Poprosil by som o kontrolu logu RSIT, neviem ci mam poskodenu sietovu kartu alebo zblbol winXP, na NB mi internet po zapichnuti kalbla ide, ked ho dam do stolneho pc tak uz nie. nenajde vychodziu branu, Menil som dodavatela a isiel v pohode aj na stolnom pc a zrazu prestal ist, ESET mi virus nenasiel, skusal som aj odinstalovat ovladac karty a aj obnovit win k starsiemu datumu ale neuspesne ako keby zamrzol, resp. system neodpoveda, ale po tom obnoveni win ktore nebolo uspesne mi isiel net asi tak hodinu a zase sa stratilo spojenie, v com moze byt problem?? dakujem, prikladam log z RSIT aj z prikazu ipconfig
log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by JST CORP at 2015-09-22 16:58:56
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (36%) free of 50 GB
Total RAM: 1023 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:13, on 22. 9. 2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\USB Safely Remove\USBSRService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Downloads\programy\RSIT.exe
C:\Program Files\trend micro\JST CORP.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6234333765
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Crystal Rich Ltd - C:\Program Files\USB Safely Remove\USBSRService.exe
--
End of file - 7518 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GlaryInitialize 5.job
C:\WINDOWS\tasks\GlaryUpdate 5.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\JST CORP\Data aplikací\Mozilla\Firefox\Profiles\ormkuzi4.default
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"razer"=C:\Program Files\Razer\Copperhead\razerhid.exe [2005-09-06 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5089480]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-08-05 2020704]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2014-07-02 15724320]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2014-07-02 2593056]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"GUDelayStartup"=C:\Program Files\Glary Utilities 5\StartupManager.exe [2015-02-02 37152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe [2015-08-22 1156296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"midi"=wdmaud.drv
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-22 15:17:28 ----SHD---- C:\Config.Msi
2015-08-28 20:21:09 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-22 16:59:01 ----D---- C:\Program Files\trend micro
2015-09-22 16:14:09 ----D---- C:\WINDOWS\Temp
2015-09-22 15:42:17 ----D---- C:\WINDOWS\system32
2015-09-22 15:23:27 ----D---- C:\WINDOWS\Prefetch
2015-09-22 15:22:37 ----D---- C:\WINDOWS
2015-09-22 15:19:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-09-22 15:19:44 ----D---- C:\WINDOWS\system32\drivers
2015-09-22 15:19:17 ----SHD---- C:\WINDOWS\Installer
2015-09-22 15:18:52 ----HD---- C:\WINDOWS\inf
2015-09-22 15:17:29 ----D---- C:\WINDOWS\system32\CatRoot2
2015-09-22 13:45:29 ----D---- C:\WINDOWS\system32\Restore
2015-09-22 12:39:59 ----D---- C:\Documents and Settings\JST CORP\Data aplikací\GlarySoft
2015-09-22 12:18:48 ----D---- C:\WINDOWS\system32\NtmsData
2015-09-20 20:40:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-20 20:38:53 ----D---- C:\WINDOWS\security
2015-09-20 20:32:06 ----D---- C:\WINDOWS\network diagnostic
2015-09-20 20:24:17 ----D---- C:\WINDOWS\Debug
2015-09-19 10:10:56 ----RD---- C:\Program Files
2015-09-19 10:10:49 ----SD---- C:\WINDOWS\Tasks
2015-09-17 17:41:46 ----D---- C:\Documents and Settings\JST CORP\Data aplikací\DiskDefrag
2015-09-09 16:44:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-09-09 16:41:28 ----D---- C:\WINDOWS\system32\MRT
2015-09-05 10:38:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-08-29 09:12:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-08-26 18:36:06 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BootDefragDriver;BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [2014-06-16 14784]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-11-03 86144]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38400]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2015-07-14 71888]
R1 GUBootStartup;GUBootStartup; \??\C:\WINDOWS\System32\drivers\GUBootStartup.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-07-14 185176]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2007-04-27 90688]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2015-07-14 48192]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2014-07-02 12695512]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-11-11 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-11-11 12928]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-01-22 9856]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-04-03 691696]
S1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 Razerlow;Razer Copperhead Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 BBDemon;Backbone Service; C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [2009-09-26 36864]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2003-05-23 106496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-07-08 1353720]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2014-07-02 157144]
R2 USBSafelyRemoveService;USB Safely Remove Assistant; C:\Program Files\USB Safely Remove\USBSRService.exe [2013-03-13 1035576]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-22 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2012-01-21 85096]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
ipconfig:
Microsoft Windows XP [Verze 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\JST CORP>ipconfig/all
Konfigurace protokolu IP systému Windows
Název hostitele . . . . . . . . . : jst
Primární přípona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : neznámý
Povoleno směrování IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne
Adaptér sítě Ethernet Připojení k místní síti:
Přípona DNS podle připojení . . . :
Popis . . . . . . . . . . . . . . : NVIDIA nForce Networking Controller
Fyzická Adresa. . . . . . . . . . : 00-11-D8-C0-8C-27
Protokol DHCP povolen . . . . . . : Ano
Automatická konfigurace povolena : Ano
IP Adresa automatické konfigurace : 169.254.199.215
Maska podsítě . . . . . . . . . . : 255.255.0.0
Adresa IP . . . . . . . . . . . . : fe80::211:d8ff:fec0:8c27%4
Výchozí brána . . . . . . . . . . :
Servery DNS . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
Adaptér pro tunelové připojení Teredo Tunneling Pseudo-Interface:
Přípona DNS podle připojení . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzická Adresa. . . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
Protokol DHCP povolen . . . . . . : Ne
Adresa IP . . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
Výchozí brána . . . . . . . . . . :
NetBIOS nad TCP/IP. . . . . . . . : zakázáno
Adaptér pro tunelové připojení Automatic Tunneling Pseudo-Interface:
Přípona DNS podle připojení . . . :
Popis . . . . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
Fyzická Adresa. . . . . . . . . . : A9-FE-C7-D7
Protokol DHCP povolen . . . . . . : Ne
Adresa IP . . . . . . . . . . . . : fe80::5efe:169.254.199.215%2
Výchozí brána . . . . . . . . . . :
Servery DNS . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS nad TCP/IP. . . . . . . . : zakázáno
C:\Documents and Settings\JST CORP>
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
poskodena sietova karta???
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: poskodena sietova karta???
prikladam este aj log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by JST CORP (administrator) on JST (22-09-2015 17:27:51)
Running from C:\Documents and Settings\JST CORP\Plocha
Loaded Profiles: JST CORP (Available Profiles: JST CORP)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Crystal Rich Ltd) C:\Program Files\USB Safely Remove\USBSRService.exe
() C:\Program Files\Razer\Copperhead\razerhid.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Razer Inc.) C:\Program Files\Razer\Copperhead\razerofa.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [razer] => C:\Program Files\Razer\Copperhead\razerhid.exe [155648 2005-09-06] ()
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2004-11-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480 2015-07-08] (ESET)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-861567501-484061587-682003330-1003\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-861567501-484061587-682003330-1003\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe [1156296 2015-08-22] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2006-03-02] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli scecli scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk [2014-10-05]
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk [2015-07-30]
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-861567501-484061587-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1358592802203
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Handler: WSWSVCUchrome - No CLSID Value -
FireFox:
========
FF ProfilePath: C:\Documents and Settings\JST CORP\Data aplikací\Mozilla\Firefox\Profiles\ormkuzi4.default
FF Homepage: hxxp://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-22] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\JST CORP\Data aplikací\Mozilla\Firefox\Profiles\ormkuzi4.default\user.js [2012-12-30]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 BBDemon; C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [36864 2009-09-26] (Dassault Systemes) [File not signed]
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [106496 2003-05-23] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720 2015-07-08] (ESET)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 USBSafelyRemoveService; C:\Program Files\USB Safely Remove\USBSRService.exe [1035576 2013-03-13] (Crystal Rich Ltd)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2297664 2004-11-17] (Realtek Semiconductor Corp.)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-06-16] (Glarysoft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [202704 2015-07-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [144536 2015-07-14] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [185176 2015-07-14] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [48192 2015-07-14] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [71888 2015-07-14] (ESET)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2015-02-03] (Glarysoft Ltd)
R1 LUMDriver; C:\WINDOWS\system32\drivers\LUMDriver.sys [16688 2007-04-24] (IBM)
R1 meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [90416 2003-10-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [86144 2004-11-03] (NVIDIA Corporation) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2003-01-22] (Padus, Inc.) [File not signed]
S3 Razerlow; C:\WINDOWS\System32\Drivers\Razerlow.sys [19020 2005-08-12] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-04-03] (Duplex Secure Ltd.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
U5 ASInsHelp; C:\WINDOWS\system32\drivers\AsInsHelp32.sys [3328 2004-03-10] () [File not signed]
U5 AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [4962 2004-10-14] () [File not signed]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
U5 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
U5 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2012-04-06] (Aladdin Knowledge Systems) [File not signed]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 17:27 - 2015-09-22 17:28 - 00012994 _____ C:\Documents and Settings\JST CORP\Plocha\FRST.txt
2015-09-22 17:27 - 2015-09-22 17:27 - 00000000 ____D C:\FRST
2015-09-22 17:22 - 2015-09-22 17:22 - 01695232 _____ (Farbar) C:\Documents and Settings\JST CORP\Plocha\FRST.exe
2015-09-22 17:22 - 2015-09-22 17:22 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
2015-09-22 12:16 - 2015-09-22 12:16 - 00000000 ____D C:\Documents and Settings\All Users\GlarySoft
2015-09-20 20:29 - 2015-09-22 15:18 - 00017031 _____ C:\WINDOWS\setupapi.log
2015-09-20 20:27 - 2015-09-20 20:27 - 00001530 _____ C:\Documents and Settings\JST CORP\Dokumenty\cc_20150920_202703.reg
2015-09-19 20:01 - 2015-09-20 17:56 - 00205000 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-08-28 20:21 - 2015-08-28 20:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 17:28 - 2012-12-30 11:02 - 00000000 ____D C:\Documents and Settings\JST CORP\Local Settings\temp
2015-09-22 17:27 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP\Plocha
2015-09-22 17:26 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Local Settings\Data aplikací
2015-09-22 16:59 - 2012-12-24 19:44 - 00000000 ____D C:\Program Files\trend micro
2015-09-22 16:56 - 2012-12-28 11:43 - 01995329 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-22 16:15 - 2013-06-30 14:13 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 15:43 - 2012-12-28 11:43 - 00000282 _____ C:\WINDOWS\wiadebug.log
2015-09-22 15:41 - 2012-04-21 10:41 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-22 15:32 - 2015-07-30 22:10 - 00001906 _____ C:\WINDOWS\system32\nvAppTimestamps
2015-09-22 15:24 - 2012-03-25 20:10 - 00002521 _____ C:\Documents and Settings\JST CORP\Plocha\Outlook.lnk
2015-09-22 15:22 - 2014-06-19 17:36 - 00000322 _____ C:\WINDOWS\Tasks\GlaryInitialize 5.job
2015-09-22 15:22 - 2006-03-02 14:00 - 00013670 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-22 15:21 - 2014-03-08 08:50 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-22 15:21 - 2013-06-30 14:13 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 15:21 - 2012-12-28 11:43 - 00000051 _____ C:\WINDOWS\wiaservc.log
2015-09-22 15:21 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Šablony
2015-09-22 15:21 - 2012-01-14 19:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 15:19 - 2012-01-14 19:42 - 00000178 ___SH C:\Documents and Settings\JST CORP\ntuser.ini
2015-09-22 15:19 - 2012-01-14 19:41 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-22 15:12 - 2012-01-14 19:44 - 01475600 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2015-09-22 15:12 - 2012-01-14 19:44 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2015-09-22 13:46 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP
2015-09-22 13:45 - 2012-01-14 20:25 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-09-22 13:45 - 2012-01-14 19:34 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-09-22 12:39 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\GlarySoft
2015-09-22 12:18 - 2012-12-30 14:29 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-09-20 20:40 - 2012-01-14 20:26 - 01193206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-20 20:38 - 2012-01-14 20:18 - 00000000 ____D C:\WINDOWS\security
2015-09-20 20:27 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty
2015-09-20 17:56 - 2012-01-14 19:41 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-09-20 09:46 - 2014-11-23 17:48 - 00045104 _____ C:\Documents and Settings\JST CORP\Plocha\Vydavky_JT.xlsx
2015-09-20 09:24 - 2012-03-25 20:09 - 00002563 _____ C:\Documents and Settings\JST CORP\Plocha\Microsoft Office Word 2007.lnk
2015-09-19 10:57 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty\Obrázky
2015-09-18 18:37 - 2012-02-18 10:07 - 00039267 _____ C:\Documents and Settings\JST CORP\Plocha\poznamky.txt
2015-09-17 19:32 - 2012-01-14 19:41 - 00000042 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2015-09-17 17:41 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\DiskDefrag
2015-09-16 19:35 - 2012-01-14 19:44 - 01475108 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2015-09-10 06:48 - 2012-01-22 12:18 - 00101888 _____ C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-09 16:44 - 2012-01-14 21:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-09-09 16:41 - 2013-07-14 14:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 10:29 - 2014-03-08 08:50 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-06 10:02 - 2014-06-19 17:52 - 00000382 _____ C:\WINDOWS\Tasks\GlaryUpdate 5.job
2015-09-05 13:02 - 2013-01-19 10:14 - 00232759 _____ C:\acadminidump.dmp
2015-09-05 10:38 - 2014-11-05 18:37 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-08-29 09:12 - 2015-07-12 13:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-26 18:36 - 2012-01-15 16:14 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2012-01-22 12:18 - 2015-09-10 06:48 - 0101888 _____ () C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GlaryUpdate 5.job => C:\Program Files\Glary Utilities 5\CheckUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
==================== Security Center ==================
AV: ESET Smart Security 8.0 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personálny Firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\JST CORP\Plocha" je 817 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by JST CORP (administrator) on JST (22-09-2015 17:27:51)
Running from C:\Documents and Settings\JST CORP\Plocha
Loaded Profiles: JST CORP (Available Profiles: JST CORP)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Crystal Rich Ltd) C:\Program Files\USB Safely Remove\USBSRService.exe
() C:\Program Files\Razer\Copperhead\razerhid.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Razer Inc.) C:\Program Files\Razer\Copperhead\razerofa.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [razer] => C:\Program Files\Razer\Copperhead\razerhid.exe [155648 2005-09-06] ()
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2004-11-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480 2015-07-08] (ESET)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-861567501-484061587-682003330-1003\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-861567501-484061587-682003330-1003\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe [1156296 2015-08-22] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2006-03-02] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli scecli scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk [2014-10-05]
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk [2015-07-30]
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-861567501-484061587-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1358592802203
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Handler: WSWSVCUchrome - No CLSID Value -
FireFox:
========
FF ProfilePath: C:\Documents and Settings\JST CORP\Data aplikací\Mozilla\Firefox\Profiles\ormkuzi4.default
FF Homepage: hxxp://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-22] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\JST CORP\Data aplikací\Mozilla\Firefox\Profiles\ormkuzi4.default\user.js [2012-12-30]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 BBDemon; C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [36864 2009-09-26] (Dassault Systemes) [File not signed]
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [106496 2003-05-23] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720 2015-07-08] (ESET)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 USBSafelyRemoveService; C:\Program Files\USB Safely Remove\USBSRService.exe [1035576 2013-03-13] (Crystal Rich Ltd)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2297664 2004-11-17] (Realtek Semiconductor Corp.)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-06-16] (Glarysoft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [202704 2015-07-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [144536 2015-07-14] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [185176 2015-07-14] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [48192 2015-07-14] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [71888 2015-07-14] (ESET)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2015-02-03] (Glarysoft Ltd)
R1 LUMDriver; C:\WINDOWS\system32\drivers\LUMDriver.sys [16688 2007-04-24] (IBM)
R1 meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [90416 2003-10-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [86144 2004-11-03] (NVIDIA Corporation) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2003-01-22] (Padus, Inc.) [File not signed]
S3 Razerlow; C:\WINDOWS\System32\Drivers\Razerlow.sys [19020 2005-08-12] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-04-03] (Duplex Secure Ltd.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
U5 ASInsHelp; C:\WINDOWS\system32\drivers\AsInsHelp32.sys [3328 2004-03-10] () [File not signed]
U5 AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [4962 2004-10-14] () [File not signed]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
U5 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
U5 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2012-04-06] (Aladdin Knowledge Systems) [File not signed]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 17:27 - 2015-09-22 17:28 - 00012994 _____ C:\Documents and Settings\JST CORP\Plocha\FRST.txt
2015-09-22 17:27 - 2015-09-22 17:27 - 00000000 ____D C:\FRST
2015-09-22 17:22 - 2015-09-22 17:22 - 01695232 _____ (Farbar) C:\Documents and Settings\JST CORP\Plocha\FRST.exe
2015-09-22 17:22 - 2015-09-22 17:22 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
2015-09-22 12:16 - 2015-09-22 12:16 - 00000000 ____D C:\Documents and Settings\All Users\GlarySoft
2015-09-20 20:29 - 2015-09-22 15:18 - 00017031 _____ C:\WINDOWS\setupapi.log
2015-09-20 20:27 - 2015-09-20 20:27 - 00001530 _____ C:\Documents and Settings\JST CORP\Dokumenty\cc_20150920_202703.reg
2015-09-19 20:01 - 2015-09-20 17:56 - 00205000 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-08-28 20:21 - 2015-08-28 20:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 17:28 - 2012-12-30 11:02 - 00000000 ____D C:\Documents and Settings\JST CORP\Local Settings\temp
2015-09-22 17:27 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP\Plocha
2015-09-22 17:26 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Local Settings\Data aplikací
2015-09-22 16:59 - 2012-12-24 19:44 - 00000000 ____D C:\Program Files\trend micro
2015-09-22 16:56 - 2012-12-28 11:43 - 01995329 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-22 16:15 - 2013-06-30 14:13 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 15:43 - 2012-12-28 11:43 - 00000282 _____ C:\WINDOWS\wiadebug.log
2015-09-22 15:41 - 2012-04-21 10:41 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-22 15:32 - 2015-07-30 22:10 - 00001906 _____ C:\WINDOWS\system32\nvAppTimestamps
2015-09-22 15:24 - 2012-03-25 20:10 - 00002521 _____ C:\Documents and Settings\JST CORP\Plocha\Outlook.lnk
2015-09-22 15:22 - 2014-06-19 17:36 - 00000322 _____ C:\WINDOWS\Tasks\GlaryInitialize 5.job
2015-09-22 15:22 - 2006-03-02 14:00 - 00013670 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-22 15:21 - 2014-03-08 08:50 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-22 15:21 - 2013-06-30 14:13 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 15:21 - 2012-12-28 11:43 - 00000051 _____ C:\WINDOWS\wiaservc.log
2015-09-22 15:21 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Šablony
2015-09-22 15:21 - 2012-01-14 19:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 15:19 - 2012-01-14 19:42 - 00000178 ___SH C:\Documents and Settings\JST CORP\ntuser.ini
2015-09-22 15:19 - 2012-01-14 19:41 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-22 15:12 - 2012-01-14 19:44 - 01475600 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2015-09-22 15:12 - 2012-01-14 19:44 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2015-09-22 13:46 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP
2015-09-22 13:45 - 2012-01-14 20:25 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-09-22 13:45 - 2012-01-14 19:34 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-09-22 12:39 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\GlarySoft
2015-09-22 12:18 - 2012-12-30 14:29 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-09-20 20:40 - 2012-01-14 20:26 - 01193206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-20 20:38 - 2012-01-14 20:18 - 00000000 ____D C:\WINDOWS\security
2015-09-20 20:27 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty
2015-09-20 17:56 - 2012-01-14 19:41 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-09-20 09:46 - 2014-11-23 17:48 - 00045104 _____ C:\Documents and Settings\JST CORP\Plocha\Vydavky_JT.xlsx
2015-09-20 09:24 - 2012-03-25 20:09 - 00002563 _____ C:\Documents and Settings\JST CORP\Plocha\Microsoft Office Word 2007.lnk
2015-09-19 10:57 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty\Obrázky
2015-09-18 18:37 - 2012-02-18 10:07 - 00039267 _____ C:\Documents and Settings\JST CORP\Plocha\poznamky.txt
2015-09-17 19:32 - 2012-01-14 19:41 - 00000042 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2015-09-17 17:41 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\DiskDefrag
2015-09-16 19:35 - 2012-01-14 19:44 - 01475108 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2015-09-10 06:48 - 2012-01-22 12:18 - 00101888 _____ C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-09 16:44 - 2012-01-14 21:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-09-09 16:41 - 2013-07-14 14:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 10:29 - 2014-03-08 08:50 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-06 10:02 - 2014-06-19 17:52 - 00000382 _____ C:\WINDOWS\Tasks\GlaryUpdate 5.job
2015-09-05 13:02 - 2013-01-19 10:14 - 00232759 _____ C:\acadminidump.dmp
2015-09-05 10:38 - 2014-11-05 18:37 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-08-29 09:12 - 2015-07-12 13:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-26 18:36 - 2012-01-15 16:14 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2012-01-22 12:18 - 2015-09-10 06:48 - 0101888 _____ () C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GlaryUpdate 5.job => C:\Program Files\Glary Utilities 5\CheckUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
==================== Security Center ==================
AV: ESET Smart Security 8.0 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personálny Firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\JST CORP\Plocha" je 817 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (7.93 KiB) Staženo 49 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: poskodena sietova karta???
Zdravím!
Zkuste použít LSPFix: http://www.stahuj.centrum.cz/internet_a ... ni/lspfix/ .
Zkuste použít LSPFix: http://www.stahuj.centrum.cz/internet_a ... ni/lspfix/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: poskodena sietova karta???
Možná je opravdu poškozena síť karta. Zkusíme to vyčistit. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: poskodena sietova karta???
logy som zbalil do raru
ku tej karte: ked zasuniem kabel blika dioda, neviem preco neche najst cislo vychozi brany, da sa nejako natvrdo odinstalovat ovladac tej karty?? lebo mne sa to manualne nepodarilo, zamrzlo to
ku tej karte: ked zasuniem kabel blika dioda, neviem preco neche najst cislo vychozi brany, da sa nejako natvrdo odinstalovat ovladac tej karty?? lebo mne sa to manualne nepodarilo, zamrzlo to
- Přílohy
-
- AdwCleaner.rar
- (3.22 KiB) Staženo 53 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: poskodena sietova karta???
Ano, lze. Otevřte Správce zařízení a na síť. kartu klikněte pravým myšítke. Dejte odebrat (odinstalovat). Pak restartujte a při novém načte karta najde ovladač. Pak vyzkoušejte funkci.stan87 píše: ...ku tej karte: ked zasuniem kabel blika dioda, neviem preco neche najst cislo vychozi brany, da sa nejako natvrdo odinstalovat ovladac tej karty?? lebo mne sa to manualne nepodarilo, zamrzlo to
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: poskodena sietova karta???
ok tentoraz mi to islo ten ovladac tymto postupom odinstalovat, vychodzia brana stale neznama 
- to je vlastne ip modemu?? je problem niekde medzi tou krabickou a mojim pc? predpoklad je ze v pc je asi chyba, kedze net ide na nb
frst log :
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by JST CORP (administrator) on JST (22-09-2015 21:36:19)
Running from C:\Documents and Settings\JST CORP\Plocha
Loaded Profiles: JST CORP (Available Profiles: JST CORP)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Crystal Rich Ltd) C:\Program Files\USB Safely Remove\USBSRService.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\Razer\Copperhead\razerhid.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Razer Inc.) C:\Program Files\Razer\Copperhead\razerofa.exe
(forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [razer] => C:\Program Files\Razer\Copperhead\razerhid.exe [155648 2005-09-06] ()
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2004-11-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480 2015-07-08] (ESET)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-861567501-484061587-682003330-1003\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-02-02] (Glarysoft Ltd)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2006-03-02] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli scecli scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk [2014-10-05]
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk [2015-07-30]
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-861567501-484061587-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1358592802203
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Handler: WSWSVCUchrome - No CLSID Value -
FireFox:
========
FF ProfilePath: C:\Documents and Settings\JST CORP\Data aplikací\Mozilla\Firefox\Profiles\ormkuzi4.default
FF Homepage: hxxp://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-22] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 BBDemon; C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [36864 2009-09-26] (Dassault Systemes) [File not signed]
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [106496 2003-05-23] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720 2015-07-08] (ESET)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 USBSafelyRemoveService; C:\Program Files\USB Safely Remove\USBSRService.exe [1035576 2013-03-13] (Crystal Rich Ltd)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2297664 2004-11-17] (Realtek Semiconductor Corp.)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-06-16] (Glarysoft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [202704 2015-07-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [144536 2015-07-14] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [185176 2015-07-14] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [48192 2015-07-14] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [71888 2015-07-14] (ESET)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2015-02-03] (Glarysoft Ltd)
R1 LUMDriver; C:\WINDOWS\system32\drivers\LUMDriver.sys [16688 2007-04-24] (IBM)
R1 meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [90416 2003-10-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [86144 2004-11-03] (NVIDIA Corporation) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2003-01-22] (Padus, Inc.) [File not signed]
S3 Razerlow; C:\WINDOWS\System32\Drivers\Razerlow.sys [19020 2005-08-12] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-04-03] (Duplex Secure Ltd.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
U5 ASInsHelp; C:\WINDOWS\system32\drivers\AsInsHelp32.sys [3328 2004-03-10] () [File not signed]
U5 AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [4962 2004-10-14] () [File not signed]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
U5 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
U5 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2012-04-06] (Aladdin Knowledge Systems) [File not signed]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 20:02 - 2015-09-22 20:11 - 00000000 ____D C:\AdwCleaner
2015-09-22 19:59 - 2015-09-22 19:59 - 01662976 _____ C:\Documents and Settings\JST CORP\Plocha\adwcleaner_5.008.exe
2015-09-22 18:23 - 2015-09-22 18:23 - 03932214 _____ C:\Documents and Settings\JST CORP\Plocha\lsp.bmp
2015-09-22 18:21 - 2015-09-22 18:21 - 00000000 ____D C:\Documents and Settings\JST CORP\Plocha\lspfix
2015-09-22 18:19 - 2015-09-22 18:18 - 00201030 _____ C:\Documents and Settings\JST CORP\Plocha\lspfix.zip
2015-09-22 17:27 - 2015-09-22 21:36 - 00012307 _____ C:\Documents and Settings\JST CORP\Plocha\FRST.txt
2015-09-22 17:27 - 2015-09-22 21:36 - 00000000 ____D C:\FRST
2015-09-22 17:22 - 2015-09-22 17:22 - 01695232 _____ (Farbar) C:\Documents and Settings\JST CORP\Plocha\FRST.exe
2015-09-22 17:22 - 2015-09-22 17:22 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
2015-09-22 12:16 - 2015-09-22 12:16 - 00000000 ____D C:\Documents and Settings\All Users\GlarySoft
2015-09-20 20:29 - 2015-09-22 21:20 - 00030116 _____ C:\WINDOWS\setupapi.log
2015-09-20 20:27 - 2015-09-20 20:27 - 00001530 _____ C:\Documents and Settings\JST CORP\Dokumenty\cc_20150920_202703.reg
2015-09-19 20:01 - 2015-09-20 17:56 - 00205000 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-08-28 20:21 - 2015-08-28 20:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 21:36 - 2012-12-30 11:02 - 00000000 ____D C:\Documents and Settings\JST CORP\Local Settings\temp
2015-09-22 21:36 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Local Settings\Data aplikací
2015-09-22 21:36 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP\Plocha
2015-09-22 21:30 - 2014-06-19 17:36 - 00000322 _____ C:\WINDOWS\Tasks\GlaryInitialize 5.job
2015-09-22 21:30 - 2012-12-28 11:43 - 02015298 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-22 21:30 - 2006-03-02 14:00 - 00013670 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-22 21:29 - 2014-03-08 08:50 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-22 21:29 - 2013-06-30 14:13 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 21:29 - 2012-12-28 11:43 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-09-22 21:29 - 2012-12-28 11:43 - 00000051 _____ C:\WINDOWS\wiaservc.log
2015-09-22 21:29 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Šablony
2015-09-22 21:29 - 2012-01-14 19:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 21:27 - 2012-01-14 19:42 - 00000178 ___SH C:\Documents and Settings\JST CORP\ntuser.ini
2015-09-22 21:27 - 2012-01-14 19:41 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-22 21:16 - 2013-06-30 14:13 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 16:59 - 2012-12-24 19:44 - 00000000 ____D C:\Program Files\trend micro
2015-09-22 15:41 - 2012-04-21 10:41 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-22 15:32 - 2015-07-30 22:10 - 00001906 _____ C:\WINDOWS\system32\nvAppTimestamps
2015-09-22 15:24 - 2012-03-25 20:10 - 00002521 _____ C:\Documents and Settings\JST CORP\Plocha\Outlook.lnk
2015-09-22 15:12 - 2012-01-14 19:44 - 01475600 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2015-09-22 15:12 - 2012-01-14 19:44 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2015-09-22 13:46 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP
2015-09-22 13:45 - 2012-01-14 20:25 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-09-22 13:45 - 2012-01-14 19:34 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-09-22 12:39 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\GlarySoft
2015-09-22 12:18 - 2012-12-30 14:29 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-09-20 20:40 - 2012-01-14 20:26 - 01193206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-20 20:38 - 2012-01-14 20:18 - 00000000 ____D C:\WINDOWS\security
2015-09-20 20:27 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty
2015-09-20 17:56 - 2012-01-14 19:41 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-09-20 09:46 - 2014-11-23 17:48 - 00045104 _____ C:\Documents and Settings\JST CORP\Plocha\Vydavky_JT.xlsx
2015-09-20 09:24 - 2012-03-25 20:09 - 00002563 _____ C:\Documents and Settings\JST CORP\Plocha\Microsoft Office Word 2007.lnk
2015-09-19 10:57 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty\Obrázky
2015-09-18 18:37 - 2012-02-18 10:07 - 00039267 _____ C:\Documents and Settings\JST CORP\Plocha\poznamky.txt
2015-09-17 19:32 - 2012-01-14 19:41 - 00000042 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2015-09-17 17:41 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\DiskDefrag
2015-09-16 19:35 - 2012-01-14 19:44 - 01475108 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2015-09-10 06:48 - 2012-01-22 12:18 - 00101888 _____ C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-09 16:44 - 2012-01-14 21:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-09-09 16:41 - 2013-07-14 14:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 10:29 - 2014-03-08 08:50 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-06 10:02 - 2014-06-19 17:52 - 00000382 _____ C:\WINDOWS\Tasks\GlaryUpdate 5.job
2015-09-05 13:02 - 2013-01-19 10:14 - 00232759 _____ C:\acadminidump.dmp
2015-09-05 10:38 - 2014-11-05 18:37 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-08-29 09:12 - 2015-07-12 13:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-26 18:36 - 2012-01-15 16:14 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2012-01-22 12:18 - 2015-09-10 06:48 - 0101888 _____ () C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\JST CORP\Local Settings\temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GlaryUpdate 5.job => C:\Program Files\Glary Utilities 5\CheckUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
==================== Security Center ==================
AV: ESET Smart Security 8.0 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personálny Firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\JST CORP\Plocha" je 823 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
- to je vlastne ip modemu?? je problem niekde medzi tou krabickou a mojim pc? predpoklad je ze v pc je asi chyba, kedze net ide na nbfrst log :
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by JST CORP (administrator) on JST (22-09-2015 21:36:19)
Running from C:\Documents and Settings\JST CORP\Plocha
Loaded Profiles: JST CORP (Available Profiles: JST CORP)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Crystal Rich Ltd) C:\Program Files\USB Safely Remove\USBSRService.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\Razer\Copperhead\razerhid.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Razer Inc.) C:\Program Files\Razer\Copperhead\razerofa.exe
(forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [razer] => C:\Program Files\Razer\Copperhead\razerhid.exe [155648 2005-09-06] ()
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2004-11-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480 2015-07-08] (ESET)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-861567501-484061587-682003330-1003\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-02-02] (Glarysoft Ltd)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2006-03-02] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli scecli scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\JST CORP\Data aplikací\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk [2014-10-05]
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk [2015-07-30]
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-861567501-484061587-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-861567501-484061587-682003330-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1358592802203
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Handler: WSWSVCUchrome - No CLSID Value -
FireFox:
========
FF ProfilePath: C:\Documents and Settings\JST CORP\Data aplikací\Mozilla\Firefox\Profiles\ormkuzi4.default
FF Homepage: hxxp://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-22] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 BBDemon; C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe [36864 2009-09-26] (Dassault Systemes) [File not signed]
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [106496 2003-05-23] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720 2015-07-08] (ESET)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 USBSafelyRemoveService; C:\Program Files\USB Safely Remove\USBSRService.exe [1035576 2013-03-13] (Crystal Rich Ltd)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2297664 2004-11-17] (Realtek Semiconductor Corp.)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-06-16] (Glarysoft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [202704 2015-07-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [144536 2015-07-14] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [185176 2015-07-14] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [48192 2015-07-14] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [71888 2015-07-14] (ESET)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2015-02-03] (Glarysoft Ltd)
R1 LUMDriver; C:\WINDOWS\system32\drivers\LUMDriver.sys [16688 2007-04-24] (IBM)
R1 meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [90416 2003-10-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [86144 2004-11-03] (NVIDIA Corporation) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2004-11-11] (NVIDIA Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2003-01-22] (Padus, Inc.) [File not signed]
S3 Razerlow; C:\WINDOWS\System32\Drivers\Razerlow.sys [19020 2005-08-12] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-04-03] (Duplex Secure Ltd.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
U5 ASInsHelp; C:\WINDOWS\system32\drivers\AsInsHelp32.sys [3328 2004-03-10] () [File not signed]
U5 AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [4962 2004-10-14] () [File not signed]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
U5 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
U5 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2012-04-06] (Aladdin Knowledge Systems) [File not signed]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 20:02 - 2015-09-22 20:11 - 00000000 ____D C:\AdwCleaner
2015-09-22 19:59 - 2015-09-22 19:59 - 01662976 _____ C:\Documents and Settings\JST CORP\Plocha\adwcleaner_5.008.exe
2015-09-22 18:23 - 2015-09-22 18:23 - 03932214 _____ C:\Documents and Settings\JST CORP\Plocha\lsp.bmp
2015-09-22 18:21 - 2015-09-22 18:21 - 00000000 ____D C:\Documents and Settings\JST CORP\Plocha\lspfix
2015-09-22 18:19 - 2015-09-22 18:18 - 00201030 _____ C:\Documents and Settings\JST CORP\Plocha\lspfix.zip
2015-09-22 17:27 - 2015-09-22 21:36 - 00012307 _____ C:\Documents and Settings\JST CORP\Plocha\FRST.txt
2015-09-22 17:27 - 2015-09-22 21:36 - 00000000 ____D C:\FRST
2015-09-22 17:22 - 2015-09-22 17:22 - 01695232 _____ (Farbar) C:\Documents and Settings\JST CORP\Plocha\FRST.exe
2015-09-22 17:22 - 2015-09-22 17:22 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\JST CORP\Plocha\FRSTLauncher.exe
2015-09-22 12:16 - 2015-09-22 12:16 - 00000000 ____D C:\Documents and Settings\All Users\GlarySoft
2015-09-20 20:29 - 2015-09-22 21:20 - 00030116 _____ C:\WINDOWS\setupapi.log
2015-09-20 20:27 - 2015-09-20 20:27 - 00001530 _____ C:\Documents and Settings\JST CORP\Dokumenty\cc_20150920_202703.reg
2015-09-19 20:01 - 2015-09-20 17:56 - 00205000 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-08-28 20:21 - 2015-08-28 20:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 21:36 - 2012-12-30 11:02 - 00000000 ____D C:\Documents and Settings\JST CORP\Local Settings\temp
2015-09-22 21:36 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Local Settings\Data aplikací
2015-09-22 21:36 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP\Plocha
2015-09-22 21:30 - 2014-06-19 17:36 - 00000322 _____ C:\WINDOWS\Tasks\GlaryInitialize 5.job
2015-09-22 21:30 - 2012-12-28 11:43 - 02015298 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-22 21:30 - 2006-03-02 14:00 - 00013670 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-22 21:29 - 2014-03-08 08:50 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-22 21:29 - 2013-06-30 14:13 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 21:29 - 2012-12-28 11:43 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-09-22 21:29 - 2012-12-28 11:43 - 00000051 _____ C:\WINDOWS\wiaservc.log
2015-09-22 21:29 - 2012-01-14 19:42 - 00000000 ___HD C:\Documents and Settings\JST CORP\Šablony
2015-09-22 21:29 - 2012-01-14 19:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 21:27 - 2012-01-14 19:42 - 00000178 ___SH C:\Documents and Settings\JST CORP\ntuser.ini
2015-09-22 21:27 - 2012-01-14 19:41 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-22 21:16 - 2013-06-30 14:13 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 16:59 - 2012-12-24 19:44 - 00000000 ____D C:\Program Files\trend micro
2015-09-22 15:41 - 2012-04-21 10:41 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-22 15:32 - 2015-07-30 22:10 - 00001906 _____ C:\WINDOWS\system32\nvAppTimestamps
2015-09-22 15:24 - 2012-03-25 20:10 - 00002521 _____ C:\Documents and Settings\JST CORP\Plocha\Outlook.lnk
2015-09-22 15:12 - 2012-01-14 19:44 - 01475600 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2015-09-22 15:12 - 2012-01-14 19:44 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2015-09-22 13:46 - 2012-01-14 19:42 - 00000000 ____D C:\Documents and Settings\JST CORP
2015-09-22 13:45 - 2012-01-14 20:25 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-09-22 13:45 - 2012-01-14 19:34 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-09-22 12:39 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\GlarySoft
2015-09-22 12:18 - 2012-12-30 14:29 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-09-20 20:40 - 2012-01-14 20:26 - 01193206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-20 20:38 - 2012-01-14 20:18 - 00000000 ____D C:\WINDOWS\security
2015-09-20 20:27 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty
2015-09-20 17:56 - 2012-01-14 19:41 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-09-20 09:46 - 2014-11-23 17:48 - 00045104 _____ C:\Documents and Settings\JST CORP\Plocha\Vydavky_JT.xlsx
2015-09-20 09:24 - 2012-03-25 20:09 - 00002563 _____ C:\Documents and Settings\JST CORP\Plocha\Microsoft Office Word 2007.lnk
2015-09-19 10:57 - 2012-01-14 19:42 - 00000000 ___RD C:\Documents and Settings\JST CORP\Dokumenty\Obrázky
2015-09-18 18:37 - 2012-02-18 10:07 - 00039267 _____ C:\Documents and Settings\JST CORP\Plocha\poznamky.txt
2015-09-17 19:32 - 2012-01-14 19:41 - 00000042 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2015-09-17 17:41 - 2014-06-19 17:36 - 00000000 ____D C:\Documents and Settings\JST CORP\Data aplikací\DiskDefrag
2015-09-16 19:35 - 2012-01-14 19:44 - 01475108 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2015-09-10 06:48 - 2012-01-22 12:18 - 00101888 _____ C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-09 16:44 - 2012-01-14 21:35 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-09-09 16:41 - 2013-07-14 14:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 10:29 - 2014-03-08 08:50 - 00000222 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-06 10:02 - 2014-06-19 17:52 - 00000382 _____ C:\WINDOWS\Tasks\GlaryUpdate 5.job
2015-09-05 13:02 - 2013-01-19 10:14 - 00232759 _____ C:\acadminidump.dmp
2015-09-05 10:38 - 2014-11-05 18:37 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-08-29 09:12 - 2015-07-12 13:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-26 18:36 - 2012-01-15 16:14 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2012-01-22 12:18 - 2015-09-10 06:48 - 0101888 _____ () C:\Documents and Settings\JST CORP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\JST CORP\Local Settings\temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GlaryUpdate 5.job => C:\Program Files\Glary Utilities 5\CheckUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
==================== Security Center ==================
AV: ESET Smart Security 8.0 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personálny Firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\JST CORP\Plocha" je 823 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\JST CORP\\Data aplikac�\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (8.22 KiB) Staženo 50 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: poskodena sietova karta???
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Handler: WSWSVCUchrome - No CLSID Value -
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\JST CORP\Local Settings\temp
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: poskodena sietova karta???
Fix result of Farbar Recovery Scan Tool (x86) Version:15-09-2015
Ran by JST CORP (2015-09-22 22:58:55) Run:1
Running from C:\Documents and Settings\JST CORP\Plocha
Loaded Profiles: JST CORP (Available Profiles: JST CORP)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Handler: WSWSVCUchrome - No CLSID Value -
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\JST CORP\Local Settings\temp
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => key removed successfully.
IntelIde => service removed successfully.
WS2IFSL => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Documents and Settings\JST CORP\Local Settings\temp => moved successfully
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":8CE646EE" ADS removed successfully..
==== End of Fixlog 22:58:55 ====
Ran by JST CORP (2015-09-22 22:58:55) Run:1
Running from C:\Documents and Settings\JST CORP\Plocha
Loaded Profiles: JST CORP (Available Profiles: JST CORP)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Handler: WSWSVCUchrome - No CLSID Value -
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\JST CORP\Local Settings\temp
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-861567501-484061587-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => key removed successfully.
IntelIde => service removed successfully.
WS2IFSL => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Documents and Settings\JST CORP\Local Settings\temp => moved successfully
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":8CE646EE" ADS removed successfully..
==== End of Fixlog 22:58:55 ====
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: poskodena sietova karta???
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: poskodena sietova karta???
vsetko po starom net nejde
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: poskodena sietova karta???
Už jsem toto jednou u XP zažil. Řešil jsem to vloženou síť. kartou do slotu. Další 2 roky to pak korektně fungovalo. Pak bylo nutné reinstalovat systém. Integrovaná síť. karta jakoby zázrakem "obživla" a pak fungovala až do vyřazení PC. Podívejte se do správce zařízení, co signalizuje síť. karta. Pokud nebude hlásit žádnou chybu, odeberte ji (odinstalujte) a restartujte. Při novém startu bude opět ovladač načten. Pak vyzkoušejte funkci.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: poskodena sietova karta???
sietova karta signalizuje ze je OK, po odinstalovani ovladaca a spetnej instalacii nenastala zmena
skusal som nastavit aj rucne hodnoty ip, masku,branu a dns podla hodnot na nb s tym ze som pri ip dal posledne cislo ine ale bezo zmeny
cez linux takisto nejde internet tak neveim ci je priamo vada vo winXP
v rare som prilozil par obrazkov ako sa chova to pripojovanie v stolnom pc
vsimol som si aj to ze pri nb su hodnoty ip adresy rovnake pri kazdom prihlaseni, ale na stolnom pc sa to cislo ustavicne meni
sietovu kartu uz hladam neh vyskusam aj tu moznost 
este nejaky napad??
skusal som nastavit aj rucne hodnoty ip, masku,branu a dns podla hodnot na nb s tym ze som pri ip dal posledne cislo ine ale bezo zmeny cez linux takisto nejde internet tak neveim ci je priamo vada vo winXP v rare som prilozil par obrazkov ako sa chova to pripojovanie v stolnom pc vsimol som si aj to ze pri nb su hodnoty ip adresy rovnake pri kazdom prihlaseni, ale na stolnom pc sa to cislo ustavicne meni sietovu kartu uz hladam neh vyskusam aj tu moznost este nejaky napad??
- Přílohy
-
- lan.rar
- (169.77 KiB) Staženo 62 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: poskodena sietova karta???
Tak pokud nejde síť ani na linuxu, jsou pravděpodobně jen 2 možnosti. Poškozená síť. karta, nebo nepřístupný net ze strany providera.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?