - 2016-11-02 23:17 - 00000000 ____D C:\Program Files\Sophos
2016-11-02 16:00 - 2016-11-02 16:06 - 00000017 _____ C:\Documents and Settings\Adam\Plocha\rozvrh).txt
2016-11-01 21:17 - 2016-11-01 21:17 - 01631928 _____ (Malwarebytes) C:\Documents and Settings\1234\Plocha\JRT.exe
2016-11-01 21:01 - 2016-11-01 21:01 - 00001072 _____ C:\Documents and Settings\1234\Plocha\Nový objekt - Textový dokument (4).txt
2016-11-01 17:33 - 2016-11-01 17:33 - 00002104 _____ C:\Documents and Settings\1234\Plocha\MBAM-log-2016-11-01 (17-33-14).txt
2016-11-01 17:09 - 2016-11-01 17:10 - 00000084 _____ C:\Documents and Settings\1234\Plocha\míša rozvrh.txt
2016-10-28 20:03 - 2016-10-28 20:03 - 00000018 _____ C:\Documents and Settings\1234\Plocha\Nový objekt - Textový dokument (3).txt
2016-10-28 19:06 - 2016-10-28 19:06 - 01631928 _____ (Malwarebytes) C:\Documents and Settings\Adam\Plocha\JRT.exe
2016-10-28 19:06 - 2016-10-28 19:06 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Adam\Plocha\TFC.exe
2016-10-28 19:06 - 2016-10-28 19:06 - 00050688 _____ (Atribune.org) C:\Documents and Settings\Adam\Plocha\ATF-Cleaner.exe
2016-10-27 22:04 - 2016-11-01 16:14 - 03910208 _____ C:\Documents and Settings\1234\Plocha\adwcleaner_6.030.exe
2016-10-26 22:55 - 2016-10-26 22:55 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\fsdfdf.bmp
2016-10-26 22:54 - 2016-10-26 22:54 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\dsf.bmp
2016-10-25 00:13 - 2016-10-25 00:13 - 00000000 ____D C:\Program Files\Codemasters
2016-10-23 14:15 - 2016-10-23 14:15 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\jb.bmp
2016-10-22 00:27 - 2016-10-22 00:27 - 03932214 _____ C:\Documents and Settings\Adam\Plocha\twitch.bmp
2016-10-21 03:24 - 2016-10-31 21:07 - 00000833 _____ C:\Documents and Settings\Adam\Plocha\Itemy pro cci.txt
2016-10-19 13:16 - 2016-10-19 14:26 - 00000065 _____ C:\Documents and Settings\Adam\Plocha\Nový objekt - Textový dokument.txt
2016-10-19 03:38 - 2016-10-19 03:38 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\Google
2016-10-19 02:32 - 2016-10-19 02:33 - 100264280 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\1234\Plocha\KVRT.exe
2016-10-15 17:05 - 2016-10-31 18:45 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\TS3Client
2016-10-15 15:00 - 2016-10-15 15:00 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\CEF
2016-10-10 23:31 - 2016-10-11 04:45 - 00000000 ____D C:\Documents and Settings\Adam\Plocha\tracky

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-09 23:41 - 2016-03-06 23:37 - 00000000 ____D C:\Documents and Settings\1234\Plocha
2016-11-09 23:39 - 2016-03-10 21:52 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\Skype
2016-11-09 23:37 - 2015-04-30 23:12 - 00148400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-09 23:37 - 2015-04-30 21:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-09 23:37 - 2001-10-25 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-11-09 23:36 - 2016-03-10 23:36 - 00032566 _____ C:\WINDOWS\Tasks\SCHEDLGU.TXT
2016-11-09 23:36 - 2016-03-06 23:37 - 00000178 ___SH C:\Documents and Settings\1234\ntuser.ini
2016-11-09 23:35 - 2016-03-06 23:37 - 00000000 ____D C:\Documents and Settings\1234
2016-11-09 23:34 - 2016-03-15 09:55 - 00000000 ____D C:\WINDOWS\erdnt
2016-11-09 23:34 - 2016-03-15 09:55 - 00000000 ____D C:\Qoobox
2016-11-09 23:31 - 2015-05-01 21:47 - 00027430 _____ C:\WINDOWS\system32\nvAppTimestamps
2016-11-09 18:44 - 2015-04-30 21:30 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-11-09 18:40 - 2001-10-25 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-11-09 18:39 - 2015-05-02 03:33 - 00165298 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2016-11-09 18:39 - 2015-04-30 23:12 - 31719424 _____ C:\WINDOWS\system32\config\software.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 05242880 _____ C:\WINDOWS\system32\config\system.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 00290816 _____ C:\WINDOWS\system32\config\default.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 00057344 _____ C:\WINDOWS\system32\config\SECURITY.bak
2016-11-09 18:39 - 2015-04-30 23:12 - 00032768 _____ C:\WINDOWS\system32\config\SAM.bak
2016-11-09 18:33 - 2016-03-06 23:37 - 00000000 __RHD C:\Documents and Settings\1234\Data aplikací
2016-11-09 18:10 - 2016-06-02 14:41 - 00000000 ____D C:\Documents and Settings\1234\Dokumenty\Bandicam
2016-11-09 18:10 - 2016-04-17 11:43 - 00015872 _____ C:\Documents and Settings\1234\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-09 14:51 - 2015-04-30 21:31 - 00000000 ____D C:\Documents and Settings\Adam
2016-11-09 14:50 - 2015-06-08 17:03 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\Skype
2016-11-09 14:50 - 2015-04-30 21:31 - 00000000 ____D C:\Documents and Settings\Adam\Plocha
2016-11-08 23:13 - 2015-05-10 18:36 - 00044032 _____ C:\Documents and Settings\Adam\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-08 23:04 - 2015-05-08 23:19 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\Battle.net
2016-11-08 21:28 - 2015-05-08 23:18 - 00000000 ____D C:\Program Files\Battle.net
2016-11-08 20:24 - 2016-03-15 23:03 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\Battle.net
2016-11-08 17:38 - 2016-03-06 23:41 - 00026824 _____ C:\Documents and Settings\1234\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-11-08 11:58 - 2015-07-04 23:23 - 00000000 ____D C:\KMPlayer
2016-11-08 02:58 - 2015-05-02 02:06 - 00000000 ____D C:\Program Files\Exterminate It!
2016-11-08 02:33 - 2015-04-30 23:13 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-11-07 21:59 - 2015-04-30 23:12 - 00000000 ___HD C:\Documents and Settings\Default User
2016-11-07 16:10 - 2015-07-04 23:40 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\vlc
2016-11-07 00:06 - 2016-02-13 18:54 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\StarStableOnline
2016-11-06 10:09 - 2015-05-08 23:50 - 00000000 ____D C:\Program Files\Hearthstone
2016-11-06 00:49 - 2016-03-10 21:39 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\StarStableOnline
2016-11-05 16:53 - 2015-04-30 23:13 - 00000000 __RHD C:\Documents and Settings\Default User\Data aplikací
2016-11-05 16:53 - 2015-04-30 21:31 - 00000000 ___HD C:\Documents and Settings\Adam\Local Settings\Data aplikací
2016-11-05 16:52 - 2015-04-30 23:13 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-11-05 16:52 - 2015-04-30 23:13 - 00000000 ___HD C:\Documents and Settings\Default User\Local Settings\Data aplikací
2016-11-05 16:51 - 2016-03-06 23:37 - 00000000 ___HD C:\Documents and Settings\1234\Local Settings\Data aplikací
2016-11-05 16:51 - 2015-04-30 23:13 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-11-05 16:51 - 2015-04-30 23:05 - 00000000 ___HD C:\WINDOWS\inf
2016-11-05 12:43 - 2016-02-06 11:42 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\.minecraft
2016-11-05 12:22 - 2015-04-30 21:31 - 00000000 ___RD C:\Documents and Settings\Adam\Dokumenty\Obrázky
2016-11-05 12:14 - 2015-04-30 21:31 - 00000000 __RHD C:\Documents and Settings\Adam\Data aplikací
2016-11-05 11:51 - 2016-02-05 15:47 - 00000000 ____D C:\Program Files\Java
2016-11-05 11:26 - 2015-04-30 21:31 - 00000000 ___RD C:\Documents and Settings\Adam\Dokumenty
2016-11-05 10:03 - 2015-04-30 23:14 - 01237670 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-05 10:03 - 2001-10-25 13:00 - 00518494 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-05 10:03 - 2001-10-25 13:00 - 00110664 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-04 13:37 - 2016-06-15 10:49 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\vlc
2016-11-03 20:31 - 2016-03-14 23:37 - 00000000 ____D C:\zoek_backup
2016-11-03 20:30 - 2016-02-06 09:31 - 00000000 ____D C:\Documents and Settings\znk\Local Settings\Data aplikací\Google
2016-11-03 20:22 - 2016-02-06 09:30 - 00000000 __RHD C:\Documents and Settings\znk\Data aplikací
2016-11-03 20:17 - 2016-01-27 16:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956572$
2016-11-03 20:17 - 2016-01-27 16:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2347290$
2016-11-03 20:17 - 2016-01-27 04:06 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstall$
2016-11-03 06:30 - 2016-03-10 23:15 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-11-02 23:13 - 2016-08-30 21:25 - 00000000 ____D C:\Documents and Settings\Adam\Plocha\nové utility
2016-11-01 21:01 - 2015-04-30 23:05 - 00000000 ____D C:\WINDOWS\Driver Cache
2016-11-01 16:20 - 2015-05-02 02:14 - 00000000 ____D C:\AdwCleaner
2016-11-01 16:13 - 2016-03-11 14:39 - 00000000 ____D C:\Documents and Settings\1234\Plocha\utility
2016-10-28 05:00 - 2016-03-07 01:34 - 00611514 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-725345543-1078081533-839522115-1005-0.dat
2016-10-27 22:32 - 2015-05-02 03:34 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-10-27 22:02 - 2016-08-09 20:10 - 00000000 ____D C:\Documents and Settings\1234\Data aplikací\DAEMON Tools Lite
2016-10-25 04:25 - 2016-03-06 23:37 - 00000000 ___RD C:\Documents and Settings\1234\Nabídka Start\Programy
2016-10-25 00:04 - 2015-04-30 23:12 - 00000000 ____D C:\Documents and Settings
2016-10-23 18:32 - 2016-02-13 18:54 - 00000000 ____D C:\Documents and Settings\Adam\Local Settings\Data aplikací\StarStableOnline
2016-10-22 21:26 - 2015-07-26 18:47 - 00000000 ____D C:\Documents and Settings\Adam\Data aplikací\TS3Client
2016-10-19 23:20 - 2015-05-02 03:33 - 01739602 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-725345543-1078081533-839522115-1003-0.dat
2016-10-19 13:18 - 2015-05-02 03:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2016-10-19 03:38 - 2016-03-06 23:37 - 00000000 ____D C:\Documents and Settings\1234\Local Settings\Data aplikací\Google
2016-10-18 00:29 - 2016-02-11 19:15 - 00000000 ____D C:\Program Files\PokerStars.NET
2016-10-15 14:48 - 2016-05-31 16:44 - 00000479 _____ C:\Documents and Settings\1234\Plocha\Nový objekt - Textový dokument.txt
2016-10-11 05:07 - 2016-10-07 12:48 - 00001933 _____ C:\Documents and Settings\Adam\Plocha\playlist lastt.txt
2016-10-10 10:59 - 2016-09-25 23:07 - 00000000 ____D C:\Documents and Settings\Adam\Plocha\playlist14.10

==================== Files in the root of some directories =======

2016-04-17 11:43 - 2016-11-09 18:10 - 0015872 _____ () C:\Documents and Settings\1234\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[bbdra]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by 1234 (09-11-2016 23:42:22)
Running from C:\Documents and Settings\1234\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2016-01-27 01:37:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

1234 (S-1-5-21-725345543-1078081533-839522115-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\1234
Adam (S-1-5-21-725345543-1078081533-839522115-1003 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Adam
Administrator (S-1-5-21-725345543-1078081533-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-725345543-1078081533-839522115-1004 - Limited - Enabled)
Guest (S-1-5-21-725345543-1078081533-839522115-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-725345543-1078081533-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-725345543-1078081533-839522115-1002 - Limited - Disabled)
VUSR_BBDRA-4E56AF2B9 (S-1-5-21-725345543-1078081533-839522115-1006 - Limited - Enabled)
znk (S-1-5-21-725345543-1078081533-839522115-1007 - Limited - Enabled) => %SystemDrive%\Documents and Settings\znk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus (Disabled) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.8.1.21 (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version: - Microsoft Corporation)
Aktualizace zabezpečení pro Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Aktualizace zabezpečení produktu Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2705219-v2) (HKLM\...\KB2705219-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2879017) (HKLM\...\KB2879017) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2909212) (HKLM\...\KB2909212) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Bandicam (HKLM\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Blade & Soul (HKLM\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Borland Delphi 7 (HKLM\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.0 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cole2k Media - Codec Pack (Advanced) 7.1.0 (HKLM\...\Cole2k Media - Codec Pack) (Version: - Cole2k Media)
CrystalDiskInfo 6.8.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.8.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
DJ OldGames Package: William Shatners TekWar (HKLM\...\WilliamShatnersTekWar44) (Version: 1.0.3.0 - DJ)
Exterminate It! (HKLM\...\Exterminate It!) (Version: 2.12.05.30 - CURIOLAB S.M.B.A.)
ffdshow [rev 3154] [2009-12-09] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FL Studio 12.0.2 (HKLM\...\FL Studio 12_is1) (Version: - )
FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - )
Freemake Video Converter verze 4.1.6 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Chromodo (HKLM\...\Chromodo) (Version: 45.9.12.392 - Comodo)
Immortal Cities: Children of the Nile (HKLM\...\InstallShield_{667A1F4B-BFFA-4CF0-8C0B-6ED397370BCB}) (Version: 000.118.00075 - Tilted Mill Entertainment)
Immortal Cities: Children of the Nile (Version: 000.118.00075 - Tilted Mill Entertainment) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Magic ISO Maker v5.5 (build 0281) (HKLM\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Malwarebytes Anti-Malware verze 1.75.0.1100 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1100 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 6.0 Enterprise Edition (HKLM\...\Visual Studio 6.0 Enterprise Edition) (Version: - )
Microsoft VM for Java (HKLM\...\MsJavaVM) (Version: - )
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version: - )
MiniTool Partition Wizard Free 9.0 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 321.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 321.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Oprava hotfix aplikace Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version: - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Ovládací panel NVIDIA 321.01 (Version: 321.01 - NVIDIA Corporation) Hidden
Pharaoh (HKLM\...\Pharaoh) (Version: - )
Python 2.3 (HKLM\...\Python 2.3) (Version: - )
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.20.0000 - Realtek)
reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version: - )
Ruská - rozložení jako latinka (0.9.1) (HKLM\...\{6109059C-2784-4546-A353-7100A6882DF4}) (Version: 1.0.3.40 - Đonny)
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3 (HKLM\...\Ruska / Ukrajinska foneticka klavesnice_is1) (Version: 1.5 - )
Skype™ 7.18 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.18.111 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Star Stable (HKLM\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
Sugar Bytes Effectrix Demo 1.4.3 (HKLM\...\Effectrix_is1) (Version: 1.4.3 - Sugar Bytes)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VirtualDJ PRO Full (HKLM\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031517 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\TekWar\www.oldgames.sk.lnk -> hxxp:
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Caesar III Website.lnk -> hxxp://www.caesar3.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Impressions Games Official Website.lnk -> hxxp://www.impressionsgames.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Pharaoh Official Expansion Cleopatra Website.lnk -> hxxp://cleopatra.impressionsgames.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Pharaoh Web Site.lnk -> hxxp://www.pharaoh1.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Sierra Website.lnk -> hxxp://www.sierra.com/
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Impressions Games\Links\Zeus Master of Olympus Website.lnk -> hxxp://zeus.impressionsgames.com/

==================== Loaded Modules (Whitelisted) ==============

2008-03-29 16:42 - 2008-03-29 16:42 - 00159744 _____ () C:\WINDOWS\system32\mmfinfo.dll
2008-03-29 16:41 - 2008-03-29 16:41 - 00023552 _____ () C:\WINDOWS\system32\mkunicode.dll
2015-05-02 02:02 - 2015-02-20 09:03 - 00352256 _____ () C:\Program Files\WinRAR\rarlng.dll
2015-05-04 20:25 - 2015-03-25 14:12 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll
2004-08-17 14:49 - 2008-04-14 08:51 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\0670A9E26.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100sexlinks.com -> 100sexlinks.com

There are 4789 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-10-25 13:00 - 2016-11-09 18:40 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-725345543-1078081533-839522115-1005\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\Battle.net\Battle.net.exe] => Enabled:Battle.net
StandardProfile\AuthorizedApplications: [C:\Program Files\Hearthstone\Hearthstone.exe] => Enabled:Hearthstone
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Adam\Data aplikací\GameRanger\GameRanger\GameRanger.exe] => Enabled:GameRanger
StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe] => Enabled:NVIDIA Network Service TCP Exception (HTTPS)
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE] => Enabled:Microsoft (R) Visual Studio VSA RPC Event Creator
StandardProfile\AuthorizedApplications: [C:\Python23\pythonw.exe] => Enabled:pythonw
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Games\World_of_Tanks\WoTLauncher.exe] => Enabled:World of Tanks Launcher
StandardProfile\AuthorizedApplications: [C:\Games\World_of_Tanks\WorldOfTanks.exe] => Disabled:World of Tanks
StandardProfile\AuthorizedApplications: [C:\Program Files\Java\jre7\bin\javaw.exe] => Enabled:Java(TM) Platform SE binary
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows

==================== Restore Points =========================

09-11-2016 23:34:43 Kontrolní bod systému

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Metadata indexu obsahu nelze číst. (0xc0041801)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt sběrače nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Metadata indexu obsahu nelze číst. (0xc0041801)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (0x80070490)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Metadata indexu obsahu nelze číst. (0xc0041801)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
0x%08x (0xc0041800 - Index obsahu nelze číst. )

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Metadata indexu obsahu nelze číst. (0xc0041801)

Error: (11/08/2016 02:22:18 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
Index obsahu nelze číst. (0xc0041800)

Error: (11/08/2016 02:22:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (1508) Windows: Při otevírání souboru protokolu C:\Documents and Settings\All Users\Data aplikací\Microsoft\Search\Data\Applications\Windows\MSS01523.log došlo k chybě -1811.

Error: (11/07/2016 09:47:32 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\DOCUMENTS AND SETTINGS\ADAM\RECENT\DESKTOP.INI> v mapě algoritmu hash nebyla aktualizována.

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)

Error: (11/05/2016 12:13:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\DOCUMENTS AND SETTINGS\ADAM\RECENT\DESKTOP.INI> v mapě algoritmu hash nebyla aktualizována.

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)


System errors:
=============
Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:38:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. při pokusu o spuštění služby SENS s argumenty
za účelem spuštění serveru:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error: (11/09/2016 11:37:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba IPSEC Services byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2016 11:37:18 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7



= = = = = = = = = = = = = = = = = = = = M e m o r y i n f o = = = = = = = = = = = = = = = = = = = = = = = = = = =



P r o c e s s o r : A M D P h e n o m ( t m ) I I X 4 9 6 5 P r o c e s s o r

P e r c e n t a g e o f m e m o r y i n u s e : 3 4 %

T o t a l p h y s i c a l R A M : 3 3 2 7 . 2 3 M B

A v a i l a b l e p h y s i c a l R A M : 2 1 6 3 . 1 5 M B

T o t a l V i r t u a l : 5 2 0 6 . 1 M B

A v a i l a b l e V i r t u a l : 4 0 6 6 . 1 7 M B



= = = = = = = = = = = = = = = = = = = = D r i v e s = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =



Drive c: () (Fixed) (Total:1863.02 GB) (Free:1613.44 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:465.75 GB) (Free:463.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 70AAB22D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1DA49027)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-725345543-1078081533-839522115-1005 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
S4 IntelIde; no ImagePath
C:\Qoobox
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100sexlinks.com -> 100sexlinks.com

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[bbdra]

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Jak dlouho by se měla provádět oprava? Nechal jsem ho běžet asi hodinu a potom jsem restartoval PC, protože mi připadalo, že program neodpovídá.

[jaro3]

Zkus ten fix provést v nouz. režimu.

[bbdra]

Čištění se nepodařilo dokončit

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by 1234 (10-11-2016 19:50:00) Run:2
Running from C:\Documents and Settings\1234\Plocha
Loaded Profiles: 1234 (Available Profiles: Adam & 1234 & znk & Administrator)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-725345543-1078081533-839522115-1005 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
S4 IntelIde; no ImagePath
C:\Qoobox
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100sexlinks.com -> 100sexlinks.com

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => key removed successfully.

[bbdra]

Zkusil jsem to ještě jednou v normálním režimu a vypnul jsem si firewall + všechny spuštěné programy.
Nejde mi spustit Mbam (viz. příloha nahoře)

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-11-2016
Ran by 1234 (10-11-2016 20:00:42) Run:3
Running from C:\Documents and Settings\1234\Plocha
Loaded Profiles: 1234 (Available Profiles: Adam & 1234 & znk & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-725345543-1078081533-839522115-1005 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
S4 IntelIde; no ImagePath
C:\Qoobox
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-725345543-1078081533-839522115-1005\...\100sexlinks.com -> 100sexlinks.com

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-725345543-1078081533-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => key not found.
"HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}" => key removed successfully.
"HKCR\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => key removed successfully.
"HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => key removed successfully.
IntelIde => service removed successfully.
C:\Qoobox => moved successfully
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001night.biz" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net" => key removed successfully.
"HKU\S-1-5-21-725345543-1078081533-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com" => key removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 5093 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 66341 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/dllcache/drivers => 9946 B
Edge => 0 B
Chrome => 233472 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default User => 65829 B
All Users => 0 B
systemprofile => 65762 B
LocalService => 82526 B
NetworkService => 66164 B
Adam => 146516217 B
1234 => 1633874 B
znk => 33144 B
Administrator => 51937 B

RecycleBin => 0 B
EmptyTemp: => 141.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:01:07 ====

[bbdra]

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Takže pokud mám 4GB ram tak budu skenovat 3x2 = 6 hodin, nebo stačí spustit 3 memtesty souběžně?

[jaro3]

Ne stačí zase jen 2h.