poprosim o kontrolu logu - vyskakovanie neziaducich okien

Zpráva

rivers2 · #1 Příspěvek od **rivers2** » 30 lis 2015 09:04

Logfile of random's system information tool 1.10 (written by random/random)
Run by WIN7 at 2015-11-30 09:01:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 21 GB (27%) free of 76 GB
Total RAM: 1023 MB (11% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:02:08, on 30. 11. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\MediaPlayerVideos 1.2\mediaplayervideos_1.2_helper_service.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\WIN7\Downloads\RSIT (1).exe
C:\Program Files\trend micro\WIN7.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

--
End of file - 5831 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\mediaplayervideos_1.2_helper_service.job - C:\Program Files\MediaPlayerVideos 1.2\mediaplayervideos_1.2_helper_service.exe /installationtime=1448618677 /AppName="MediaPlayerVideos 1.2"
C:\Windows\tasks\mediaplayervideos_1.2_updating_service.job - C:\Program Files\MediaPlayerVideos 1.2\mediaplayervideos_1.2_updating_service.exe /campid=002858 /verid=1 /url=http://update.gencloudex.com/static/@CA ... /data.info /appid=72523 /taskname=mediaplayervideos_1.2_updating_service /funurl= /statsdomain=http://logs.gencloudex.com/marker.gif?
C:\Windows\tasks\S8TllbkHowmp.job - C:\Users\WIN7\AppData\Roaming\S8TllbkHowmp.exe --c=JSfOCWS2l3886thdREMBp7r08y+tZR+NhPnxnu+C4hjTJswSmCb3mSbEao2TR9KymlQUsYKDsXN4SQm/q1Ibmb3+cTDvRckL2VJ8TYXlpCMbIZlRvD9Plxg8uSlTZ6z20WtOMkjGkm7W6bG/zasK/dW8uwSK9e0oAHBwi0RqufGEyI+NwavTiNiMtND1PJHV1c121UngsQxS1G61AovLTWruxlacrJ4ScxhH8Vtl3+tDDWWw7hZwXsTBflf9FGshh1CZsF4fhe5q8ljPjU3o3RVcAa7yOA+irvfMYahncR2C9y8Qp9cSA7xfvj+N/CQNUwTfZ6fyhtXyVAXws/PsDQ==
C:\Windows\tasks\YrDUyG9qvc0FMmvVK.job - C:\Users\WIN7\AppData\Roaming\YrDUyG9qvc0FMmvVK.exe --c=Ph4YNy+NDPonwI5dVvk/GxzJ3Y8OxqC0kU/ZNrgCR6af+FamVFIA1yGubJ1K6L0mUebsno7eubvF7DgKY0oFLWA0rb+1LYwHKjJLbzLNCwt2Pg7hRPdBwglRNqMRMZ3t3k3wklEW0YQY2tlIBEotm93wZbEmj1up4m86Z0FpJ3VJIBZihMc1YAmscQsGPb/0Ak5JGl/yIE5FB5OCggbpevMUqwpKqapkS9rgYFfMj8zx4f0uznYjpeTjxgf4Z5fwMVyj6Chi4+9xn50yhTL7W4zZGVXlioEW66xJVNDafc6+96ifrXLrMFKdbzIyE92E4K96WxJzYJyOxxu7cHsHkQ==

=========Mozilla firefox=========

ProfilePath - C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\searchplugins\
delta.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-06 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-06 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2015-11-03 1734544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WebBrowserMixVideoPlayer.lnk]
C:\PROGRA~1\MIXVID~1\BROWSE~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-30 08:52:11 ----D---- C:\Program Files\trend micro
2015-11-30 08:52:05 ----D---- C:\rsit
2015-11-29 22:57:39 ----D---- C:\ProgramData\ESET
2015-11-29 22:56:49 ----D---- C:\Program Files\ESET
2015-11-29 22:12:32 ----D---- C:\Program Files\Adobe
2015-11-29 22:05:17 ----D---- C:\Windows\pss
2015-11-29 21:55:57 ----D---- C:\Program Files\CCleaner
2015-11-27 11:23:50 ----D---- C:\Program Files\globalUpdate
2015-11-27 11:23:23 ----D---- C:\Program Files\version09CheckMeUp
2015-11-27 10:57:11 ----D---- C:\Program Files\MediaPlayerVideos 1.2
2015-11-12 20:08:43 ----A---- C:\Windows\system32\win32k.sys
2015-11-11 17:04:53 ----A---- C:\Windows\system32\shimeng.dll
2015-11-11 17:04:53 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-11 17:04:53 ----A---- C:\Windows\system32\apphelp.dll
2015-11-11 17:04:53 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-11 17:04:01 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 17:04:01 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 17:03:44 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 17:03:43 ----A---- C:\Windows\system32\schannel.dll
2015-11-11 17:03:43 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-11 17:03:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:03:42 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-11-11 17:03:41 ----A---- C:\Windows\system32\srcore.dll
2015-11-11 17:03:41 ----A---- C:\Windows\system32\rstrui.exe
2015-11-11 17:03:41 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-11 17:03:41 ----A---- C:\Windows\system32\ntdll.dll
2015-11-11 17:03:41 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-11 17:03:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-11 17:03:41 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-11 17:03:40 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-11 17:03:40 ----A---- C:\Windows\system32\smss.exe
2015-11-11 17:03:40 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-11 17:03:39 ----A---- C:\Windows\system32\wdigest.dll
2015-11-11 17:03:39 ----A---- C:\Windows\system32\lsass.exe
2015-11-11 17:03:39 ----A---- C:\Windows\system32\auditpol.exe
2015-11-11 17:03:38 ----A---- C:\Windows\system32\sspicli.dll
2015-11-11 17:03:38 ----A---- C:\Windows\system32\srclient.dll
2015-11-11 17:03:38 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-11 17:03:37 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-11 17:03:37 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-11 17:03:36 ----A---- C:\Windows\system32\secur32.dll
2015-11-11 17:03:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-11 17:03:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-11 17:03:36 ----A---- C:\Windows\system32\credssp.dll
2015-11-11 17:03:35 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-11 17:03:35 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-11 17:03:35 ----A---- C:\Windows\system32\adtschema.dll
2015-11-11 17:03:34 ----A---- C:\Windows\system32\msaudite.dll
2015-11-11 17:03:33 ----A---- C:\Windows\system32\msobjs.dll
2015-11-11 17:01:35 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-11 17:01:19 ----A---- C:\Windows\system32\wucltux.dll
2015-11-11 17:01:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-11 17:01:18 ----A---- C:\Windows\system32\wuapi.dll
2015-11-11 17:01:17 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-11 17:01:17 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-11 17:01:16 ----A---- C:\Windows\system32\wups2.dll
2015-11-11 17:01:16 ----A---- C:\Windows\system32\wups.dll
2015-11-11 17:01:16 ----A---- C:\Windows\system32\wudriver.dll
2015-11-11 17:01:16 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-11 17:01:16 ----A---- C:\Windows\system32\wuapp.exe
2015-11-11 17:01:16 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 16:59:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:59:56 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-11 16:59:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-11 16:59:54 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 16:59:54 ----A---- C:\Windows\system32\occache.dll
2015-11-11 16:59:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:59:54 ----A---- C:\Windows\system32\iernonce.dll
2015-11-11 16:59:54 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-11 16:59:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-11 16:59:53 ----A---- C:\Windows\system32\vbscript.dll
2015-11-11 16:59:53 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-11 16:59:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-11 16:59:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-11 16:59:53 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-11 16:59:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-11 16:59:52 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-11 16:59:50 ----A---- C:\Windows\system32\webcheck.dll
2015-11-11 16:59:50 ----A---- C:\Windows\system32\msrating.dll
2015-11-11 16:59:50 ----A---- C:\Windows\system32\iesetup.dll
2015-11-11 16:59:49 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 16:59:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 16:59:48 ----A---- C:\Windows\system32\wininet.dll
2015-11-11 16:59:47 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-11 16:59:46 ----A---- C:\Windows\system32\ieui.dll
2015-11-11 16:59:45 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 16:59:43 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-11 16:59:42 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-11 16:59:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-11 16:59:40 ----A---- C:\Windows\system32\jscript9.dll
2015-11-11 16:59:39 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 16:59:37 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 16:58:57 ----A---- C:\Windows\system32\InkEd.dll
2015-11-11 16:58:56 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-11 16:58:41 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-11 16:58:41 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-07 16:14:58 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-11-30 09:02:00 ----D---- C:\Windows\Temp
2015-11-30 08:52:11 ----RD---- C:\Program Files
2015-11-30 08:14:16 ----D---- C:\Windows\System32
2015-11-30 08:14:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-30 08:14:11 ----D---- C:\Windows\inf
2015-11-30 08:10:06 ----D---- C:\Windows\system32\config
2015-11-30 00:59:17 ----D---- C:\Windows\Tasks
2015-11-29 23:30:54 ----D---- C:\Windows\system32\Tasks
2015-11-29 23:30:44 ----SHD---- C:\Windows\Installer
2015-11-29 23:07:11 ----D---- C:\Windows\system32\drivers
2015-11-29 23:01:13 ----D---- C:\Windows\system32\DriverStore
2015-11-29 23:01:10 ----SD---- C:\Windows\system32\Microsoft
2015-11-29 22:57:39 ----HD---- C:\ProgramData
2015-11-29 22:53:56 ----D---- C:\Windows\Prefetch
2015-11-29 22:47:27 ----D---- C:\Windows
2015-11-29 22:47:08 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-11-29 22:46:28 ----D---- C:\Windows\system32\catroot
2015-11-29 22:26:59 ----D---- C:\Program Files\Nokia
2015-11-29 22:25:15 ----SHD---- C:\System Volume Information
2015-11-29 22:24:24 ----D---- C:\Program Files\Ashampoo
2015-11-29 22:23:13 ----D---- C:\ProgramData\Nokia
2015-11-29 22:23:13 ----D---- C:\Program Files\Common Files
2015-11-29 22:12:44 ----D---- C:\Program Files\Common Files\Adobe
2015-11-29 22:11:24 ----D---- C:\ProgramData\Adobe
2015-11-29 22:03:50 ----D---- C:\Users\WIN7\AppData\Roaming\TeamViewer
2015-11-29 22:03:50 ----D---- C:\Users\WIN7\AppData\Roaming\DAEMON Tools Lite
2015-11-29 22:03:47 ----D---- C:\Users\WIN7\AppData\Roaming\uTorrent
2015-11-29 22:01:15 ----D---- C:\Windows\Panther
2015-11-29 22:01:04 ----D---- C:\Windows\Logs
2015-11-29 22:01:03 ----D---- C:\Windows\Minidump
2015-11-29 22:01:03 ----D---- C:\Windows\debug
2015-11-29 21:39:49 ----D---- C:\Program Files\Rovio
2015-11-27 11:23:20 ----HD---- C:\Windows\system32\GroupPolicy
2015-11-14 12:40:49 ----D---- C:\Windows\rescache
2015-11-14 11:41:40 ----D---- C:\Windows\system32\catroot2
2015-11-13 08:10:53 ----D---- C:\Windows\winsxs
2015-11-12 19:30:31 ----D---- C:\Windows\Microsoft.NET
2015-11-12 19:14:22 ----D---- C:\Windows\AppPatch
2015-11-12 19:14:17 ----D---- C:\Windows\system32\cs-CZ
2015-11-12 19:08:31 ----RSD---- C:\Windows\assembly
2015-11-12 18:40:34 ----D---- C:\Windows\system32\migration
2015-11-12 18:40:33 ----D---- C:\Windows\system32\en-US
2015-11-12 18:40:30 ----D---- C:\Program Files\Internet Explorer
2015-11-12 18:40:22 ----D---- C:\Program Files\Windows Journal
2015-11-11 17:51:44 ----D---- C:\Windows\system32\MRT
2015-11-11 17:25:27 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 17:12:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-09-23 56944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-13 218688]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-09-23 205800]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-09-23 145512]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-09-23 161992]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-09-23 44608]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2015-10-07 111040]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2015-11-03 198544]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-10-09 1971968]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-04 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-04 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-30 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-07 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-11 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 30 lis 2015 09:23

Krasny den Vam preju

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

rivers2 · #3 Příspěvek od **rivers2** » 05 pro 2015 19:58

# AdwCleaner v5.023 - Logfile created 05/12/2015 at 19:48:45
# Updated 30/11/2015 by Xplode
# Database : 2015-12-03.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : WIN7 - WIN7-PC
# Running from : C:\Users\WIN7\Downloads\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : APNMCP

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\MediaPlayerVideos 1.2
[!] Folder Not Deleted : C:\Program Files\MediaPlayerVideos 1.2
[-] Folder Deleted : C:\Program Files\version09CheckMeUp
[!] Folder Not Deleted : C:\Program Files\MediaPlayerVideos 1.2
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Tarma Installer
[-] Folder Deleted : C:\Users\WIN7\AppData\Local\GamePlayLabs Plugin
[-] Folder Deleted : C:\Users\WIN7\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\WIN7\AppData\Local\PriceFountain
[-] Folder Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] Folder Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac
[-] Folder Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmpieponfdjfekdfdfgmhamccfddpfb
[!] Folder Not Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac
[-] Folder Deleted : C:\Users\WIN7\AppData\Local\Temp\apn
[-] Folder Deleted : C:\Users\WIN7\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\WIN7\AppData\Roaming\goforfiles

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Mozilla Firefox\cfg
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\searchplugins\delta.xml
[-] File Deleted : C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\user.js
[-] File Deleted : C:\Windows\patsearch.bin

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : GoforFilesUpdate
[-] Task Deleted : LaunchPreSignup
[-] Task Deleted : mediaplayervideos_1.2_updating_service
[-] Task Deleted : mediaplayervideos_1.2_helper_service

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [mediaplayervideos_1.2_helper_service.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [mediaplayervideos_1.2_helper_service.job.fp]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [mediaplayervideos_1.2_updating_service.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [mediaplayervideos_1.2_updating_service.job.fp]
[-] Key Deleted : HKCU\Software\59558888b039e914
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{444785F1-DE89-4295-863A-D46C3A781394}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\BabylonToolbar
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DataMngr
[-] Key Deleted : HKCU\Software\delta LTD
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\GamePlayLabs
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\GoforFiles
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\CheckMeUp
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\DataMngr
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\GoforFiles
[-] Key Deleted : HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : HKLM\SOFTWARE\MediaPlayerVideos 1.2
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GamePlayLabs Plugin
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6ECB650E-8177-CC04-71B4-6BE3CD063758
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerVideos 1.2
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE

***** [ Web browsers ] *****

[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119293&babs ... 1731d320fd");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("avg.install.userSPSettings", "Delta Search");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119293&babs ... 1731d320fd");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.admin", false);
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.aflt", "babsst");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.autoRvrt", "false");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.dfltLng", "en");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.excTlbr", false);
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.id", "2cfa455e000000000000001731d320fd");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.instlDay", "15770");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.instlRef", "sst");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.newTab", false);
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.prdct", "delta");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.prtnrId", "delta");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.rvrt", "false");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.smplGrp", "none");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.tlbrId", "base");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.vrsn", "1.8.10.0");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.vrsnTs", "1.8.10.012:10:05");
[-] [C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js] [Preference] Deleted : user_pref("extensions.delta.vrsni", "1.8.10.0");
[-] [C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] [C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : inmpieponfdjfekdfdfgmhamccfddpfb
[-] [C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jecgbfoconhopjngaaijjgffhokohlac
[-] [C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jecgbfoconhopjngaaijjgffhokohlac

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15973 bytes] ##########

#4 Příspěvek od **altrok** » 06 pro 2015 01:57

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

rivers2 · #5 Příspěvek od **rivers2** » 06 pro 2015 13:20

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-12-2015
Ran by WIN7 (administrator) on WIN7-PC (06-12-2015 13:13:46)
Running from C:\Users\WIN7\Downloads
Loaded Profiles: WIN7 (Available Profiles: WIN7)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\MountPoints2: {35ae004c-468f-11e5-976c-001731d320fd} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\MountPoints2: {5ccb29f7-39fa-11e5-ba27-001731d320fd} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{978984DC-B8E0-4CAC-BC99-6A5E63CDF193}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-06] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-06] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files\version09CheckMeUp\194.xpi [not found]
FF Extension: 0545b830f0aa4d7e882050a4629a56fe - C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-12-02] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\Firefox\Extensions: [{58931F90-7418-F91C-7D0E-6744BB523292}] - C:\Program Files\version09CheckMeUp\194.xpi => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\prefs.js [2015-12-02] <==== ATTENTION (Points to *.cfg file)

Chrome:
=======
CHR Profile: C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-04]
CHR Extension: (Dokumenty Google) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-05]
CHR Extension: (Disk Google) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ebeenikkcpgaekfgbnflbaaihalfifkk) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebeenikkcpgaekfgbnflbaaihalfifkk [2015-12-02]
CHR Extension: (Tabuľky Google) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-04]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Christophe Lopez-Huici) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mldcndgjaaommbfoppackndancebpjhn [2015-08-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-04]
CHR Extension: (Gmail) - C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1971968 2015-10-09] (ESET)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-02-13] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [205800 2015-09-23] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [145512 2015-09-23] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [111040 2015-10-07] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [161992 2015-09-23] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44608 2015-09-23] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [56944 2015-09-23] (ESET)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-06 13:13 - 2015-12-06 13:14 - 00009556 _____ C:\Users\WIN7\Downloads\FRST.txt
2015-12-06 13:12 - 2015-12-06 13:13 - 00000000 ____D C:\FRST
2015-12-06 13:10 - 2015-12-06 13:11 - 01719808 _____ (Farbar) C:\Users\WIN7\Downloads\FRST.exe
2015-12-06 13:10 - 2015-12-06 13:11 - 01719808 _____ (Farbar) C:\Users\WIN7\Downloads\FRST (1).exe
2015-12-05 19:46 - 2015-12-05 19:48 - 00000000 ____D C:\AdwCleaner
2015-12-05 19:44 - 2015-12-05 19:45 - 01736704 _____ C:\Users\WIN7\Downloads\AdwCleaner.exe
2015-12-05 19:40 - 2015-12-05 19:40 - 01736704 _____ C:\Users\WIN7\Downloads\adwcleaner_5.023.exe
2015-11-30 09:01 - 2015-11-30 09:01 - 01107968 _____ C:\Users\WIN7\Downloads\RSIT (1).exe
2015-11-30 08:52 - 2015-11-30 09:02 - 00000000 ____D C:\Program Files\trend micro
2015-11-30 08:52 - 2015-11-30 08:54 - 00000000 ____D C:\rsit
2015-11-30 08:51 - 2015-11-30 08:51 - 01107968 _____ C:\Users\WIN7\Downloads\RSIT.exe
2015-11-29 22:58 - 2015-11-29 22:58 - 00002027 _____ C:\Users\Public\Desktop\ESET Ochrana bankovníctva a platieb.lnk
2015-11-29 22:57 - 2015-11-29 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-29 22:57 - 2015-11-29 22:57 - 00000000 ____D C:\ProgramData\ESET
2015-11-29 22:56 - 2015-11-29 22:56 - 00000000 ____D C:\Program Files\ESET
2015-11-29 22:52 - 2015-11-29 22:53 - 02837704 _____ (ESET) C:\Users\WIN7\Downloads\eset_smart_security_live_installer_.exe
2015-11-29 22:18 - 2015-11-29 22:18 - 00000000 ____D C:\Users\WIN7\AppData\Local\CEF
2015-11-29 22:13 - 2015-12-03 08:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-29 22:12 - 2015-11-29 22:12 - 00000000 ____D C:\Program Files\Adobe
2015-11-29 22:05 - 2015-11-29 22:05 - 00000000 ____D C:\Windows\pss
2015-11-29 21:56 - 2015-11-29 21:56 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-29 21:56 - 2015-11-29 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-29 21:55 - 2015-11-29 21:56 - 00000000 ____D C:\Program Files\CCleaner
2015-11-29 21:52 - 2015-11-29 21:54 - 06801752 _____ (Piriform Ltd) C:\Users\WIN7\Downloads\ccsetup512.exe
2015-11-27 11:24 - 2015-11-27 11:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-11-27 11:23 - 2015-11-27 11:24 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-11-27 11:20 - 2015-11-27 11:21 - 00216576 _____ C:\Users\WIN7\Downloads\3806.exe
2015-11-27 11:17 - 2015-11-27 11:18 - 00689152 _____ C:\Users\WIN7\Downloads\Setup (1).exe
2015-11-27 10:53 - 2015-11-27 10:54 - 00689152 _____ C:\Users\WIN7\Downloads\Setup.exe
2015-11-12 20:08 - 2015-11-03 18:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 17:04 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 17:04 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 17:04 - 2015-10-29 18:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 17:04 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 17:04 - 2015-10-13 17:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:04 - 2015-10-13 17:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:03 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 17:03 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:03 - 2015-10-20 01:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:03 - 2015-10-20 01:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 17:03 - 2015-10-20 01:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 17:03 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 17:03 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 17:03 - 2015-10-20 01:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 17:03 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 17:03 - 2015-10-20 01:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 17:03 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 17:03 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 17:03 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 17:03 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 17:03 - 2015-10-20 00:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 17:03 - 2015-10-20 00:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:03 - 2015-10-20 00:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:01 - 2015-10-20 18:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:01 - 2015-10-20 18:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:01 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:01 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:01 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:01 - 2015-10-20 18:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 17:01 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 17:01 - 2015-10-20 18:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:01 - 2015-10-20 18:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 17:01 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:01 - 2015-10-20 18:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 17:01 - 2015-10-13 05:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 16:59 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 16:59 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 16:59 - 2015-10-30 23:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 16:59 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 16:59 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 16:59 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 16:59 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 16:59 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 16:59 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 16:59 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 16:59 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 16:59 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 16:59 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 16:59 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 16:59 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 16:59 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 16:59 - 2015-10-30 23:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 16:59 - 2015-10-30 23:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:59 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 16:59 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:59 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 16:59 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 16:59 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 16:59 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 16:59 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 16:59 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 16:59 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 16:59 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 16:59 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 16:59 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 16:59 - 2015-10-30 23:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 16:59 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 16:59 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 16:59 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 16:58 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 16:58 - 2015-10-01 18:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 16:58 - 2015-09-23 14:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 16:58 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-07 16:14 - 2015-12-05 19:49 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-06 13:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-06 13:10 - 2013-03-05 18:37 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-06 13:09 - 2009-07-14 05:34 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-06 13:09 - 2009-07-14 05:34 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-06 13:07 - 2011-01-02 14:58 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-06 13:07 - 2009-07-14 09:44 - 00660774 _____ C:\Windows\system32\perfh005.dat
2015-12-06 13:07 - 2009-07-14 09:44 - 00141424 _____ C:\Windows\system32\perfc005.dat
2015-12-06 13:07 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-06 13:01 - 2015-08-04 18:06 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-06 13:00 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-06 10:31 - 2015-08-04 18:06 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-05 19:48 - 2015-08-12 19:19 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2015-12-05 15:39 - 2015-08-04 18:07 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-04 21:47 - 2015-08-03 19:39 - 00000000 ___RD C:\Users\WIN7\Desktop\stiahnute
2015-11-29 22:47 - 2012-07-19 16:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-29 22:26 - 2012-11-28 13:46 - 00000000 ____D C:\Program Files\Nokia
2015-11-29 22:24 - 2011-02-12 19:58 - 00000000 ____D C:\Program Files\Ashampoo
2015-11-29 22:23 - 2012-11-28 13:56 - 00000000 ____D C:\ProgramData\Nokia
2015-11-29 22:20 - 2013-06-25 19:44 - 00000000 ____D C:\Users\WIN7\AppData\Local\Unity
2015-11-29 22:18 - 2011-03-05 15:09 - 00000000 ____D C:\Users\WIN7\AppData\Local\Adobe
2015-11-29 22:12 - 2012-11-11 18:04 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-29 22:11 - 2011-02-13 13:54 - 00000000 ____D C:\ProgramData\Adobe
2015-11-29 22:03 - 2012-01-02 21:48 - 00000000 ____D C:\Users\WIN7\AppData\Roaming\TeamViewer
2015-11-29 22:03 - 2011-02-13 09:54 - 00000000 ____D C:\Users\WIN7\AppData\Roaming\DAEMON Tools Lite
2015-11-29 22:03 - 2011-02-12 19:41 - 00000000 ____D C:\Users\WIN7\AppData\Roaming\uTorrent
2015-11-29 22:01 - 2011-03-06 17:04 - 00000000 ____D C:\Windows\Minidump
2015-11-29 22:01 - 2011-01-02 14:42 - 00000000 ____D C:\Windows\Panther
2015-11-29 21:39 - 2012-01-19 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2015-11-29 21:39 - 2012-01-19 13:35 - 00000000 ____D C:\Program Files\Rovio
2015-11-29 21:39 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-27 11:23 - 2009-07-14 03:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-11-14 12:40 - 2012-11-29 22:33 - 00000000 ____D C:\Windows\rescache
2015-11-13 08:10 - 2009-07-14 05:33 - 00409608 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 18:40 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 17:51 - 2013-08-20 14:06 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 17:25 - 2011-11-06 20:52 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 17:12 - 2013-03-05 18:37 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 17:12 - 2012-01-15 17:56 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-03-28 12:06 - 2013-03-28 12:08 - 0000306 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\WIN7\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\WIN7\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-02 20:45

==================== End of FRST.txt ============================

rivers2 · #6 Příspěvek od **rivers2** » 06 pro 2015 13:21

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-12-2015
Ran by WIN7 (2015-12-06 13:15:51)
Running from C:\Users\WIN7\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-01-02 13:50:42)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3440232331-1270871754-2231574824-500 - Administrator - Disabled)
Guest (S-1-5-21-3440232331-1270871754-2231574824-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3440232331-1270871754-2231574824-1002 - Limited - Enabled)
WIN7 (S-1-5-21-3440232331-1270871754-2231574824-1000 - Administrator - Enabled) => C:\Users\WIN7

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 9.0.318.22 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.318.22 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.0 - )
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Ashampoo Burning Studio 10.0.1 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.1 - ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.2.527 - DsNET Corp)
aTube Catcher različica 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
BSPlayer (HKLM\...\BSPlayer1) (Version: - )
ccc-core-static (Version: 2010.0210.2339.42455 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
ESET Smart Security (HKLM\...\{EDD088BE-E6F8-40A6-9B79-BC40F70B03EB}) (Version: 9.0.318.22 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.73 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Media Search App by Ask (HKLM\...\{41545534-5350-2D4D-4544-A758B70C2500}) (Version: 12.37.0.2820 - APN, LLC)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 42.0 (x86 sk) (HKLM\...\Mozilla Firefox 42.0 (x86 sk)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Connectivity Solution (HKLM\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12313 - TeamViewer)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

02-12-2015 20:06:36 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3A95EA06-7847-4892-BFD9-ED8B3A46830F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4E1FCA83-D09F-4338-96A4-CF6C64FA81F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.)
Task: {6889ED89-FF3A-4FF6-A519-3E0EF2D53B62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {80957E85-5486-431D-AB72-8E0C57E26797} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.)
Task: {E7A7AC27-BD0B-4919-969A-25D71F03FFFF} - System32\Tasks\{AB015B25-5E31-4EBA-9420-89876EB4C7B8} => pcalua.exe -a "C:\Users\WIN7\Downloads\dotNetFx35setup (1).exe" -d C:\Users\WIN7\Desktop
Task: {FA377531-5F31-4ECC-BFE5-BEF62680B8BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-02-13 11:18 - 2011-02-13 11:18 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-11-24 13:36 - 2009-11-24 13:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2015-08-06 07:51 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-08-06 07:51 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-12-05 15:38 - 2015-11-24 09:00 - 16496456 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.73\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WIN7\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WebBrowserMixVideoPlayer.lnk => C:\Windows\pss\WebBrowserMixVideoPlayer.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{63910964-980A-4770-9566-66EB723594E1}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{B31E1E21-6590-4A4F-86E8-07EE6D99D617}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{4A6F5013-F4CB-4DAA-9509-7BB28BEDA743}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{1A3C1D4C-8BB6-4AA5-A0AE-470DB07FC7C1}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{1C193021-155B-492B-ABD3-D002360EA286}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{51925745-8019-45E7-B009-8F54BA9250FA}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{D49181F3-84F3-4701-9AD9-4AF083CBABC6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{70C40E09-696D-454B-BF74-BAE02FA00B86}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{E7D0CDCF-D7E1-4AF4-B3C7-B211ABD9FDA5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{59C87FA8-79CA-490E-A498-605DC584DA0D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B05EB136-F589-4157-AAF5-C3279FAC2353}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A9D4D6D2-06EE-45A2-B33F-D87DDFA0A221}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BBE27CE7-EC5E-4351-A22E-FFE2676A0725}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{44E2B9F2-2BAE-48F5-85DF-EBC3D9FA0C49}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2015 08:19:09 AM) (Source: MsiInstaller) (EventID: 1024) (User: WIN7-PC)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-AC0F094E6F00} produktu Adobe Acrobat Reader DC - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/30/2015 08:57:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSIT.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 8c4

Čas spuštění: 01d12b43fdf7da16

Čas ukončení: 63

Cesta k aplikaci: C:\Users\WIN7\Downloads\RSIT.exe

ID hlášení:

Error: (11/30/2015 08:54:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WIN7.exe verze 2.0.0.4 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: f64

Čas spuštění: 01d12b4408928ba2

Čas ukončení: 60

Cesta k aplikaci: C:\Program Files\trend micro\WIN7.exe

ID hlášení: 7f43d27d-9737-11e5-bf12-001731d320fd

Error: (11/27/2015 11:22:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: spr3938.tmp, verze: 4.2.0.4569, časové razítko: 0x54336eaa
Název chybujícího modulu: mKj7DYB.dll, verze: 27.2.0.4644, časové razítko: 0x561e5cd8
Kód výjimky: 0xc0000005
Posun chyby: 0x00004828
ID chybujícího procesu: 0x152c
Čas spuštění chybující aplikace: 0xspr3938.tmp0
Cesta k chybující aplikaci: spr3938.tmp1
Cesta k chybujícímu modulu: spr3938.tmp2
ID zprávy: spr3938.tmp3

Error: (11/27/2015 11:04:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sprF216.tmp, verze: 4.2.0.4569, časové razítko: 0x54336eaa
Název chybujícího modulu: mKj7DYB.dll, verze: 27.2.0.4644, časové razítko: 0x561e5cd8
Kód výjimky: 0xc0000005
Posun chyby: 0x00004828
ID chybujícího procesu: 0x1240
Čas spuštění chybující aplikace: 0xsprF216.tmp0
Cesta k chybující aplikaci: sprF216.tmp1
Cesta k chybujícímu modulu: sprF216.tmp2
ID zprávy: sprF216.tmp3

Error: (11/27/2015 10:57:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: spr5C2C.tmp, verze: 4.2.0.4569, časové razítko: 0x54336eaa
Název chybujícího modulu: mKj7DYB.dll, verze: 27.2.0.4644, časové razítko: 0x561e5cd8
Kód výjimky: 0xc0000005
Posun chyby: 0x00004828
ID chybujícího procesu: 0x1030
Čas spuštění chybující aplikace: 0xspr5C2C.tmp0
Cesta k chybující aplikaci: spr5C2C.tmp1
Cesta k chybujícímu modulu: spr5C2C.tmp2
ID zprávy: spr5C2C.tmp3

Error: (10/26/2015 07:32:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program EXCEL.EXE verze 12.0.4518.1014 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 8a0

Čas spuštění: 01d10fb7fc53fd4c

Čas ukončení: 8

Cesta k aplikaci: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE

ID hlášení: 486aceee-7bab-11e5-996a-001731d320fd

Error: (08/12/2015 07:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: APNSetup.exe, verze: 7.20.1.27, časové razítko: 0x5500dc68
Název chybujícího modulu: APNSetup.exe, verze: 7.20.1.27, časové razítko: 0x5500dc68
Kód výjimky: 0x40000015
Posun chyby: 0x0005434f
ID chybujícího procesu: 0x9c0
Čas spuštění chybující aplikace: 0xAPNSetup.exe0
Cesta k chybující aplikaci: APNSetup.exe1
Cesta k chybujícímu modulu: APNSetup.exe2
ID zprávy: APNSetup.exe3

Error: (08/07/2015 07:10:53 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Windows.Forms.resources.dll z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Microsoft Compatibility Telemetry.

Program: Microsoft Compatibility Telemetry
Soubor: C:\Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Windows.Forms.resources.dll

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C000009C
Typ disku: 3

Error: (08/07/2015 07:10:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CompatTelRunner.exe, verze: 10.0.10143.0, časové razítko: 0x558bb386
Název chybujícího modulu: aeinv.dll, verze: 10.0.10143.0, časové razítko: 0x55b3ca15
Kód výjimky: 0xc0000006
Posun chyby: 0x00062d75
ID chybujícího procesu: 0xbfc
Čas spuštění chybující aplikace: 0xCompatTelRunner.exe0
Cesta k chybující aplikaci: CompatTelRunner.exe1
Cesta k chybujícímu modulu: CompatTelRunner.exe2
ID zprávy: CompatTelRunner.exe3

System errors:
=============
Error: (12/06/2015 01:00:25 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/06/2015 01:00:15 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Některé funkce řízení napájení při činnosti procesoru byly zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (12/06/2015 09:52:06 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/06/2015 09:51:53 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Některé funkce řízení napájení při činnosti procesoru byly zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (12/05/2015 11:25:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/05/2015 11:25:18 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/05/2015 07:51:10 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/05/2015 07:51:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/05/2015 07:51:08 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/05/2015 07:51:05 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz
Percentage of memory in use: 70%
Total physical RAM: 1023.3 MB
Available physical RAM: 303.99 MB
Total Virtual: 2047.3 MB
Available Virtual: 936.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.55 GB) (Free:21.48 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:149.04 GB) (Free:71.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.6 GB) (Disk ID: 5D071035)
Partition 1: (Active) - (Size=74.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: AAEE01C1)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#7 Příspěvek od **altrok** » 06 pro 2015 18:59

Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
log vlozte do dalsi odpovedi (Ctrl + V)

Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Aktualni je 8U66. Verze Javy, ktere v PC mate nainstalovane:

Java 8 Update 51

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\MountPoints2: {35ae004c-468f-11e5-976c-001731d320fd} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\MountPoints2: {5ccb29f7-39fa-11e5-ba27-001731d320fd} - "H:\WD SmartWare.exe" autoplay=true
GroupPolicy: Restriction - Chrome <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: No Name - C:\Program Files\version09CheckMeUp\194.xpi [not found]
FF Extension: 0545b830f0aa4d7e882050a4629a56fe - C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-12-02] [not signed]
FF HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\Firefox\Extensions: [{58931F90-7418-F91C-7D0E-6744BB523292}] - C:\Program Files\version09CheckMeUp\194.xpi => not found
C:\Program Files\version09CheckMeUp
2015-12-06 13:13 - 2015-12-06 13:14 - 00009556 _____ C:\Users\WIN7\Downloads\FRST.txt
2015-12-05 19:46 - 2015-12-05 19:48 - 00000000 ____D C:\AdwCleaner
2015-12-05 19:44 - 2015-12-05 19:45 - 01736704 _____ C:\Users\WIN7\Downloads\AdwCleaner.exe
2015-12-05 19:40 - 2015-12-05 19:40 - 01736704 _____ C:\Users\WIN7\Downloads\adwcleaner_5.023.exe
2015-11-30 09:01 - 2015-11-30 09:01 - 01107968 _____ C:\Users\WIN7\Downloads\RSIT (1).exe
2015-11-30 08:52 - 2015-11-30 09:02 - 00000000 ____D C:\Program Files\trend micro
2015-11-30 08:52 - 2015-11-30 08:54 - 00000000 ____D C:\rsit
2015-11-30 08:51 - 2015-11-30 08:51 - 01107968 _____ C:\Users\WIN7\Downloads\RSIT.exe
Task: {E7A7AC27-BD0B-4919-969A-25D71F03FFFF} - System32\Tasks\{AB015B25-5E31-4EBA-9420-89876EB4C7B8} => pcalua.exe -a "C:\Users\WIN7\Downloads\dotNetFx35setup (1).exe" -d C:\Users\WIN7\Desktop
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End

rivers2 · #8 Příspěvek od **rivers2** » 07 pro 2015 08:10

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
Date : 2015/12/07 8:09:39

-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Intel(R) 82801FB/FBM v režimu Ultra ATA - 266F [ATA]
+ ATA Channel 0 (0)
- _NEC DVD_RW ND-3540A ATA Device
- SAMSUNG SP0802N ATA Device
- ExcelStor Technology J8160S ATA Device
- ATA Channel 1 (1)
+ Řadiče úložiště Intel(R) 82801FB v režimu Ultra ATA - 2651 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG SP0802N : 80,0 GB [0/0/0, pd1]
(2) ExcelStor Technology J8160S : 160,0 GB [1/2/1, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG SP0802N
----------------------------------------------------------------------------
Model : SAMSUNG SP0802N
Firmware : TK100-24
Serial Number : 0637J1FW974173
Disk Size : 80,0 GB (8,4/80,0/80,0/80,0)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 156368016
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : UDMA/100 | UDMA/100
Power On Hours : 13341 hours
Power On Count : 6462 count
Temperature : 14 C (57 F)
Health Status : Caution
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 00000000053D Read Error Rate
03 _76 _56 __0 000000001140 Spin-Up Time
04 _88 _88 __0 000000003329 Start/Stop Count
05 _99 _99 _10 000000000003 Reallocated Sectors Count
07 253 253 _51 000000000000 Seek Error Rate
08 253 253 __0 000000000000 Seek Time Performance
09 _98 _98 __0 000000186DB7 Power-On Hours
0A 253 253 _49 000000000000 Spin Retry Count
0C _94 _94 __0 00000000193E Power Cycle Count
C2 196 _94 __0 00000000000E Temperature
C3 100 100 __0 000032587D14 Hardware ECC recovered
C4 _42 _42 __0 00000000007F Reallocation Event Count
C5 253 253 _10 000000000000 Current Pending Sector Count
C6 _43 _43 _10 00000000007C Uncorrectable Sector Count
C7 100 100 _51 000000000000 UltraDMA CRC Error Count
C8 100 100 _51 000000000000 Write Error Rate
C9 100 100 _51 000000000015 Soft Read Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 8856 022A 003F FFFF 0000 0000
010: 3036 3337 4A31 4657 3937 3431 3733 0000 0000 0000
020: 0003 1000 0004 544B 3130 302D 3234 5341 4D53 554E
030: 4720 5350 3038 3032 4E20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FC90 0951 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 001E 346B 7F01 4003 3C69 3C01 4003 203F 000E
090: 000E 0000 FFFE 603B FE00 0000 0000 0000 0000 0000
100: FC90 0951 0000 0000 0000 0000 0000 0000 50F0 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 55A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 3D 05 00 00 00 00 00 03 07
010: 00 4C 38 40 11 00 00 00 00 00 04 32 00 58 58 29
020: 33 00 00 00 00 00 05 33 00 63 63 03 00 00 00 00
030: 00 00 07 0B 00 FD FD 00 00 00 00 00 00 00 08 24
040: 00 FD FD 00 00 00 00 00 00 00 09 32 00 62 62 B7
050: 6D 18 00 00 00 00 0A 13 00 FD FD 00 00 00 00 00
060: 00 00 0C 32 00 5E 5E 3E 19 00 00 00 00 00 C2 22
070: 00 C4 5E 0E 00 00 00 00 00 00 C3 0A 00 64 64 14
080: 7D 58 32 00 00 00 C4 12 00 2A 2A 7F 00 00 00 00
090: 00 00 C5 33 00 FD FD 00 00 00 00 00 00 00 C6 31
0A0: 00 2B 2B 7C 00 00 00 00 00 00 C7 0B 00 64 64 00
0B0: 00 00 00 00 00 00 C8 0B 00 64 64 00 00 00 00 00
0C0: 00 00 C9 0B 00 64 64 15 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 40 0B 00 1B
170: 03 00 01 7F 01 30 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BB

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 00
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 31 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C2 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
090: 00 00 C5 0A 00 00 00 00 00 00 00 00 00 00 C6 0A
0A0: 00 00 00 00 00 00 00 00 00 00 C7 33 00 00 00 00
0B0: 00 00 00 00 00 00 C8 33 00 00 00 00 00 00 00 00
0C0: 00 00 C9 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B

----------------------------------------------------------------------------
(2) ExcelStor Technology J8160S
----------------------------------------------------------------------------
Model : ExcelStor Technology J8160S
Firmware : P22OABEA
Serial Number : PVG904Q4B7ASNB
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 7376 KB
Queue Depth : 32
# of Sectors : 312579695
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : ---- | SATA/300
Power On Hours : 19688 hours
Power On Count : 4705 count
Temperature : 30 C (86 F)
Health Status : Caution
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _98 _98 _16 000000030002 Read Error Rate
02 100 100 _50 000000000000 Throughput Performance
03 125 125 _24 0003009F009F Spin-Up Time
04 _99 _99 __0 000000001348 Start/Stop Count
05 100 100 __5 000000000002 Reallocated Sectors Count
07 100 100 _67 000000000000 Seek Error Rate
08 100 100 _20 000000000000 Seek Time Performance
09 _98 _98 __0 000000004CE8 Power-On Hours
0A 100 100 _60 000000000000 Spin Retry Count
0C _99 _99 __0 000000001261 Power Cycle Count
C0 _96 _96 __0 00000000143C Power-off Retract Count
C1 _96 _96 __0 00000000143C Load/Unload Cycle Count
C2 200 200 __0 003A000E001E Temperature
C4 100 100 __0 000000000004 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 253 __0 000000000000 UltraDMA CRC Error Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 5056 4739 3034 5134 4237 4153 4E42
020: 0003 39A1 0034 5032 324F 4142 4541 4578 6365 6C53
030: 746F 7220 5465 6368 6E6F 6C6F 6779 204A 3831 3630
040: 5320 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 005E 0040
080: 00FC 001A 346B 7FE9 4773 3469 BC01 4763 207F 0020
090: 0000 0000 FFFE 0000 80FE 0008 00CA 00F9 2710 0000
100: 966F 12A1 0000 0000 00CA 0000 0000 5A87 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0004 0000 2982 0DB1 FE20 0001 4000 0004 0000 0000
140: 0000 5DFF 27B7 11EA 0300 0280 3F7F 00C0 0040 2A00
150: 8000 0000 434E 5442 0000 AC12 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 34A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 62 62 02 00 03 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 7D 7D 9F
020: 00 9F 00 03 00 00 04 12 00 63 63 48 13 00 00 00
030: 00 00 05 33 00 64 64 02 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 62 62 E8 4C 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 61 12 00 00 00 00 00 C0 32 00 60 60 3C
080: 14 00 00 00 00 00 C1 12 00 60 60 3C 14 00 00 00
090: 00 00 C2 02 00 C8 C8 1E 00 0E 00 3A 00 00 C4 32
0A0: 00 64 64 04 00 00 00 00 00 00 C5 22 00 64 64 00
0B0: 00 00 00 00 00 00 C6 08 00 64 64 00 00 00 00 00
0C0: 00 00 C7 0A 00 C8 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 31 0B 01 5B
170: 03 00 01 00 01 30 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A7

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 10 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 18 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 14 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68

rivers2 · #9 Příspěvek od **rivers2** » 07 pro 2015 08:50

Fix result of Farbar Recovery Scan Tool (x86) Version:05-12-2015
Ran by WIN7 (2015-12-07 08:25:13) Run:1
Running from C:\Users\WIN7\Desktop
Loaded Profiles: WIN7 (Available Profiles: WIN7)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\MountPoints2: {35ae004c-468f-11e5-976c-001731d320fd} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\MountPoints2: {5ccb29f7-39fa-11e5-ba27-001731d320fd} - "H:\WD SmartWare.exe" autoplay=true
GroupPolicy: Restriction - Chrome <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: No Name - C:\Program Files\version09CheckMeUp\194.xpi [not found]
FF Extension: 0545b830f0aa4d7e882050a4629a56fe - C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-12-02] [not signed]
FF HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\...\Firefox\Extensions: [{58931F90-7418-F91C-7D0E-6744BB523292}] - C:\Program Files\version09CheckMeUp\194.xpi => not found
C:\Program Files\version09CheckMeUp
2015-12-06 13:13 - 2015-12-06 13:14 - 00009556 _____ C:\Users\WIN7\Downloads\FRST.txt
2015-12-05 19:46 - 2015-12-05 19:48 - 00000000 ____D C:\AdwCleaner
2015-12-05 19:44 - 2015-12-05 19:45 - 01736704 _____ C:\Users\WIN7\Downloads\AdwCleaner.exe
2015-12-05 19:40 - 2015-12-05 19:40 - 01736704 _____ C:\Users\WIN7\Downloads\adwcleaner_5.023.exe
2015-11-30 09:01 - 2015-11-30 09:01 - 01107968 _____ C:\Users\WIN7\Downloads\RSIT (1).exe
2015-11-30 08:52 - 2015-11-30 09:02 - 00000000 ____D C:\Program Files\trend micro
2015-11-30 08:52 - 2015-11-30 08:54 - 00000000 ____D C:\rsit
2015-11-30 08:51 - 2015-11-30 08:51 - 01107968 _____ C:\Users\WIN7\Downloads\RSIT.exe
Task: {E7A7AC27-BD0B-4919-969A-25D71F03FFFF} - System32\Tasks\{AB015B25-5E31-4EBA-9420-89876EB4C7B8} => pcalua.exe -a "C:\Users\WIN7\Downloads\dotNetFx35setup (1).exe" -d C:\Users\WIN7\Desktop
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully.
"HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35ae004c-468f-11e5-976c-001731d320fd}" => key removed successfully.
HKCR\CLSID\{35ae004c-468f-11e5-976c-001731d320fd} => key not found.
"HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ccb29f7-39fa-11e5-ba27-001731d320fd}" => key removed successfully.
HKCR\CLSID\{5ccb29f7-39fa-11e5-ba27-001731d320fd} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
C:\Program Files\version09CheckMeUp\194.xpi => path removed successfully.
C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} => moved successfully
C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} => path removed successfully.
HKU\S-1-5-21-3440232331-1270871754-2231574824-1000\Software\Mozilla\Firefox\Extensions\\{58931F90-7418-F91C-7D0E-6744BB523292} => value removed successfully.
"C:\Program Files\version09CheckMeUp" => not found.
C:\Users\WIN7\Downloads\FRST.txt => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\WIN7\Downloads\AdwCleaner.exe => moved successfully
C:\Users\WIN7\Downloads\adwcleaner_5.023.exe => moved successfully
C:\Users\WIN7\Downloads\RSIT (1).exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\WIN7\Downloads\RSIT.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7A7AC27-BD0B-4919-969A-25D71F03FFFF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7A7AC27-BD0B-4919-969A-25D71F03FFFF}" => key removed successfully.
C:\Windows\System32\Tasks\{AB015B25-5E31-4EBA-9420-89876EB4C7B8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AB015B25-5E31-4EBA-9420-89876EB4C7B8}" => key removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 450 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 08:27:03 ====

#10 Příspěvek od **altrok** » 07 pro 2015 11:36

Reklamy stale vyskakuji?

Nainstalujte a spustte HD Tune - http://www.hdtune.com/files/hdtune_255.exe

Prejdete na zalozku Health a zkontrolujte, ze je ve sloupecku Status vsude hodnota OK a dole sviti zelene Health status: OK
Na zalozce Error Scan kliknete na Start. Po dokonceni testu udelejte screen a prilozte ho k dalsi odpovedi.

rivers2 · #11 Příspěvek od **rivers2** » 07 pro 2015 16:14

Zdravim Vas. Ano, reklamy stale vyskakuju a zda sa mi ze cim dalej, tym viac.

rivers2 · #12 Příspěvek od **rivers2** » 07 pro 2015 17:06

: HD Tune.jpg (171.2 KiB) Zobrazeno 2198 x

#13 Příspěvek od **altrok** » 08 pro 2015 13:39

Systemovy disk ma nekolik vadnych sektoru a nektere se nachazi primo na zacatku disku, kde byva zapsany operacni system. Doporucim casto zalohovat dulezita data.

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
FFdefaults;
CHRdefaults;
```

rivers2 · #14 Příspěvek od **rivers2** » 08 pro 2015 22:38

Zoek.exe v5.0.0.1 Updated 06-December-2015
Tool run by WIN7 on ut 08. 12. 2015 at 22:32:48,37.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\WIN7\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8. 12. 2015 22:35:13 Zoek.exe System Restore Point Created Successfully.

==== FireFox Fix ======================

Deleted from C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js:
user_pref("browser.startup.homepage", "about:home");

Added to C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\54joenak.default-1355679801490
E7AC2BFD4928D251DAF1E51176C9EDD0 - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
546A28FBC44B984FD92530227BF6F5C2 - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director
F114FBA6246530B89DD1E04351E0EAC5 - C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

==== Reset Google Chrome ======================

C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on ut 08. 12. 2015 at 22:37:01,37 ======================

#15 Příspěvek od **altrok** » 08 pro 2015 23:03

Reklamy stale vyskakuji?

VIRY.CZ

poprosim o kontrolu logu - vyskakovanie neziaducich okien

poprosim o kontrolu logu - vyskakovanie neziaducich okien

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie

Re: poprosim o kontrolu logu - vyskakovanie neziaducich okie