Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018
Ran by Lada (administrator) on KANCELAR (25-08-2018 22:58:15)
Running from C:\Documents and Settings\Lada\Plocha
Loaded Profiles: Lada (Available Profiles: Lada & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-27] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-117609710-746137067-839522115-1003\...\Run: [AvastBrowserAutoLaunch_A276D37E8425F79FCF2FCB0E9AF35153] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1027624 2018-06-13] (AVAST Software)
HKU\S-1-5-21-117609710-746137067-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\OBCHOD~1.SCR [2135194 2008-08-28] ()
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [1163456 2016-01-10] (Adobe Systems Incorporated)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exesprestrt
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5DE48A0B-A119-4D21-8CE1-1E98628D3F95}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://atlas.centrum.cz/?utm_source=ch-sethp&utm_medium=ie-atlas-cz&utm_campaign=home
HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://atlas.centrum.cz/?utm_source=ch-sethp&utm_medium=ie-atlas-cz&utm_campaign=home
SearchScopes: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> 3AC374FC-8DCB-4AE5-8637-483CDFE8E029 URL = hxxp://searchou.com/q=
SearchScopes: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={CE1E7475-BBC0-4BB8-8596-A25ABDB76A1B}&mid=520c8d5eca2a47d3bd6ed15696890db2-f182bcce7bafc7ec7109b07b2d885ec97e699532&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-17 14:37:21&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2077543
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-27] (AVAST Software)
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-30] (Oracle Corporation)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-10-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> No Name - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No File
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-11] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default [2018-08-25]
FF user.js: detected! => C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\user.js [2013-11-04]
FF Homepage: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default -> about:home
FF Extension: (Avast SafePrice) - C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\Extensions\sp@avast.com.xpi [2017-11-17]
FF Extension: (Avast Online Security) - C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\Extensions\wrc@avast.com.xpi [2018-07-27]
FF SearchPlugin: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\searchplugins\privitize.xml [2013-11-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-20] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\15.2.0.5
FF Extension: (AVG Security Toolbar) - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\15.2.0.5 [2013-05-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2018-01-06] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> c:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://searchou.com/?id=3cddf037000000000000001fd06de441&affilt=5
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://mmgkbcihahpocjmclehpjejmgjmijcib/stubby.html"
CHR Profile: C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-08-25]
CHR Extension: (HowToSimplified) - C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2018-04-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\ChromeExt\15.2.0.5\avg.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-01-06] (Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-07-27] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-27] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-03-30] (Oracle Corporation)
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [266343 2006-09-29] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-07-27] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188352 2018-07-27] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-07-27] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284328 2018-07-27] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57976 2018-07-27] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [189240 2018-07-27] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-07-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [133680 2018-07-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70840 2018-07-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71848 2018-07-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784120 2018-07-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394928 2018-08-25] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205864 2018-07-27] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2015-01-20] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310784 2018-07-27] (AVAST Software)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-06-13] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129312 2014-08-11] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-25 22:58 - 2018-08-25 22:58 - 000015779 _____ C:\Documents and Settings\Lada\Plocha\FRST.txt
2018-08-25 22:58 - 2018-08-25 22:58 - 000000000 ____D C:\FRST
2018-08-25 12:21 - 2018-08-25 12:21 - 000000000 ____D C:\Program Files\AGEIA Technologies
2018-08-25 12:18 - 2014-07-02 20:40 - 003826628 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-08-25 12:10 - 2014-07-02 22:43 - 001054552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234052.dll
2018-08-25 12:10 - 2014-07-02 22:43 - 000906584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234052.dll
2018-08-25 12:10 - 2014-07-02 22:43 - 000019681 _____ C:\WINDOWS\system32\nvinfo.pb
2018-08-25 12:09 - 2018-08-25 12:09 - 001773568 _____ (Farbar) C:\Documents and Settings\Lada\Plocha\FRST.exe
2018-08-25 12:08 - 2018-08-25 12:08 - 000000000 ____D C:\NVIDIA
2018-08-25 12:03 - 2018-08-25 22:48 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\NVIDIA
2018-08-25 12:00 - 2018-08-25 12:00 - 000013300 _____ C:\Documents and Settings\Lada\Dokumenty\cc_20180825_120013.reg
2018-08-04 09:04 - 2018-08-04 09:04 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Stavební Újezd
2018-07-27 03:25 - 2018-07-27 03:25 - 000321752 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-25 22:58 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada\Plocha
2018-08-25 22:58 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Temp
2018-08-25 22:50 - 2017-04-05 05:34 - 000000310 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-08-25 22:50 - 2016-01-10 16:26 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-08-25 22:49 - 2001-10-25 16:00 - 000002300 _____ C:\WINDOWS\system32\wpa.dbl
2018-08-25 22:48 - 2018-06-28 21:18 - 000000970 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineCore.job
2018-08-25 22:48 - 2018-03-28 17:14 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-08-25 22:48 - 2014-03-20 13:30 - 000000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-25 22:48 - 2013-06-03 02:51 - 000000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2018-08-25 22:48 - 2011-01-21 23:26 - 001398808 ____C C:\WINDOWS\system32\nvdrsdb1.bin
2018-08-25 22:48 - 2011-01-21 23:26 - 000000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2018-08-25 22:48 - 2010-03-08 11:34 - 000000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-08-25 22:48 - 2010-02-25 11:16 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2018-08-25 22:48 - 2010-02-24 09:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-25 12:24 - 2018-06-28 21:18 - 000000974 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineUA.job
2018-08-25 12:21 - 2010-02-25 11:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-25 12:20 - 2010-02-25 10:39 - 000000000 ____D C:\WINDOWS\system32\ReinstallBackups
2018-08-25 12:20 - 2010-02-24 10:39 - 000000000 RSHDC C:\WINDOWS\system32\dllcache
2018-08-25 12:20 - 2010-02-24 10:39 - 000000000 ___HD C:\WINDOWS\inf
2018-08-25 12:16 - 2011-01-21 23:26 - 001163700 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2018-08-25 12:11 - 2012-06-10 21:20 - 000000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy\Příslušenství
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser
2018-08-25 12:09 - 2013-05-28 12:49 - 000008122 _____ C:\WINDOWS\system32\nvAppTimestamps
2018-08-25 12:03 - 2010-02-24 10:49 - 000000000 ___HD C:\Documents and Settings\Lada\Local Settings\Data aplikací
2018-08-25 12:01 - 2010-02-24 10:43 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-08-25 12:00 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty
2018-08-25 11:56 - 2010-09-27 18:05 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-25 11:45 - 2016-01-10 16:26 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-08-25 07:36 - 2012-07-11 13:15 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Míša
2018-08-25 07:34 - 2010-03-08 11:34 - 000000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-08-25 07:29 - 2010-03-08 11:39 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\Temp
2018-08-25 06:18 - 2010-02-24 10:39 - 000000000 ____D C:\WINDOWS\system32\npp
2018-08-25 06:05 - 2014-05-19 12:45 - 000394928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-23 07:44 - 2010-02-24 10:49 - 000000272 ___SH C:\Documents and Settings\Lada\ntuser.ini
2018-08-23 07:44 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada
2018-08-23 07:44 - 2010-02-24 09:58 - 000032550 ____N C:\WINDOWS\SchedLgU.Txt
2018-08-21 19:42 - 2016-04-03 09:18 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Soukromníci
2018-08-21 14:35 - 2010-03-03 10:15 - 000002561 _____ C:\Documents and Settings\Lada\Plocha\Microsoft Office Word 2003.lnk
2018-08-20 14:37 - 2010-05-26 21:02 - 005224960 _____ C:\Documents and Settings\Lada\Plocha\Rozpis3.xls
2018-08-12 22:55 - 2016-06-11 01:21 - 000000000 ____C C:\WINDOWS\system32\last.dump
2018-08-08 18:38 - 2014-03-20 13:30 - 000000214 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-02 09:24 - 2016-05-12 08:35 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Stodola
2018-08-02 09:08 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty\Obrázky
2018-08-02 07:01 - 2015-02-13 11:39 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty\Filmy
2018-08-02 06:56 - 2010-06-26 23:28 - 000000000 ____D C:\Documents and Settings\Lada\Data aplikací\vlc
2018-08-01 17:32 - 2010-03-29 03:52 - 000223232 _____ C:\Documents and Settings\Lada\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-01 10:35 - 2016-10-03 14:03 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Veteráni září 2016
2018-08-01 10:19 - 2017-09-24 20:07 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Veteráni
2018-07-27 07:30 - 2018-06-28 21:18 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\AVAST Software
2018-07-27 03:25 - 2017-11-17 01:04 - 000167552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-07-27 03:25 - 2016-01-10 02:42 - 000205864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-07-27 03:25 - 2014-05-19 12:45 - 000310784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-07-27 03:25 - 2014-05-19 12:45 - 000133680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-07-27 03:25 - 2014-05-19 12:45 - 000071848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-07-27 03:25 - 2014-05-19 12:45 - 000070840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-07-27 03:25 - 2014-05-19 12:45 - 000042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-07-27 03:24 - 2018-01-05 21:28 - 000189240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-07-27 03:24 - 2017-04-05 05:34 - 000284328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-07-27 03:24 - 2017-04-05 05:34 - 000188352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-07-27 03:24 - 2017-04-05 05:34 - 000164944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-07-27 03:24 - 2017-04-05 05:34 - 000057976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2018-07-27 03:24 - 2014-05-19 12:45 - 000784120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
==================== Files in the root of some directories =======
2013-04-01 03:25 - 2013-04-23 14:45 - 000000004 ____C () C:\Documents and Settings\Lada\Data aplikací\AltShell.ini
2010-03-03 14:15 - 2018-03-20 15:10 - 000000171 ____C () C:\Documents and Settings\Lada\Data aplikací\default.rss
2011-08-18 16:24 - 2011-08-18 16:24 - 000000000 ____C () C:\Documents and Settings\Lada\Data aplikací\downloads.m3u
2010-03-29 03:52 - 2018-08-01 17:32 - 000223232 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-25 13:29 - 2010-02-25 13:29 - 000000124 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\fusioncache.dat
2010-03-03 12:09 - 2010-03-03 21:39 - 000003170 ____C () C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
2013-06-12 16:57 - 2013-06-13 06:38 - 000000000 ____C () C:\Documents and Settings\All Users\Data aplikací\kjhy64.txt
2013-06-12 16:56 - 2013-06-12 16:56 - 000033280 _____ (Microsoft Corporation) C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe
[2008-04-14 14:00] - [2013-06-13 13:01] - 000507904 _____ (Microsoft Corporation) 8E5F533B806957A06E36D3DBB3C2273E
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o kontrolu
Ahoj,
vycisti PC s ADWCleanerom
vycisti PC s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prosim o kontrolu
# AdwCleaner v6.046 - Log vytvořen 27/08/2018 v 09:56:25
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-04-24.1 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Lada - KANCELAR
# Spuštěno z : C:\Documents and Settings\Lada\Dokumenty\Downloads\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\Avg_Update_0814tb
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\Avg_Update_1114tb
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\Avg_Update_1214tb
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Složka smazána: C:\Program Files\Conduit
[-] Složka smazána: C:\Program Files\myfree codec
[-] Složka smazána: C:\Program Files\Common Files\AVG Secure Search
***** [ Soubory ] *****
[-] Soubor smazán: C:\WINDOWS\system32\conduitEngine.tmp
[-] Soubor smazán: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] Soubor smazán: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] Soubor smazán: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Toolbar.CT2077543
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{038CB5C7-48EA-4AF9-94E0-A1646542E62B}]
[-] Klíč smazán: HKU\.DEFAULT\Software\AVG Secure Search
[-] Klíč smazán: HKU\.DEFAULT\Software\Auslogics
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\DownLite
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\IGearSettings
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\PriceGong
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\YahooPartnerToolbar
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Auslogics
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\AVG Secure Search
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Auslogics
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\DownLite
[#] Klíč smazán po restartu: HKCU\Software\IGearSettings
[#] Klíč smazán po restartu: HKCU\Software\PriceGong
[#] Klíč smazán po restartu: HKCU\Software\YahooPartnerToolbar
[#] Klíč smazán po restartu: HKCU\Software\Auslogics
[-] Klíč smazán: HKLM\SOFTWARE\AVG Secure Search
[-] Klíč smazán: HKLM\SOFTWARE\AVG Security Toolbar
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\3AC374FC-8DCB-4AE5-8637-483CDFE8E029
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\3AC374FC-8DCB-4AE5-8637-483CDFE8E029
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt
[-] Klíč smazán: HKCU\Toolbar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Klíč smazán: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klíč smazán: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Hodnota smazána: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[#] Hodnota smazána po restartu: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[#] Hodnota smazána po restartu: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [10314 Bajty] - [27/08/2018 09:56:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [10224 Bajty] - [27/08/2018 09:54:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10462 Bajty] ##########
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-04-24.1 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Lada - KANCELAR
# Spuštěno z : C:\Documents and Settings\Lada\Dokumenty\Downloads\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\Avg_Update_0814tb
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\Avg_Update_1114tb
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\Avg_Update_1214tb
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Složka smazána: C:\Program Files\Conduit
[-] Složka smazána: C:\Program Files\myfree codec
[-] Složka smazána: C:\Program Files\Common Files\AVG Secure Search
***** [ Soubory ] *****
[-] Soubor smazán: C:\WINDOWS\system32\conduitEngine.tmp
[-] Soubor smazán: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] Soubor smazán: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] Soubor smazán: C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Toolbar.CT2077543
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{038CB5C7-48EA-4AF9-94E0-A1646542E62B}]
[-] Klíč smazán: HKU\.DEFAULT\Software\AVG Secure Search
[-] Klíč smazán: HKU\.DEFAULT\Software\Auslogics
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\DownLite
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\IGearSettings
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\PriceGong
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\YahooPartnerToolbar
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Auslogics
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\AVG Secure Search
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Auslogics
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\DownLite
[#] Klíč smazán po restartu: HKCU\Software\IGearSettings
[#] Klíč smazán po restartu: HKCU\Software\PriceGong
[#] Klíč smazán po restartu: HKCU\Software\YahooPartnerToolbar
[#] Klíč smazán po restartu: HKCU\Software\Auslogics
[-] Klíč smazán: HKLM\SOFTWARE\AVG Secure Search
[-] Klíč smazán: HKLM\SOFTWARE\AVG Security Toolbar
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\3AC374FC-8DCB-4AE5-8637-483CDFE8E029
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\3AC374FC-8DCB-4AE5-8637-483CDFE8E029
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt
[-] Klíč smazán: HKCU\Toolbar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Klíč smazán: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klíč smazán: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Hodnota smazána: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[#] Hodnota smazána po restartu: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[#] Hodnota smazána po restartu: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [10314 Bajty] - [27/08/2018 09:56:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [10224 Bajty] - [27/08/2018 09:54:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10462 Bajty] ##########
Re: prosim o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018
Ran by Lada (administrator) on KANCELAR (27-08-2018 10:09:06)
Running from C:\Documents and Settings\Lada\Plocha
Loaded Profiles: Lada (Available Profiles: Lada & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-27] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKU\S-1-5-21-117609710-746137067-839522115-1003\...\Run: [AvastBrowserAutoLaunch_A276D37E8425F79FCF2FCB0E9AF35153] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1027624 2018-06-13] (AVAST Software)
HKU\S-1-5-21-117609710-746137067-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\OBCHOD~1.SCR [2135194 2008-08-28] ()
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [1163456 2016-01-10] (Adobe Systems Incorporated)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exesprestrt
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5DE48A0B-A119-4D21-8CE1-1E98628D3F95}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://atlas.centrum.cz/?utm_source=ch-sethp&utm_medium=ie-atlas-cz&utm_campaign=home
HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://atlas.centrum.cz/?utm_source=ch-sethp&utm_medium=ie-atlas-cz&utm_campaign=home
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-27] (AVAST Software)
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-10-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default [2018-08-25]
FF user.js: detected! => C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\user.js [2013-11-04]
FF Homepage: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default -> about:home
FF Extension: (Avast SafePrice) - C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\Extensions\sp@avast.com.xpi [2017-11-17]
FF Extension: (Avast Online Security) - C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\Extensions\wrc@avast.com.xpi [2018-07-27]
FF SearchPlugin: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\searchplugins\privitize.xml [2013-11-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-20] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2018-01-06] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> c:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://searchou.com/?id=3cddf037000000000000001fd06de441&affilt=5
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default -> Not-active:"chrome-extension://mmgkbcihahpocjmclehpjejmgjmijcib/stubby.html"
CHR Profile: C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-08-27]
CHR Extension: (HowToSimplified) - C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2018-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-01-06] (Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-07-27] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-27] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-03-30] (Oracle Corporation)
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [266343 2006-09-29] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-07-27] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188352 2018-07-27] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-07-27] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284328 2018-07-27] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57976 2018-07-27] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [189240 2018-07-27] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-07-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [133680 2018-07-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70840 2018-07-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71848 2018-07-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784120 2018-07-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394928 2018-08-25] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205864 2018-07-27] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2015-01-20] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310784 2018-07-27] (AVAST Software)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-06-13] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129312 2014-08-11] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-27 09:53 - 2018-08-27 09:56 - 000000000 ____D C:\AdwCleaner
2018-08-26 23:55 - 2018-08-26 23:55 - 000002489 _____ C:\Documents and Settings\Lada\Plocha\Windows 7 USB DVD Download Tool.lnk
2018-08-26 23:55 - 2018-08-26 23:55 - 000000000 ____D C:\Documents and Settings\Lada\Nabídka Start\Programy\Windows 7 USB DVD Download Tool
2018-08-26 23:54 - 2018-08-26 23:54 - 000000000 __HDC C:\WINDOWS\$NtUninstallKB932716-v2$
2018-08-26 23:54 - 2008-05-02 15:30 - 000465920 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2018-08-26 23:54 - 2008-05-02 15:30 - 000465920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2fs.dll
2018-08-26 23:54 - 2008-05-02 15:30 - 000317440 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2018-08-26 23:54 - 2008-05-02 15:30 - 000317440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2.dll
2018-08-26 23:54 - 2008-05-02 12:49 - 000062976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cdrom.sys
2018-08-26 23:32 - 2014-07-02 22:43 - 000019681 _____ C:\WINDOWS\system32\nvinfo.pb
2018-08-26 23:07 - 2018-08-26 23:07 - 000000548 _____ C:\Documents and Settings\Lada\Plocha\Total Commander.lnk
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\totalcmd
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\Documents and Settings\Lada\Nabídka Start\Programy\Total Commander
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\GHISLER
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\Documents and Settings\Lada\Data aplikací\GHISLER
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\UC.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\RAR.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\PKZIP.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\PKUNZIP.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\LHA.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\ARJ.PIF
2018-08-26 13:45 - 2018-08-26 13:45 - 000001917 _____ C:\WINDOWS\imsins.BAK
2018-08-25 22:59 - 2018-08-25 22:59 - 000033968 _____ C:\Documents and Settings\Lada\Plocha\Addition.txt
2018-08-25 22:58 - 2018-08-27 10:09 - 000013981 _____ C:\Documents and Settings\Lada\Plocha\FRST.txt
2018-08-25 22:58 - 2018-08-27 10:09 - 000000000 ____D C:\FRST
2018-08-25 12:21 - 2018-08-25 12:21 - 000000000 ____D C:\Program Files\AGEIA Technologies
2018-08-25 12:18 - 2014-07-02 20:40 - 003826628 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-08-25 12:10 - 2014-07-02 22:43 - 001054552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234052.dll
2018-08-25 12:10 - 2014-07-02 22:43 - 000906584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234052.dll
2018-08-25 12:09 - 2018-08-25 12:09 - 001773568 _____ (Farbar) C:\Documents and Settings\Lada\Plocha\FRST.exe
2018-08-25 12:08 - 2018-08-25 12:08 - 000000000 ____D C:\NVIDIA
2018-08-25 12:03 - 2018-08-25 22:48 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\NVIDIA
2018-08-25 12:00 - 2018-08-25 12:00 - 000013300 _____ C:\Documents and Settings\Lada\Dokumenty\cc_20180825_120013.reg
2018-08-04 09:04 - 2018-08-04 09:04 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Stavební Újezd
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-27 10:09 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Temp
2018-08-27 10:07 - 2016-03-24 17:15 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Míša
2018-08-27 09:58 - 2018-06-28 21:18 - 000000970 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineCore.job
2018-08-27 09:58 - 2018-03-28 17:14 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-08-27 09:58 - 2017-04-05 05:34 - 000000310 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-08-27 09:58 - 2014-03-20 13:30 - 000000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-27 09:58 - 2013-06-03 02:51 - 000000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2018-08-27 09:58 - 2010-03-08 11:34 - 000000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-08-27 09:58 - 2010-02-24 09:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-27 09:58 - 2001-10-25 16:00 - 000002300 _____ C:\WINDOWS\system32\wpa.dbl
2018-08-27 09:56 - 2010-02-24 10:49 - 000000272 ___SH C:\Documents and Settings\Lada\ntuser.ini
2018-08-27 09:56 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada
2018-08-27 09:56 - 2010-02-24 09:58 - 000032400 _____ C:\WINDOWS\SchedLgU.Txt
2018-08-27 09:55 - 2010-02-24 10:43 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2018-08-27 09:45 - 2016-01-10 16:26 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-08-27 09:34 - 2010-03-08 11:34 - 000000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-08-27 09:24 - 2018-06-28 21:18 - 000000974 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineUA.job
2018-08-27 08:07 - 2013-05-28 12:49 - 000008746 _____ C:\WINDOWS\system32\nvAppTimestamps
2018-08-27 07:55 - 2011-01-21 23:26 - 001398808 ____C C:\WINDOWS\system32\nvdrsdb1.bin
2018-08-27 07:55 - 2011-01-21 23:26 - 000000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2018-08-27 00:33 - 2011-01-21 23:26 - 001163700 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2018-08-26 23:55 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Nabídka Start\Programy
2018-08-26 23:55 - 2010-02-24 10:49 - 000000000 ___HD C:\Documents and Settings\Lada\Local Settings\Data aplikací
2018-08-26 23:55 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada\Plocha
2018-08-26 23:54 - 2010-02-24 10:39 - 000000000 RSHDC C:\WINDOWS\system32\dllcache
2018-08-26 23:54 - 2010-02-24 10:39 - 000000000 ___HD C:\WINDOWS\inf
2018-08-26 23:50 - 2010-06-26 23:28 - 000000000 ____D C:\Documents and Settings\Lada\Data aplikací\vlc
2018-08-26 23:48 - 2010-03-29 03:52 - 000223744 _____ C:\Documents and Settings\Lada\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-26 23:48 - 2010-02-25 10:39 - 000000000 ____D C:\WINDOWS\system32\ReinstallBackups
2018-08-26 23:36 - 2010-02-25 11:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-26 23:13 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty
2018-08-26 23:07 - 2010-02-24 10:49 - 000000000 __RHD C:\Documents and Settings\Lada\Data aplikací
2018-08-26 14:50 - 2010-02-24 10:43 - 000000000 ____D C:\Documents and Settings\All Users
2018-08-26 14:21 - 2010-05-20 19:19 - 002151936 __SHC C:\Documents and Settings\Lada\Dokumenty\Thumbs.db
2018-08-26 14:20 - 2018-01-03 18:01 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\BMW
2018-08-26 14:14 - 2016-05-12 08:35 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Stodola
2018-08-25 23:50 - 2016-01-10 16:26 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-08-25 22:48 - 2010-02-25 11:16 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2018-08-25 12:11 - 2012-06-10 21:20 - 000000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy\Příslušenství
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser
2018-08-25 12:01 - 2010-02-24 10:43 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-08-25 11:56 - 2010-09-27 18:05 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-25 07:36 - 2012-07-11 13:15 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Míša
2018-08-25 07:29 - 2010-03-08 11:39 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\Temp
2018-08-25 06:18 - 2010-02-24 10:39 - 000000000 ____D C:\WINDOWS\system32\npp
2018-08-25 06:05 - 2014-05-19 12:45 - 000394928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-21 19:42 - 2016-04-03 09:18 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Soukromníci
2018-08-21 14:35 - 2010-03-03 10:15 - 000002561 _____ C:\Documents and Settings\Lada\Plocha\Microsoft Office Word 2003.lnk
2018-08-20 14:37 - 2010-05-26 21:02 - 005224960 _____ C:\Documents and Settings\Lada\Plocha\Rozpis3.xls
2018-08-12 22:55 - 2016-06-11 01:21 - 000000000 ____C C:\WINDOWS\system32\last.dump
2018-08-08 18:38 - 2014-03-20 13:30 - 000000214 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-02 09:08 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty\Obrázky
2018-08-02 07:01 - 2015-02-13 11:39 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty\Filmy
2018-08-01 10:35 - 2016-10-03 14:03 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Veteráni září 2016
2018-08-01 10:19 - 2017-09-24 20:07 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Veteráni
==================== Files in the root of some directories =======
2013-04-01 03:25 - 2013-04-23 14:45 - 000000004 ____C () C:\Documents and Settings\Lada\Data aplikací\AltShell.ini
2010-03-03 14:15 - 2018-03-20 15:10 - 000000171 ____C () C:\Documents and Settings\Lada\Data aplikací\default.rss
2011-08-18 16:24 - 2011-08-18 16:24 - 000000000 ____C () C:\Documents and Settings\Lada\Data aplikací\downloads.m3u
2010-03-29 03:52 - 2018-08-26 23:48 - 000223744 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-25 23:19 - 2018-08-26 06:40 - 000136428 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\FASTWiz.log
2010-02-25 13:29 - 2010-02-25 13:29 - 000000124 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\fusioncache.dat
2010-03-03 12:09 - 2010-03-03 21:39 - 000003170 ____C () C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
2013-06-12 16:57 - 2013-06-13 06:38 - 000000000 ____C () C:\Documents and Settings\All Users\Data aplikací\kjhy64.txt
2013-06-12 16:56 - 2013-06-12 16:56 - 000033280 _____ (Microsoft Corporation) C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe
[2008-04-14 14:00] - [2013-06-13 13:01] - 000507904 _____ (Microsoft Corporation) 8E5F533B806957A06E36D3DBB3C2273E
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Ran by Lada (administrator) on KANCELAR (27-08-2018 10:09:06)
Running from C:\Documents and Settings\Lada\Plocha
Loaded Profiles: Lada (Available Profiles: Lada & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-27] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKU\S-1-5-21-117609710-746137067-839522115-1003\...\Run: [AvastBrowserAutoLaunch_A276D37E8425F79FCF2FCB0E9AF35153] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1027624 2018-06-13] (AVAST Software)
HKU\S-1-5-21-117609710-746137067-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\OBCHOD~1.SCR [2135194 2008-08-28] ()
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [1163456 2016-01-10] (Adobe Systems Incorporated)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exesprestrt
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5DE48A0B-A119-4D21-8CE1-1E98628D3F95}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://atlas.centrum.cz/?utm_source=ch-sethp&utm_medium=ie-atlas-cz&utm_campaign=home
HKU\S-1-5-21-117609710-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://atlas.centrum.cz/?utm_source=ch-sethp&utm_medium=ie-atlas-cz&utm_campaign=home
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-27] (AVAST Software)
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-10-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-117609710-746137067-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default [2018-08-25]
FF user.js: detected! => C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\user.js [2013-11-04]
FF Homepage: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default -> about:home
FF Extension: (Avast SafePrice) - C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\Extensions\sp@avast.com.xpi [2017-11-17]
FF Extension: (Avast Online Security) - C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\Extensions\wrc@avast.com.xpi [2018-07-27]
FF SearchPlugin: C:\Documents and Settings\Lada\Data aplikací\Mozilla\Firefox\Profiles\m9hmjra3.default\searchplugins\privitize.xml [2013-11-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-20] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2018-01-06] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> c:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://searchou.com/?id=3cddf037000000000000001fd06de441&affilt=5
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default -> Not-active:"chrome-extension://mmgkbcihahpocjmclehpjejmgjmijcib/stubby.html"
CHR Profile: C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-08-27]
CHR Extension: (HowToSimplified) - C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2018-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Lada\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-01-06] (Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-07-27] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-27] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-03-30] (Oracle Corporation)
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [266343 2006-09-29] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-07-27] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188352 2018-07-27] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-07-27] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284328 2018-07-27] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57976 2018-07-27] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [189240 2018-07-27] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-07-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [133680 2018-07-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70840 2018-07-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71848 2018-07-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784120 2018-07-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394928 2018-08-25] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205864 2018-07-27] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2015-01-20] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310784 2018-07-27] (AVAST Software)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-06-13] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129312 2014-08-11] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-27 09:53 - 2018-08-27 09:56 - 000000000 ____D C:\AdwCleaner
2018-08-26 23:55 - 2018-08-26 23:55 - 000002489 _____ C:\Documents and Settings\Lada\Plocha\Windows 7 USB DVD Download Tool.lnk
2018-08-26 23:55 - 2018-08-26 23:55 - 000000000 ____D C:\Documents and Settings\Lada\Nabídka Start\Programy\Windows 7 USB DVD Download Tool
2018-08-26 23:54 - 2018-08-26 23:54 - 000000000 __HDC C:\WINDOWS\$NtUninstallKB932716-v2$
2018-08-26 23:54 - 2008-05-02 15:30 - 000465920 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2018-08-26 23:54 - 2008-05-02 15:30 - 000465920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2fs.dll
2018-08-26 23:54 - 2008-05-02 15:30 - 000317440 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2018-08-26 23:54 - 2008-05-02 15:30 - 000317440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2.dll
2018-08-26 23:54 - 2008-05-02 12:49 - 000062976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cdrom.sys
2018-08-26 23:32 - 2014-07-02 22:43 - 000019681 _____ C:\WINDOWS\system32\nvinfo.pb
2018-08-26 23:07 - 2018-08-26 23:07 - 000000548 _____ C:\Documents and Settings\Lada\Plocha\Total Commander.lnk
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\totalcmd
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\Documents and Settings\Lada\Nabídka Start\Programy\Total Commander
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\GHISLER
2018-08-26 23:07 - 2018-08-26 23:07 - 000000000 ____D C:\Documents and Settings\Lada\Data aplikací\GHISLER
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\UC.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\RAR.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\PKZIP.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\PKUNZIP.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\LHA.PIF
2018-08-26 23:07 - 2018-08-21 09:21 - 000000545 _____ C:\WINDOWS\ARJ.PIF
2018-08-26 13:45 - 2018-08-26 13:45 - 000001917 _____ C:\WINDOWS\imsins.BAK
2018-08-25 22:59 - 2018-08-25 22:59 - 000033968 _____ C:\Documents and Settings\Lada\Plocha\Addition.txt
2018-08-25 22:58 - 2018-08-27 10:09 - 000013981 _____ C:\Documents and Settings\Lada\Plocha\FRST.txt
2018-08-25 22:58 - 2018-08-27 10:09 - 000000000 ____D C:\FRST
2018-08-25 12:21 - 2018-08-25 12:21 - 000000000 ____D C:\Program Files\AGEIA Technologies
2018-08-25 12:18 - 2014-07-02 20:40 - 003826628 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-08-25 12:10 - 2014-07-02 22:43 - 001054552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234052.dll
2018-08-25 12:10 - 2014-07-02 22:43 - 000906584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234052.dll
2018-08-25 12:09 - 2018-08-25 12:09 - 001773568 _____ (Farbar) C:\Documents and Settings\Lada\Plocha\FRST.exe
2018-08-25 12:08 - 2018-08-25 12:08 - 000000000 ____D C:\NVIDIA
2018-08-25 12:03 - 2018-08-25 22:48 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\NVIDIA
2018-08-25 12:00 - 2018-08-25 12:00 - 000013300 _____ C:\Documents and Settings\Lada\Dokumenty\cc_20180825_120013.reg
2018-08-04 09:04 - 2018-08-04 09:04 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Stavební Újezd
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-27 10:09 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Temp
2018-08-27 10:07 - 2016-03-24 17:15 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Míša
2018-08-27 09:58 - 2018-06-28 21:18 - 000000970 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineCore.job
2018-08-27 09:58 - 2018-03-28 17:14 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-08-27 09:58 - 2017-04-05 05:34 - 000000310 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-08-27 09:58 - 2014-03-20 13:30 - 000000220 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-27 09:58 - 2013-06-03 02:51 - 000000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2018-08-27 09:58 - 2010-03-08 11:34 - 000000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-08-27 09:58 - 2010-02-24 09:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-27 09:58 - 2001-10-25 16:00 - 000002300 _____ C:\WINDOWS\system32\wpa.dbl
2018-08-27 09:56 - 2010-02-24 10:49 - 000000272 ___SH C:\Documents and Settings\Lada\ntuser.ini
2018-08-27 09:56 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada
2018-08-27 09:56 - 2010-02-24 09:58 - 000032400 _____ C:\WINDOWS\SchedLgU.Txt
2018-08-27 09:55 - 2010-02-24 10:43 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2018-08-27 09:45 - 2016-01-10 16:26 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-08-27 09:34 - 2010-03-08 11:34 - 000000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-08-27 09:24 - 2018-06-28 21:18 - 000000974 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineUA.job
2018-08-27 08:07 - 2013-05-28 12:49 - 000008746 _____ C:\WINDOWS\system32\nvAppTimestamps
2018-08-27 07:55 - 2011-01-21 23:26 - 001398808 ____C C:\WINDOWS\system32\nvdrsdb1.bin
2018-08-27 07:55 - 2011-01-21 23:26 - 000000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2018-08-27 00:33 - 2011-01-21 23:26 - 001163700 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2018-08-26 23:55 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Nabídka Start\Programy
2018-08-26 23:55 - 2010-02-24 10:49 - 000000000 ___HD C:\Documents and Settings\Lada\Local Settings\Data aplikací
2018-08-26 23:55 - 2010-02-24 10:49 - 000000000 ____D C:\Documents and Settings\Lada\Plocha
2018-08-26 23:54 - 2010-02-24 10:39 - 000000000 RSHDC C:\WINDOWS\system32\dllcache
2018-08-26 23:54 - 2010-02-24 10:39 - 000000000 ___HD C:\WINDOWS\inf
2018-08-26 23:50 - 2010-06-26 23:28 - 000000000 ____D C:\Documents and Settings\Lada\Data aplikací\vlc
2018-08-26 23:48 - 2010-03-29 03:52 - 000223744 _____ C:\Documents and Settings\Lada\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-26 23:48 - 2010-02-25 10:39 - 000000000 ____D C:\WINDOWS\system32\ReinstallBackups
2018-08-26 23:36 - 2010-02-25 11:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-26 23:13 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty
2018-08-26 23:07 - 2010-02-24 10:49 - 000000000 __RHD C:\Documents and Settings\Lada\Data aplikací
2018-08-26 14:50 - 2010-02-24 10:43 - 000000000 ____D C:\Documents and Settings\All Users
2018-08-26 14:21 - 2010-05-20 19:19 - 002151936 __SHC C:\Documents and Settings\Lada\Dokumenty\Thumbs.db
2018-08-26 14:20 - 2018-01-03 18:01 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\BMW
2018-08-26 14:14 - 2016-05-12 08:35 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Stodola
2018-08-25 23:50 - 2016-01-10 16:26 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-08-25 22:48 - 2010-02-25 11:16 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2018-08-25 12:11 - 2012-06-10 21:20 - 000000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy\Příslušenství
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser\Nabídka Start
2018-08-25 12:11 - 2012-06-10 21:20 - 000000000 ____D C:\Documents and Settings\UpdatusUser
2018-08-25 12:01 - 2010-02-24 10:43 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-08-25 11:56 - 2010-09-27 18:05 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-25 07:36 - 2012-07-11 13:15 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Míša
2018-08-25 07:29 - 2010-03-08 11:39 - 000000000 ____D C:\Documents and Settings\Lada\Local Settings\Data aplikací\Temp
2018-08-25 06:18 - 2010-02-24 10:39 - 000000000 ____D C:\WINDOWS\system32\npp
2018-08-25 06:05 - 2014-05-19 12:45 - 000394928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-21 19:42 - 2016-04-03 09:18 - 000000000 ____D C:\Documents and Settings\Lada\Dokumenty\Soukromníci
2018-08-21 14:35 - 2010-03-03 10:15 - 000002561 _____ C:\Documents and Settings\Lada\Plocha\Microsoft Office Word 2003.lnk
2018-08-20 14:37 - 2010-05-26 21:02 - 005224960 _____ C:\Documents and Settings\Lada\Plocha\Rozpis3.xls
2018-08-12 22:55 - 2016-06-11 01:21 - 000000000 ____C C:\WINDOWS\system32\last.dump
2018-08-08 18:38 - 2014-03-20 13:30 - 000000214 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-02 09:08 - 2010-02-24 10:49 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty\Obrázky
2018-08-02 07:01 - 2015-02-13 11:39 - 000000000 ___RD C:\Documents and Settings\Lada\Dokumenty\Filmy
2018-08-01 10:35 - 2016-10-03 14:03 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Veteráni září 2016
2018-08-01 10:19 - 2017-09-24 20:07 - 000000000 ____D C:\Documents and Settings\Lada\Plocha\Veteráni
==================== Files in the root of some directories =======
2013-04-01 03:25 - 2013-04-23 14:45 - 000000004 ____C () C:\Documents and Settings\Lada\Data aplikací\AltShell.ini
2010-03-03 14:15 - 2018-03-20 15:10 - 000000171 ____C () C:\Documents and Settings\Lada\Data aplikací\default.rss
2011-08-18 16:24 - 2011-08-18 16:24 - 000000000 ____C () C:\Documents and Settings\Lada\Data aplikací\downloads.m3u
2010-03-29 03:52 - 2018-08-26 23:48 - 000223744 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-25 23:19 - 2018-08-26 06:40 - 000136428 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\FASTWiz.log
2010-02-25 13:29 - 2010-02-25 13:29 - 000000124 _____ () C:\Documents and Settings\Lada\Local Settings\Data aplikací\fusioncache.dat
2010-03-03 12:09 - 2010-03-03 21:39 - 000003170 ____C () C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
2013-06-12 16:57 - 2013-06-13 06:38 - 000000000 ____C () C:\Documents and Settings\All Users\Data aplikací\kjhy64.txt
2013-06-12 16:56 - 2013-06-12 16:56 - 000033280 _____ (Microsoft Corporation) C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe
[2008-04-14 14:00] - [2013-06-13 13:01] - 000507904 _____ (Microsoft Corporation) 8E5F533B806957A06E36D3DBB3C2273E
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Re: prosim o kontrolu
Conduit a kamarati boli zmazani, vycisti PC CCleanerom, ak nie su problemy hotovo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?