Dobrý večer,prosím o kontrolu logu, nejde vypnutí a restart
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by tomdasa (administrator) on TOMDASA-PC on 09-05-2015 21:53:07
Running from C:\Users\tomdasa\AppData\Local\Temp
Loaded Profiles: tomdasa (Available profiles: tomdasa & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser path: "C:\Program Files\Opera\Opera.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
() C:\hp\KBD\KbdStub.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Users\tomdasa\AppData\Roaming\Seznam.cz\bin\postak.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\realplay.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [HP Health Check Scheduler] => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [SunJavaUpdateReg] => C:\Windows\system32\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [SMail] => "C:\Program Files\Seznam\Postak\Postak.exe"
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [81920 2008-01-22] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2007-10-11] ()
HKLM\...\Run: [EverioService] => C:\Program Files\CyberLink\PCM4Everio\EverioService.exe [151552 2008-05-21] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-02-21] (CyberLink Corp.)
HKLM\...\Run: [NBKeyScan] => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295072 2012-12-14] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-01] (Avast Software s.r.o.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\Run: [Nero MediaHome 4] => "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\tomdasa\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\Run: [Seznam Postak] => C:\Users\tomdasa\AppData\Roaming\Seznam.cz\bin\postak.exe [323752 2012-12-19] ()
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\MountPoints2: J - J:\Launch.exe
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\MountPoints2: {370479de-3271-11e3-8acf-001fc64c3e66} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\MountPoints2: {79741fee-0380-11de-9f91-001fc64c3e66} - F:\Setup\rsrc\Autorun.exe
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\css.scr
AppInit_DLLs: protector.dll => protector.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2008-10-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-01] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.wolframalpha.com/?trackid=sp-005
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.wolframalpha.com/input/?i={ ... kid=sp-005
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.wolframalpha.com/input/?i={ ... kid=sp-005
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.wolframalpha.com/?trackid=sp-005
SearchScopes: HKLM -> {2de06457-88b8-4989-9288-5fe9c2584ab8} URL = https://www.wolframalpha.com/input/?i={ ... kid=sp-005
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> DefaultScope {2de06457-88b8-4989-9288-5fe9c2584ab8} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {00F1CCAB-6885-43C6-BCDD-E27DB0F8694C} URL = https://www.wolframalpha.com/input/?i={ ... kid=sp-005
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {0C2FEAAE-7A8F-4270-B508-AAE4328B1598} URL = http://tv.seznam.cz/hledej?w={searchTer ... kSearch_12
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {2de06457-88b8-4989-9288-5fe9c2584ab8} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {3EC4DBFF-46C7-4964-AB26-60E942F7387C} URL = http://encyklopedie.seznam.cz/search?s= ... rer:source?}
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {8588BED3-78EA-42AF-841C-6BA975F9C4FA} URL = http://zbozi.seznam.cz/?q={searchTerms} ... rer:source?}
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A} URL = http://search.seznam.cz/searchScreen?w= ... rer:source?}
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {AB65709D-7E2C-44EB-8B19-51828FE1828A} URL = http://www.mapy.cz/?query={searchTerms} ... rer:source?}
SearchScopes: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searc ... r=chr-divx
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-01] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04] (Oracle Corporation)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-2113988722-11527645-2074921056-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-10-28] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-02-21] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2008-11-21] (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-11-21] (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-12-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-12-14] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-13]
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-14]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR Profile: C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-29]
CHR Extension: (Google Docs) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-29]
CHR Extension: (Google Drive) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-29]
CHR Extension: (YouTube) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-29]
CHR Extension: (Google Search) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-29]
CHR Extension: (Google Sheets) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-29]
CHR Extension: (Avast Online Security) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-29]
CHR Extension: (RealDownloader) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-10-29]
CHR Extension: (SourceApp) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda [2015-01-07]
CHR Extension: (Google Wallet) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-29]
CHR Extension: (Gmail) - C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKU\S-1-5-21-2113988722-11527645-2074921056-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-01] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-01] (Avast Software)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-05-04] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-02-14] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [575488 2008-08-07] (Nokia.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-05-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-01] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-05-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-01] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [35992 2015-01-07] ()
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2009-02-25] () [File not signed]
S3 usbvm326_W; C:\Windows\System32\Drivers\usbvm326_w.sys [195200 2006-08-01] (Vimicro Corporation) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-01] (Avast Software)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [41456 2008-01-19] (Cyberlink Corp.)
U3 ad2dig0m; C:\Windows\system32\Drivers\ad2dig0m.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 gHidPnp; System32\Drivers\gHidPnp.Sys [X]
S3 gMouPS2; system32\DRIVERS\gMouPS2.sys [X]
S3 gMouUsb; system32\DRIVERS\gMouUsb.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [62799 2004-10-04] (TOSHIBA Corporation) [File not signed]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-09 21:52 - 2015-05-09 21:53 - 00000000 ____D () C:\FRST
2015-05-09 20:46 - 2015-05-09 20:46 - 00376360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-09 20:46 - 2015-05-09 20:46 - 00000762 _____ () C:\Windows\PFRO.log
2015-05-09 20:26 - 2015-05-09 20:48 - 00108816 _____ () C:\Users\tomdasa\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-01 15:44 - 2015-05-01 15:44 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-01 15:44 - 2015-05-01 15:44 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-15 02:06 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 02:00 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 02:00 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 02:00 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 01:59 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 01:59 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 01:59 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 01:02 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 01:02 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 01:02 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 01:02 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 01:02 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 01:02 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 01:02 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 01:02 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 01:02 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 01:02 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 01:02 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 01:02 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 01:02 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 01:02 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 01:02 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 01:02 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 01:02 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 01:02 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 01:02 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 01:02 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 01:02 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 01:02 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-09 21:49 - 2013-03-05 07:49 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce19653588bd2b.job
2015-05-09 21:44 - 2013-10-07 10:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-09 21:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-09 20:53 - 2015-01-01 14:48 - 00000000 ____D () C:\Users\tomdasa\AppData\Roaming\Seznam.cz
2015-05-09 20:53 - 2008-04-06 12:09 - 01317204 _____ () C:\Windows\WindowsUpdate.log
2015-05-09 20:49 - 2014-11-17 20:06 - 00000000 ____D () C:\Users\tomdasa\AppData\Local\HTC MediaHub
2015-05-09 20:48 - 2006-11-02 14:47 - 00003696 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-09 20:48 - 2006-11-02 14:47 - 00003696 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-09 20:47 - 2009-11-20 10:37 - 00000000 ____D () C:\Users\tomdasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink BD Solution
2015-05-09 20:46 - 2008-04-25 21:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-09 20:46 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-09 18:43 - 2008-10-27 20:58 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-05-09 18:43 - 2006-11-02 15:01 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-09 18:39 - 2015-04-04 11:32 - 00000000 ____D () C:\Users\tomdasa\Desktop\Dalibor
2015-05-09 18:34 - 2008-10-26 14:58 - 00190464 _____ () C:\Users\tomdasa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-09 11:26 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2015-05-09 10:06 - 2006-11-02 12:33 - 01509614 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-08 20:20 - 2015-02-05 12:01 - 00000000 ____D () C:\Users\tomdasa\AppData\Roaming\vlc
2015-05-06 09:43 - 2010-11-23 09:47 - 00002201 _____ () C:\Users\tomdasa\Desktop\mironet,insportline HTC.txt
2015-05-03 09:59 - 2008-11-22 10:39 - 00000000 ____D () C:\Users\tomdasa\Desktop\úřad
2015-05-01 15:44 - 2014-05-04 19:32 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-01 15:44 - 2013-03-18 11:39 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-01 15:44 - 2013-03-18 11:39 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-01 15:44 - 2008-10-26 14:02 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-01 15:44 - 2008-10-26 13:55 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-05-01 15:44 - 2008-10-26 13:55 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-05-01 15:44 - 2008-10-26 13:54 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-01 15:43 - 2011-04-14 21:39 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-01 12:52 - 2014-10-29 10:51 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-15 19:45 - 2012-04-05 08:05 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 19:45 - 2011-05-20 08:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-15 02:06 - 2013-07-29 22:37 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 02:01 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-15 02:00 - 2008-10-28 18:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-10 23:21 - 2009-07-12 22:11 - 00000000 ____D () C:\Users\tomdasa\Desktop\Bufet
==================== Files in the root of some directories =======
2009-01-24 12:10 - 2009-01-24 12:10 - 0087608 _____ () C:\Users\tomdasa\AppData\Roaming\inst.exe
2009-01-24 12:10 - 2009-01-24 12:10 - 0007887 _____ () C:\Users\tomdasa\AppData\Roaming\pcouffin.cat
2009-01-24 12:10 - 2009-01-24 12:10 - 0001144 _____ () C:\Users\tomdasa\AppData\Roaming\pcouffin.inf
2009-01-24 12:11 - 2009-01-24 12:11 - 0000034 _____ () C:\Users\tomdasa\AppData\Roaming\pcouffin.log
2009-01-24 12:10 - 2009-01-24 12:10 - 0047360 _____ (VSO Software) C:\Users\tomdasa\AppData\Roaming\pcouffin.sys
2008-12-25 01:03 - 2013-05-03 21:40 - 0138056 _____ () C:\Users\tomdasa\AppData\Roaming\PnkBstrK.sys
2009-01-24 12:11 - 2015-02-13 10:56 - 0000671 _____ () C:\Users\tomdasa\AppData\Roaming\vso_ts_preview.xml
2008-11-03 15:40 - 2015-01-12 13:52 - 0002032 _____ () C:\Users\tomdasa\AppData\Local\d3d9caps.dat
2008-10-26 14:58 - 2015-05-09 18:34 - 0190464 _____ () C:\Users\tomdasa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-11-07 19:51 - 2008-11-07 19:51 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2008-04-25 21:01 - 2014-11-16 14:34 - 0038718 _____ () C:\ProgramData\hpzinstall.log
2011-11-25 21:10 - 2011-11-25 21:10 - 0000196 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\tomdasa\AppData\Local\Temp\FRST.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-09 20:55
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by tomdasa at 2015-05-09 21:54:05
Running from C:\Users\tomdasa\AppData\Local\Temp
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2113988722-11527645-2074921056-500 - Administrator - Disabled)
Guest (S-1-5-21-2113988722-11527645-2074921056-501 - Limited - Enabled)
tomdasa (S-1-5-21-2113988722-11527645-2074921056-1000 - Administrator - Enabled) => C:\Users\tomdasa
UpdatusUser (S-1-5-21-2113988722-11527645-2074921056-1002 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
7-Zip 4.60 beta (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ashampoo Burning Studio 6 FREE (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.7.5 - ashampoo GmbH & Co. KG)
ASUS nVidia Driver (Version: 1.00.0000 - ASUSTek) Hidden
Audacity 1.3.6 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Call of Duty(R) - World at War(TM) (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Cenega)
Call of Duty(R) - World at War(TM) (Version: 1.0 - Cenega) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (Version: 1.3 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (Version: 1.7 - Activision) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
ConvertXtoDVD 3.3.1.98 (HKLM\...\{76C24F39-B161-498F-BD8B-C64789812D13}_is1) (Version: 3.3.1.98 - )
Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1126 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.3013 - CyberLink Corp.)
Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Photo Navigator 1.5 (HKLM\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version: - )
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.8.2 - )
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.2 - DivX,Inc.)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
GamePark (HKLM\...\GameParkClient_is1) (Version: - GamePark)
GameShadow (HKLM\...\{D98C9637-93DA-44DB-B73A-B11A1192AB26}) (Version: 1.91.0000 - Aardwork Software Ltd)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.1.4748.24 - PC-Doctor, Inc.)
Hauppauge MCE XP/Vista Software Encoder (2.0.25180) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25180 - Hauppauge Computer Works, Inc.)
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
HP Customer Experience Enhancements (HKLM\...\{C8D47273-7A1A-4614-A3D8-263632D8A5ED}) (Version: 5.6.0.2499 - Hewlett-Packard)
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Easy Setup - Frontend (HKLM\...\{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}) (Version: 5.6.0.2542 - Hewlett-Packard)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version: - Hewlett-Packard)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Název společnosti:)
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java(TM) SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
jRipper 2008.06 (HKLM\...\jRipper_is1) (Version: - dronten@gmail.com)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2329 - CyberLink Corp.)
LightScribe System Software 1.10.23.1 (HKLM\...\{0E19A83E-F53B-40CF-8C91-96F32D955E6A}) (Version: 1.10.23.1 - http://www.lightscribe.com)
MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Medal of Honor (TM) (HKLM\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
MetaProducts Download Express (HKLM\...\DownloadExpress) (Version: - )
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
miniTrezor (Version: 2.0.10 - Philosoft Kft) Hidden
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{5115C036-C0D5-4E1B-81C9-542CA967478A}) (Version: 6.10.050 - muvee Technologies)
Nero MediaHome 4 Essentials (HKLM\...\{96642315-2a6e-42eb-9b57-c9d70f20c9e6}) (Version: - Nero AG)
NVIDIA 3D Vision Controller Driver 267.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 267.85 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Origin (HKLM\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}) (Version: 8.22.4.0 - Nokia)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3610 - CyberLink Corp.)
PowerCinema NE for Everio (HKLM\...\{39CEE1F2-12B6-4C50-9131-04BFCA110578}) (Version: NE - CyberLink Corp.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.3.3730f.0 - CyberLink Corp.)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 4.5 - CyberLink Corp.)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
RAR Password Recovery v1.1 RC16 (remove only) (HKLM\...\Intelore - RAR Password Recovery) (Version: - )
Readon TV Movie Radio Player 7.6.0.0 (HKLM\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
RealDownloader (Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5591 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Registrace uživatele zařízení Canon MG6400 series (HKLM\...\Registrace uživatele zařízení Canon MG6400 series) (Version: - Canon Inc.)
RESIDENT EVIL 5 (HKLM\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Řešení s využitím rozšířené multimediální klávesnice (HKLM\...\KBD) (Version: - Hewlett-Packard)
Seznam Software (HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\SeznamInstall) (Version: - Seznam.cz)
Silent Hill Homecoming (HKLM\...\{AE7D5AF6-E561-4711-BC5A-E2CE7AFD8CA7}_is1) (Version: - Konami)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SMPlayer 0.5.62 (HKLM\...\SMPlayer_is1) (Version: - RVM)
SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Status (Version: 90.0.146.000 - Hewlett-Packard) Hidden
SureThing Express Labeler (HKLM\...\stax-Pinnacle_is1) (Version: - MicroVision Development, Inc.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TOSHIBA Bluetooth Stack for Windows (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v3.03.10(C) - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
TrayApp (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Trust WB-1400T Webcam (HKLM\...\InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}) (Version: 0.1.3.73 - Trust International BV)
Trust WB-1400T Webcam (Version: 0.1.3.73 - Trust International BV) Hidden
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebCam Live (HKLM\...\{E9DDC9D1-2D27-4BB2-9CBB-7B93D91B7B26}) (Version: 3.0.0.0 - GetWare)
Winamp Toolbar for Firefox (HKLM\...\Winamp Toolbar for Firefox) (Version: 5.5.1.1 - AOL LLC) <==== ATTENTION
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xvid 1.1.3 final uninstall (HKLM\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
ZhiRemote.ocx (HKLM\...\CamGuard Remote ActiveX_is1) (Version: - HANGZHOU TAISOFT TECHNOLOGY CO.,LTD)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2113988722-11527645-2074921056-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> No File Path
==================== Restore Points =========================
22-04-2015 06:07:05 Windows Update
26-04-2015 19:00:08 Zálohování systému Windows
29-04-2015 07:05:09 Windows Update
01-05-2015 15:43:07 avast! antivirus system restore point
03-05-2015 19:00:09 Zálohování systému Windows
05-05-2015 08:23:08 Windows Update
08-05-2015 16:56:49 Windows Update
09-05-2015 09:59:31 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04D31E2F-511A-490C-B56B-19B2A8919BC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {0A7CE6B3-5E0B-4D05-9C1A-E36AB0D902A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {134F5ABE-3EDA-42F6-999E-A4FBFD80363B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {519D1D37-C932-4176-891F-C81271C6E1BB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2113988722-11527645-2074921056-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {6FB9FA60-9841-46F8-B7B5-BFE1368F1504} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2113988722-11527645-2074921056-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {7822BC95-2D3B-4C46-AD23-140F7EE658F1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-01] (Avast Software s.r.o.)
Task: {8A3D2F01-8293-4726-8BFD-1294347BF3D7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2113988722-11527645-2074921056-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {BD620431-9833-4725-A291-C7AAEDA5D4EB} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2113988722-11527645-2074921056-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {CD062623-913E-4B04-B9B8-5135D2F94B6A} - System32\Tasks\GoogleUpdateTaskMachineUA1ce19653588bd2b => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {E634A9B2-6A47-46C6-9F34-C63213441C6B} - System32\Tasks\GoogleUpdateTaskMachineCore1ce1965350e35fb => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce1965350e35fb.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce19653588bd2b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCConfidential.job => C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-20 12:57 - 2015-05-01 15:44 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-20 12:57 - 2015-05-01 15:43 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-09 17:17 - 2015-05-09 17:17 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050901\algo.dll
2004-07-20 18:04 - 2004-07-20 18:04 - 00094208 ____N () C:\Windows\System32\TosBtHcrpAPI.dll
2008-04-25 20:46 - 2006-12-08 17:16 - 00065536 _____ () C:\hp\KBD\KbdStub.exe
2009-11-20 10:48 - 2008-05-21 21:59 - 00012288 ____N () C:\Program Files\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll
2015-03-14 00:54 - 2015-03-20 12:57 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-06 23:15 - 2012-12-19 12:03 - 00323752 _____ () C:\Users\tomdasa\AppData\Roaming\Seznam.cz\bin\postak.exe
2015-02-06 23:15 - 2012-12-19 11:58 - 00886408 _____ () C:\Users\tomdasa\AppData\Roaming\Seznam.cz\bin\core.4.dll
2015-02-06 23:15 - 2012-12-19 10:12 - 00615560 _____ () C:\Users\tomdasa\AppData\Roaming\Seznam.cz\bin\email.4.dll
2014-11-03 12:04 - 2014-11-03 12:04 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 12:06 - 2014-11-03 12:06 - 00129376 _____ () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 12:07 - 2014-11-03 12:07 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2014-11-03 12:05 - 2014-11-03 12:05 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2008-12-25 01:03 - 2013-05-04 11:10 - 00076888 ____N () C:\Windows\system32\PnkBstrA.exe
2012-11-29 21:31 - 2012-11-29 21:31 - 00038608 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-11-20 10:47 - 2008-02-14 21:10 - 00241734 ____R () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
AlternateDataStreams: C:\ProgramData\TEMP:68F4226F
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2113988722-11527645-2074921056-1000\...\123simsen.com -> www.123simsen.com
There are 7748 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2113988722-11527645-2074921056-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img36.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{C3E06702-1B8D-4266-9FD5-CA0280CDBBA2}] => (Allow) c:\Program Files\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [TCP Query User{0F158F9E-2A64-46EE-BC6E-8ECE752FBFD2}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{4A00555F-DCB7-4112-86F7-64B4093E1650}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{69AEE59E-BCFE-4279-BE7E-F1C557AD59F5}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{30A997E2-DFD1-471F-8927-EFA71FC4E62F}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{669EC5B6-A834-462C-8974-1D811118208E}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{1AD1C765-8F2D-4C0B-B4E6-F289C5BFDC46}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{164A4D99-2122-4437-A841-B5D99858B771}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{36962134-E0ED-439A-AE36-1F64205CECA9}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{65D22478-FDF9-4164-AB63-74DE9FBFE5E9}C:\windows\ehome\ehexthost.exe] => (Block) C:\windows\ehome\ehexthost.exe
FirewallRules: [UDP Query User{6EF7CC34-B9BC-4E95-8317-F570CE7EEA5E}C:\windows\ehome\ehexthost.exe] => (Block) C:\windows\ehome\ehexthost.exe
FirewallRules: [TCP Query User{D8C44262-6EE6-4238-A0CC-58374E251D1D}C:\program files\download express\dep.exe] => (Allow) C:\program files\download express\dep.exe
FirewallRules: [UDP Query User{B764FF88-5705-4294-A13A-96B9F18318B1}C:\program files\download express\dep.exe] => (Allow) C:\program files\download express\dep.exe
FirewallRules: [{CC6D1AC1-228A-4540-BE79-A1761C2E593F}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{FD9D2E16-613D-4314-B44D-8755E68E99AC}] => (Allow) C:\Program Files\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{331E6C75-FA04-4817-9772-2AA1FDD9713F}] => (Allow) C:\Program Files\CyberLink\PCM4Everio\PCM4Everio.exe
FirewallRules: [{770281C2-479F-46A0-916D-62E12C75ABB1}] => (Allow) C:\Program Files\CyberLink\PCM4Everio\PCM4Everio.exe
FirewallRules: [{C57B5772-2C6B-4A3C-B021-1855EAD879F2}] => (Allow) C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
FirewallRules: [{9D0BF5B1-C45D-4F45-A7C0-6CE411C137A1}] => (Allow) C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
FirewallRules: [{3A1ED506-FE74-4577-8513-7C6BD581783F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82DC443A-96DC-4127-ADB7-AE627F1AC8BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{ACB51F27-9C53-48F3-AB9E-820C20DB74DC}C:\program files\camguard security system (home edition)\camguard.exe] => (Allow) C:\program files\camguard security system (home edition)\camguard.exe
FirewallRules: [UDP Query User{BC7DA09B-40A7-43AF-8A26-3FC4A23D1211}C:\program files\camguard security system (home edition)\camguard.exe] => (Allow) C:\program files\camguard security system (home edition)\camguard.exe
FirewallRules: [{D94782BB-87FA-4F62-AD1F-D4EE8A137989}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{BD462EE0-F5FB-426A-B445-4BC8273F488E}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{0E0C5AD6-618F-44F2-BEF3-931AF90DD724}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{6C742E9D-FAA2-454E-92AF-89E41E8CF89F}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{8512F6AC-5B53-4A4D-92B4-8EE60B068DC6}] => (Allow) C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE
FirewallRules: [{4BA1E038-29CB-4296-B112-8FF483DA9433}] => (Allow) C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE
FirewallRules: [{1905D01E-4A12-403C-8322-52FBB8D5639B}] => (Allow) C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE
FirewallRules: [{5C59FBD2-262E-4422-9B59-1246F290B397}] => (Allow) C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE
FirewallRules: [TCP Query User{C7591498-ED34-4473-AEDD-F5DECAFFA825}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{7666C246-DF41-45F5-A509-CE2FAAEDC3C9}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{4D9635B7-0AA5-4147-8663-C1F5107E527A}] => (Allow) C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{C1CE1597-5BE2-4B29-8EF9-ACA247D8CF2E}] => (Allow) C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{BD48AA08-C919-4D42-B746-3D06EF06BCAA}] => (Allow) C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{A1E9A9CB-20DA-47C8-A283-13015320F217}] => (Allow) C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{427D6AF8-D5D5-4372-A54B-957310D8391B}] => (Allow) C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{9293024D-3A55-4FAA-9726-A2450D77979D}] => (Allow) C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [TCP Query User{65B9FE32-644F-4BF5-A5F6-8EA6352FF8E8}G:\hry\gta iv\grand theft auto iv\gtaiv.exe] => (Block) G:\hry\gta iv\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{667562C8-F4A2-42C8-BA6A-7F8A5D618100}G:\hry\gta iv\grand theft auto iv\gtaiv.exe] => (Block) G:\hry\gta iv\grand theft auto iv\gtaiv.exe
FirewallRules: [{59C7AF68-BF40-448E-9696-93B8F9B74B01}] => (Allow) C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
FirewallRules: [TCP Query User{520FD945-2504-4046-A24A-005251E9A7A2}C:\program files\getware\webcam live\webcam.exe] => (Allow) C:\program files\getware\webcam live\webcam.exe
FirewallRules: [UDP Query User{00BC8861-1B38-490F-95C7-4B635D7B29BD}C:\program files\getware\webcam live\webcam.exe] => (Allow) C:\program files\getware\webcam live\webcam.exe
FirewallRules: [{D44CD200-62B6-4F6B-9EFA-A418BA96FA12}] => (Allow) LPort=80
FirewallRules: [{7FF24557-42AF-49DE-8691-77A6DA404384}] => (Allow) LPort=80
FirewallRules: [{56B0E657-F1ED-4BAD-8A84-CDE336C6918E}] => (Allow) LPort=80
FirewallRules: [TCP Query User{08192D64-A2CF-4A96-B067-CEBEBB2CF94A}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{9F6865E7-662D-45C6-AF4A-937896106C7B}C:\program files\real\realplayer\realplay.exe] => (Block) C:\program files\real\realplayer\realplay.exe
FirewallRules: [{413E578C-CF7E-474E-B5AE-A7078D8ADE0A}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{59015838-89FD-4425-9A73-271EBF694753}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{798559B5-8684-4FD0-8CD7-37F8BF72BEE0}L:\hry\call of duty-world at war\codwaw.exe] => (Block) L:\hry\call of duty-world at war\codwaw.exe
FirewallRules: [UDP Query User{7985206E-A517-45A9-9130-4D9BFACC5E21}L:\hry\call of duty-world at war\codwaw.exe] => (Block) L:\hry\call of duty-world at war\codwaw.exe
FirewallRules: [TCP Query User{19DF3BFA-1C34-4D44-A555-C12EB054BF16}L:\hry\call of duty-world at war\codwawmp.exe] => (Block) L:\hry\call of duty-world at war\codwawmp.exe
FirewallRules: [UDP Query User{24773218-8B2B-4AA8-9D75-0A466A9B507F}L:\hry\call of duty-world at war\codwawmp.exe] => (Block) L:\hry\call of duty-world at war\codwawmp.exe
FirewallRules: [TCP Query User{5155F37D-43CE-4E3D-A360-14908487A456}C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe] => (Block) C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe
FirewallRules: [UDP Query User{AC1CFECF-1D28-46B2-8515-80DF46D58F59}C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe] => (Block) C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe
FirewallRules: [TCP Query User{02FFD553-9DA4-4EC7-97CC-2EABD998F905}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B9B7DDD9-C3AC-4CBA-83E2-4DC42E5126D0}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{55CECC45-35E3-493F-AFD2-F6DCD24221F2}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{823F1F25-E94C-49C9-BDC4-FA4C28117DB2}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{D0ABB6D0-A53A-4CFD-855F-841FE5B634A9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{BCA1837E-A4A0-4D17-91F2-943EA35B39D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{220AB2A1-51C3-4AA1-A7F4-CADEB99C1105}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{59768300-9018-474A-8E00-8DE5ADAE5FB2}C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [UDP Query User{23B483DD-6C12-461D-9A42-3F1500B3CEC2}C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe] => (Allow) C:\program files\electronic arts\medal of honor\mp\mohmpgame.exe
FirewallRules: [{3BDDA422-21FE-43AF-9630-2340D16E49CF}] => (Allow) C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{93CF86F5-5E4B-43FF-80AF-B3ABC869275E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{5159D7B3-2F57-4564-A267-3DA53F69C999}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{7CA28995-64D5-4295-A8A2-B318E00AFBF9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{673EC2AF-78F3-4580-B4C2-322456151181}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\UNINSTALL POWERDVD.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\UNINSTALL POWERDVD.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\READ ME.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\READ ME.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\POWERDVD HELP FILE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\POWERDVD HELP FILE.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\CYBERLINK POWERDVD.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:51:50 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Položka <C:\USERS\TOMDASA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK BD SOLUTION\POWERDVD\CYBERLINK POWERDVD.LNK> v mapě algoritmu hash nebyla aktualizována.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení připojené k systému nefunguje. (0x8007001f)
Error: (05/09/2015 08:48:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 se nezdařilo.
Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (05/09/2015 08:48:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 se nezdařilo.
Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (05/09/2015 08:52:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (05/09/2015 08:52:17 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (05/09/2015 08:46:53 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: 2147942402
Error: (05/09/2015 08:46:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:37:59, 9.5.2015) bylo neočekávané.
Error: (05/09/2015 08:36:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (05/09/2015 08:10:10 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek HP spustit nástroj chkdsk.
Error: (05/09/2015 08:10:10 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek HP spustit nástroj chkdsk.
Error: (05/09/2015 08:10:10 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek HP spustit nástroj chkdsk.
Error: (05/09/2015 08:10:10 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek HP spustit nástroj chkdsk.
Error: (05/09/2015 08:10:10 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozena a je nepoužitelná.
Je nutné na svazek C: spustit nástroj chkdsk.
Microsoft Office Sessions:
=========================
Error: (11/02/2008 08:52:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/30/2008 05:09:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 70 seconds with 60 seconds of active time. This session ended with a crash.
Error: (10/28/2008 11:49:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 72 seconds with 60 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-01-09 18:53:51.425
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 18:53:51.103
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 18:53:50.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 18:53:50.480
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 15:50:01.029
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 15:50:00.761
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 15:50:00.491
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 15:50:00.159
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 15:44:06.920
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-09 15:44:06.589
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E8200 @ 2.66GHz
Percentage of memory in use: 43%
Total physical RAM: 3582.39 MB
Available physical RAM: 2024.48 MB
Total Pagefile: 7375.72 MB
Available Pagefile: 5850.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.7 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:290.14 GB) (Free:54.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:7.95 GB) (Free:1.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive l: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:241.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=290.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: 04CF8866)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, nejde vypnutí a restart
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Zdravim 
Napise to nejakou hlasku?
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Napise to nejakou hlasku? Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Zdravím
Hláška žádná nevyskakuje.
Po testu obtížný restart
nereagovalo skoro nic, zde je log
# AdwCleaner v4.203 - Log vytvořen 10/05/2015 v 10:24:54
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-09.1 [Server]
# Operační system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Uživatelské jméno : tomdasa - TOMDASA-PC
# Spuštěno z : C:\Users\tomdasa\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Soubor Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\FinalMediaPlayer.lnk
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
Klíč Smazáno : HKLM\SOFTWARE\Winferno
Klíč Smazáno : HKU\.DEFAULT\Software\bProtector
Klíč Smazáno : HKU\.DEFAULT\Software\IBUpdaterService
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SourceApp
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v9.0.8112.16636
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [4232 bytů] - [08/01/2015 23:42:20]
AdwCleaner[R1].txt - [884 bytů] - [09/01/2015 00:09:12]
AdwCleaner[R2].txt - [1658 bytů] - [10/05/2015 10:19:06]
AdwCleaner[S0].txt - [4369 bytů] - [09/01/2015 00:02:52]
AdwCleaner[S1].txt - [944 bytů] - [09/01/2015 00:11:36]
AdwCleaner[S2].txt - [1575 bytů] - [10/05/2015 10:24:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1633 bytů] ##########
Hláška žádná nevyskakuje.
Po testu obtížný restart
nereagovalo skoro nic, zde je log# AdwCleaner v4.203 - Log vytvořen 10/05/2015 v 10:24:54
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-09.1 [Server]
# Operační system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Uživatelské jméno : tomdasa - TOMDASA-PC
# Spuštěno z : C:\Users\tomdasa\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Soubor Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\FinalMediaPlayer.lnk
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
Klíč Smazáno : HKLM\SOFTWARE\Winferno
Klíč Smazáno : HKU\.DEFAULT\Software\bProtector
Klíč Smazáno : HKU\.DEFAULT\Software\IBUpdaterService
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SourceApp
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v9.0.8112.16636
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [4232 bytů] - [08/01/2015 23:42:20]
AdwCleaner[R1].txt - [884 bytů] - [09/01/2015 00:09:12]
AdwCleaner[R2].txt - [1658 bytů] - [10/05/2015 10:19:06]
AdwCleaner[S0].txt - [4369 bytů] - [09/01/2015 00:02:52]
AdwCleaner[S1].txt - [944 bytů] - [09/01/2015 00:11:36]
AdwCleaner[S2].txt - [1575 bytů] - [10/05/2015 10:24:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1633 bytů] ##########
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, nejde vypnutí a restart
tak tady je crystal mbam stále běží dodám později
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2015/05/10 11:10:44
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8R/ICH9R SATA RAID Controller [SCSI]
- WDC WD3200AAJS-65VWA0
- ATAPI DVD A DH16A3L
+ AIBQI0UV IDE Controller [SCSI]
- TSPULEN 349MNS9IB SCSI CdRom Device
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200AAJS-65VWA0 : 320,0 GB [0/0/0, pd1]
(2) ST31000528AS : 1000,2 GB [5/X/X, sa1] (V=0BC2, P=3300) - st
----------------------------------------------------------------------------
(1) WDC WD3200AAJS-65VWA0
----------------------------------------------------------------------------
Model : WDC WD3200AAJS-65VWA0
Firmware : 12.01B02
Serial Number : WD-WMARW0778897
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 39065 hod.
Power On Count : 2690 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 8080h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 158 155 _21 0000000013DB Čas na roztočení ploten
04 _98 _98 __0 000000000ABF Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _47 _47 __0 000000009899 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A82 Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000000C0 Počet vypnutí disku
C1 200 200 __0 000000000B1C Počet cyklů načítání/vymazání
C2 113 104 __0 000000000022 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000004 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 5730 5730 3737 3838 3937
020: 0000 4000 0032 3132 2E30 3032 3032 5744 4320 5744
030: 3332 3030 4141 4A53 2D36 5741 5741 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 004C 0044
080: 01FE 0000 7069 7E61 4123 BE41 BE41 4123 407F 002A
090: 0000 0000 0000 0000 8080 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 55C9 ACD6 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0000 0000
130: 0000 0000 0000 1690 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 60A5
----------------------------------------------------------------------------
(2) ST31000528AS
----------------------------------------------------------------------------
Enclosure : Seagate Desktop USB Device (V=0BC2, P=3300, sa1) - st
Model : ST31000528AS
Firmware : CC35
Serial Number : 9VP0QNQP
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 49429 hod.
Power On Count : 47 krát
Host Reads : 190 GB
Host Writes : 1545 GB
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000DE4E949 Počet chyb čtení
03 _95 _95 __0 000000000000 Čas na roztočení ploten
04 _80 _80 _20 000000005172 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _47 _44 _30 00470031753D Počet chybných hledání
09 _44 _44 __0 00000000C115 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 00000000002F Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000200030006 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _62 _49 _45 000032160026 Teplota toku vzduchu
C2 _38 _51 __0 001400000026 Teplota
C3 _39 _17 __0 00000DE4E949 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 C06900005AC8 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000C13F235F Total LBAs Written
F2 100 253 __0 000017C28661 Total LBAs Read
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3956 3956 5030 514E 5150
020: 0000 0000 0004 4343 3335 2020 2020 5354 3331 3030
030: 3035 3238 4153 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7F61 4163 BE01 BE01 4163 407F 0057
090: 0057 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 0000 0000 5000 C500
110: 1523 A413 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 004F 004F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3F00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 1AA5
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2015/05/10 11:10:44
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8R/ICH9R SATA RAID Controller [SCSI]
- WDC WD3200AAJS-65VWA0
- ATAPI DVD A DH16A3L
+ AIBQI0UV IDE Controller [SCSI]
- TSPULEN 349MNS9IB SCSI CdRom Device
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200AAJS-65VWA0 : 320,0 GB [0/0/0, pd1]
(2) ST31000528AS : 1000,2 GB [5/X/X, sa1] (V=0BC2, P=3300) - st
----------------------------------------------------------------------------
(1) WDC WD3200AAJS-65VWA0
----------------------------------------------------------------------------
Model : WDC WD3200AAJS-65VWA0
Firmware : 12.01B02
Serial Number : WD-WMARW0778897
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 39065 hod.
Power On Count : 2690 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 8080h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 158 155 _21 0000000013DB Čas na roztočení ploten
04 _98 _98 __0 000000000ABF Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _47 _47 __0 000000009899 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A82 Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000000C0 Počet vypnutí disku
C1 200 200 __0 000000000B1C Počet cyklů načítání/vymazání
C2 113 104 __0 000000000022 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000004 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 5730 5730 3737 3838 3937
020: 0000 4000 0032 3132 2E30 3032 3032 5744 4320 5744
030: 3332 3030 4141 4A53 2D36 5741 5741 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 004C 0044
080: 01FE 0000 7069 7E61 4123 BE41 BE41 4123 407F 002A
090: 0000 0000 0000 0000 8080 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 55C9 ACD6 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0000 0000
130: 0000 0000 0000 1690 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 60A5
----------------------------------------------------------------------------
(2) ST31000528AS
----------------------------------------------------------------------------
Enclosure : Seagate Desktop USB Device (V=0BC2, P=3300, sa1) - st
Model : ST31000528AS
Firmware : CC35
Serial Number : 9VP0QNQP
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 49429 hod.
Power On Count : 47 krát
Host Reads : 190 GB
Host Writes : 1545 GB
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000DE4E949 Počet chyb čtení
03 _95 _95 __0 000000000000 Čas na roztočení ploten
04 _80 _80 _20 000000005172 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _47 _44 _30 00470031753D Počet chybných hledání
09 _44 _44 __0 00000000C115 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 00000000002F Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000200030006 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _62 _49 _45 000032160026 Teplota toku vzduchu
C2 _38 _51 __0 001400000026 Teplota
C3 _39 _17 __0 00000DE4E949 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 C06900005AC8 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000C13F235F Total LBAs Written
F2 100 253 __0 000017C28661 Total LBAs Read
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3956 3956 5030 514E 5150
020: 0000 0000 0004 4343 3335 2020 2020 5354 3331 3030
030: 3035 3238 4153 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7F61 4163 BE01 BE01 4163 407F 0057
090: 0057 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 0000 0000 5000 C500
110: 1523 A413 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 004F 004F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3F00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 1AA5
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Jasne
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, nejde vypnutí a restart
už to tady máme
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2015-05-10
Čas skenování: 11:17:49
Protokol: mbam.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.10.02
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: tomdasa
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 373059
Uplynulý čas: 42 min, 37 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda, , [f00aafe21e6c84b242bc4111a75f57a9],
Soubory: 4
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\manifest.json, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\background.js, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\content.js, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\icon.png, , [f00aafe21e6c84b242bc4111a75f57a9],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2015-05-10
Čas skenování: 11:17:49
Protokol: mbam.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.10.02
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: tomdasa
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 373059
Uplynulý čas: 42 min, 37 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda, , [f00aafe21e6c84b242bc4111a75f57a9],
Soubory: 4
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\manifest.json, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\background.js, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\content.js, , [f00aafe21e6c84b242bc4111a75f57a9],
PUP.Optional.SourceApp.A, C:\Users\tomdasa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iimjomhcoopoinoofciddhpfcoeekjda\1.0.1_0\icon.png, , [f00aafe21e6c84b242bc4111a75f57a9],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Mame, ale spatne.
Nalezy nechte odstranit (nebo hodte do karanteny). Po restartu pc udelejte novy test, ale se spravnym nastavenim. Tedy Vlastni sken vsech disku. Tohle byl jen Sken hrozeb, ten neprohledne cely pocitac.
Nalezy nechte odstranit (nebo hodte do karanteny). Po restartu pc udelejte novy test, ale se spravnym nastavenim. Tedy Vlastni sken vsech disku. Tohle byl jen Sken hrozeb, ten neprohledne cely pocitac.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, nejde vypnutí a restart
dobrá už se na tom pracuje, restart pořád špatný 
Re: Prosím o kontrolu logu, nejde vypnutí a restart
OK
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, nejde vypnutí a restart
tak napodruhé
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2015-05-10
Čas skenování: 14:05:28
Protokol: mbam.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.10.03
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: tomdasa
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 645483
Uplynulý čas: 2 hod, 22 min, 13 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Hacktool.Patcher, C:\Users\tomdasa\Desktop\programy\internet tv,webmaxcam\WebcamMax_6.0.1.9\Activator\activator.exe, , [9d5e751c89018aac3a8f60a7cf31748c],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2015-05-10
Čas skenování: 14:05:28
Protokol: mbam.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.10.03
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: tomdasa
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 645483
Uplynulý čas: 2 hod, 22 min, 13 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Hacktool.Patcher, C:\Users\tomdasa\Desktop\programy\internet tv,webmaxcam\WebcamMax_6.0.1.9\Activator\activator.exe, , [9d5e751c89018aac3a8f60a7cf31748c],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Nalez doporucuji odstranit, pak muzete MBAM odinstalovat.
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Tak po zálohování mám log z combofixu a tady je. Restart pořád nejde.
ComboFix 15-05-09.01 - tomdasa 2015-05-10 22:03:39.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3582.2269 [GMT 2:00]
Spuštěný z: c:\users\tomdasa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-10 do 2015-05-10 )))))))))))))))))))))))))))))))
.
.
2015-05-10 20:12 . 2015-05-10 20:12 -------- d-----w- c:\users\tomdasa\AppData\Local\temp
2015-05-10 20:12 . 2015-05-10 20:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-05-10 20:12 . 2015-05-10 20:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-10 09:15 . 2015-05-10 19:49 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-05-09 19:52 . 2015-05-09 19:55 -------- d-----w- C:\FRST
2015-05-08 14:57 . 2015-04-04 06:39 9201616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{097FBB93-13C3-426C-BBD2-5C7B5083BA27}\mpengine.dll
2015-05-01 13:44 . 2015-05-01 13:44 291312 ----a-w- c:\windows\system32\aswBoot.exe
2015-05-01 13:44 . 2015-05-01 13:44 43112 ----a-w- c:\windows\avastSS.scr
2015-04-15 00:06 . 2015-03-09 01:01 1249280 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 00:00 . 2015-03-05 02:24 297984 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 00:00 . 2015-03-05 02:32 244152 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 00:00 . 2015-03-05 02:23 57344 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-14 23:59 . 2015-03-14 02:21 1205168 ----a-w- c:\windows\system32\ntdll.dll
2015-04-14 23:59 . 2015-03-13 01:51 3604920 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-04-14 23:59 . 2015-03-13 01:51 3552184 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-01 13:44 . 2008-10-26 11:55 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-05-01 13:44 . 2014-05-04 17:32 24144 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-01 13:44 . 2013-03-18 09:39 49904 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-01 13:44 . 2013-03-18 09:39 209048 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-01 13:44 . 2008-10-26 12:02 427992 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-05-01 13:44 . 2008-10-26 11:55 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-05-01 13:44 . 2008-10-26 11:54 74976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-01 13:43 . 2011-04-14 19:39 787760 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-15 17:45 . 2012-04-05 06:05 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-15 17:45 . 2011-05-20 06:24 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-06 04:01 . 2015-03-11 11:51 279040 ----a-w- c:\windows\system32\schannel.dll
2015-02-26 00:18 . 2015-03-11 11:58 2064384 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:23 . 2009-10-03 06:50 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 02:03 . 2015-03-11 11:53 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 00:28 . 2015-03-11 11:53 296960 ----a-w- c:\windows\system32\atmfd.dll
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-01 13:43 645144 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"cz.seznam.software.autoupdate"="c:\users\tomdasa\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"Seznam Postak"="c:\users\tomdasa\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2008-01-22 81920]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2008-05-21 151552]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-12-14 295072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-01 5515496]
"CanonQuickMenu"="c:\program files\Canon\Quick Menu\CNQMMAIN.EXE" [2013-05-02 1282120]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2013-02-19 453736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2013-01-18 14:21 4133664 ------w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-01 10:50 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:45]
.
2015-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce1965350e35fb.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-08 11:55]
.
2015-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce19653588bd2b.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-08 11:55]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/
mStart Page = https://www.wolframalpha.com/?trackid=sp-005
mSearch Bar = https://www.wolframalpha.com/?trackid=sp-005
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Stáhnout pomocí Download &Express - c:\program files\Download Express\Add_Url.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
HKCU-Run-Nero MediaHome 4 - c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM-Run-SMail - c:\program files\Seznam\Postak\Postak.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-CamGuard Remote ActiveX_is1 - c:\program files\CamGuard Remote ActiveX\unins000.exe
AddRemove-{96642315-2a6e-42eb-9b57-c9d70f20c9e6} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-05-10 22:12
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2113988722-11527645-2074921056-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63246BAE-D620-5689-11E7-446D8D5A7DFC}*]
"ialibjkobnjihkjbpm"=hex:6b,61,61,62,65,70,6e,6e,6f,68,6a,61,6f,66,70,69,6b,6e,
6a,6b,6b,70,00,00
"jabeefhdnephpapmlobn"=hex:6b,61,61,62,65,70,6e,6e,6f,68,6a,61,6f,66,70,69,6b,
6e,6a,6b,6b,70,00,00
.
[HKEY_USERS\S-1-5-21-2113988722-11527645-2074921056-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:e7,9b,8b,f3,f8,18,c1,90,f6,30,35,7a,fa,23,60,60,99,8f,16,0e,f5,ff,7a,
bb,49,d5,37,dc,e6,9d,9e,95,43,47,87,05,71,73,2a,df,82,ab,41,fe,2f,f6,69,22,\
"??"=hex:25,73,49,b4,1f,86,4e,2e,54,3c,6b,5e,73,1c,58,29
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2015-05-10 22:15:28
ComboFix-quarantined-files.txt 2015-05-10 20:15
.
Před spuštěním: Volných bajtů: 78 316 503 040
Po spuštění: Volných bajtů: 78 375 735 296
.
- - End Of File - - 5F5C81F7EE2C0B264B600BA371AB179D
03BA8F890B47C0BE359A4D5A636D214D
ComboFix 15-05-09.01 - tomdasa 2015-05-10 22:03:39.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3582.2269 [GMT 2:00]
Spuštěný z: c:\users\tomdasa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-10 do 2015-05-10 )))))))))))))))))))))))))))))))
.
.
2015-05-10 20:12 . 2015-05-10 20:12 -------- d-----w- c:\users\tomdasa\AppData\Local\temp
2015-05-10 20:12 . 2015-05-10 20:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-05-10 20:12 . 2015-05-10 20:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-10 09:15 . 2015-05-10 19:49 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-05-09 19:52 . 2015-05-09 19:55 -------- d-----w- C:\FRST
2015-05-08 14:57 . 2015-04-04 06:39 9201616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{097FBB93-13C3-426C-BBD2-5C7B5083BA27}\mpengine.dll
2015-05-01 13:44 . 2015-05-01 13:44 291312 ----a-w- c:\windows\system32\aswBoot.exe
2015-05-01 13:44 . 2015-05-01 13:44 43112 ----a-w- c:\windows\avastSS.scr
2015-04-15 00:06 . 2015-03-09 01:01 1249280 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 00:00 . 2015-03-05 02:24 297984 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 00:00 . 2015-03-05 02:32 244152 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 00:00 . 2015-03-05 02:23 57344 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-14 23:59 . 2015-03-14 02:21 1205168 ----a-w- c:\windows\system32\ntdll.dll
2015-04-14 23:59 . 2015-03-13 01:51 3604920 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-04-14 23:59 . 2015-03-13 01:51 3552184 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-01 13:44 . 2008-10-26 11:55 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-05-01 13:44 . 2014-05-04 17:32 24144 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-01 13:44 . 2013-03-18 09:39 49904 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-01 13:44 . 2013-03-18 09:39 209048 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-01 13:44 . 2008-10-26 12:02 427992 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-05-01 13:44 . 2008-10-26 11:55 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-05-01 13:44 . 2008-10-26 11:54 74976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-01 13:43 . 2011-04-14 19:39 787760 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-15 17:45 . 2012-04-05 06:05 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-15 17:45 . 2011-05-20 06:24 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-06 04:01 . 2015-03-11 11:51 279040 ----a-w- c:\windows\system32\schannel.dll
2015-02-26 00:18 . 2015-03-11 11:58 2064384 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:23 . 2009-10-03 06:50 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 02:03 . 2015-03-11 11:53 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 00:28 . 2015-03-11 11:53 296960 ----a-w- c:\windows\system32\atmfd.dll
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-01 13:43 645144 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"cz.seznam.software.autoupdate"="c:\users\tomdasa\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"Seznam Postak"="c:\users\tomdasa\AppData\Roaming\Seznam.cz\bin\postak.exe" [2012-12-19 323752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2008-01-22 81920]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2008-05-21 151552]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-12-14 295072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-01 5515496]
"CanonQuickMenu"="c:\program files\Canon\Quick Menu\CNQMMAIN.EXE" [2013-05-02 1282120]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2013-02-19 453736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2013-01-18 14:21 4133664 ------w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-01 10:50 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:45]
.
2015-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce1965350e35fb.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-08 11:55]
.
2015-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce19653588bd2b.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-08 11:55]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/
mStart Page = https://www.wolframalpha.com/?trackid=sp-005
mSearch Bar = https://www.wolframalpha.com/?trackid=sp-005
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Stáhnout pomocí Download &Express - c:\program files\Download Express\Add_Url.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
HKCU-Run-Nero MediaHome 4 - c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM-Run-SMail - c:\program files\Seznam\Postak\Postak.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-CamGuard Remote ActiveX_is1 - c:\program files\CamGuard Remote ActiveX\unins000.exe
AddRemove-{96642315-2a6e-42eb-9b57-c9d70f20c9e6} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-05-10 22:12
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2113988722-11527645-2074921056-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63246BAE-D620-5689-11E7-446D8D5A7DFC}*]
"ialibjkobnjihkjbpm"=hex:6b,61,61,62,65,70,6e,6e,6f,68,6a,61,6f,66,70,69,6b,6e,
6a,6b,6b,70,00,00
"jabeefhdnephpapmlobn"=hex:6b,61,61,62,65,70,6e,6e,6f,68,6a,61,6f,66,70,69,6b,
6e,6a,6b,6b,70,00,00
.
[HKEY_USERS\S-1-5-21-2113988722-11527645-2074921056-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:e7,9b,8b,f3,f8,18,c1,90,f6,30,35,7a,fa,23,60,60,99,8f,16,0e,f5,ff,7a,
bb,49,d5,37,dc,e6,9d,9e,95,43,47,87,05,71,73,2a,df,82,ab,41,fe,2f,f6,69,22,\
"??"=hex:25,73,49,b4,1f,86,4e,2e,54,3c,6b,5e,73,1c,58,29
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2015-05-10 22:15:28
ComboFix-quarantined-files.txt 2015-05-10 20:15
.
Před spuštěním: Volných bajtů: 78 316 503 040
Po spuštění: Volných bajtů: 78 375 735 296
.
- - End Of File - - 5F5C81F7EE2C0B264B600BA371AB179D
03BA8F890B47C0BE359A4D5A636D214D
Re: Prosím o kontrolu logu, nejde vypnutí a restart
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
KillAll::
Folder::
c:\program files\Malwarebytes Anti-Malware
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=-
"cz.seznam.software.autoupdate"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateReg"=-
"HP Software Update"=-
"RemoteControl"=-
"TkBellExe"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000000
Regnull::
[HKEY_USERS\S-1-5-21-2113988722-11527645-2074921056-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{63246BAE-D620-5689-11E7-446D8D5A7DFC}*]
[HKEY_USERS\S-1-5-21-2113988722-11527645-2074921056-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
DDS::
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Reboot::Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, nejde vypnutí a restart
combofix píše prosím čekejte.
combofix se připravuje ke spuštění.
vyskočila hláška a ní je
zkoušeli jste aplikovat CFScript?
název CFScript se zdá být nesprávně hláskovaný.
jak dále
combofix se připravuje ke spuštění.
vyskočila hláška a ní je
zkoušeli jste aplikovat CFScript?
název CFScript se zdá být nesprávně hláskovaný.
jak dále
Přispějete na provoz fóra?