dobrý den ,mam problém že procesor po nabootovaní stale beží naplno, dekuji Milan
stale běží naplnoScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Ran by bonapart (administrator) on AAA-8D452092365 (16-03-2017 09:43:46)
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
() C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Documents and Settings\bonapart\Plocha\FRSTLAUNCHER.EXE
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WINDVDPatch] => C:\WINDOWS\system32\CTHELPER.EXE [24576 2002-07-02] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [OODefragTray] => C:\WINDOWS\system32\oodtray.exe [2512392 2007-05-11] (O&O Software GmbH)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [333416 2012-09-05] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [242792 2012-12-03] (McAfee, Inc.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03] (ATI Technologies Inc.)
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\Run: [OEXPRESS] => C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE [26624 2012-06-17] ()
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1294336 2007-11-07] (Time Information Services Ltd.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuštÄ›nĂ\Adobe Gamma Loader.exe.lnk [2012-06-16]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuštÄ›nĂ\Microsoft Office.lnk [2012-06-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B9E8FD39-D613-4BAE-8870-261FB5703D57}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20161218183001.dll [2016-12-18] (McAfee, Inc.)
BHO: PDFCreator Toolbar Helper -> {C451C08A-EC37-45DF-AAAD-18B51AB5E837} -> C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2012-12-08] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
Toolbar: HKLM - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2012-12-08] ()
Toolbar: HKU\S-1-5-21-448539723-1682526488-1417001333-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2012-04-20] (SpoleÄŤnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://85.70.231.178:8888/AVC_AX_764.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1339796493156
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-06-16] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-26] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Default [2016-04-21]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1 [2017-03-16]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\System Profile [2016-12-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-27] (SUPERAntiSpyware.com)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-05-03] ()
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [202376 2016-12-18] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2012-12-03] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [167344 2016-12-18] (McAfee, Inc.)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 btwsecfl; C:\WINDOWS\System32\drivers\btwsecfl.sys [92792 2012-09-18] (Broadcom Corporation.)
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 ggsomc; C:\WINDOWS\System32\DRIVERS\ggsomc.sys [26328 2015-10-27] (Sony Mobile Communications)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] ()
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [132912 2016-12-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [234824 2016-12-18] (McAfee, Inc.)
R3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [65488 2016-12-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [565352 2016-12-18] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [92192 2016-12-18] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [91168 2016-12-18] (McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 pmserenum; C:\WINDOWS\System32\DRIVERS\pmserenum.sys [30616 2012-09-06] (PenMount)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX32.sys [104848 2012-12-14] (Ray Hinchliffe)
S3 smbusp; C:\WINDOWS\System32\DRIVERS\intelsmb.sys [45184 2012-09-06] (Intel Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwmodem; system32\DRIVERS\btwmodem.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 eapihdrv; \??\C:\DOCUME~1\bonapart\LOCALS~1\Temp\ehdrv.sys [X]
U3 mfeavfk01; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 09:43 - 2017-03-16 09:43 - 01766912 _____ (Farbar) C:\Documents and Settings\bonapart\Plocha\FRST.exe
2017-03-16 09:43 - 2017-03-16 09:43 - 00017577 _____ C:\Documents and Settings\bonapart\Plocha\FRST.txt
2017-03-16 09:43 - 2017-03-16 09:43 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\FRST-OlderVersion
2017-03-16 09:21 - 2017-03-16 09:21 - 00000000 ____D C:\Documents and Settings\bonapart\NabĂdka Start\Programy\CyberLink PowerDVD 9
2017-03-15 20:19 - 2017-03-16 09:21 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.BAK
2017-03-12 20:57 - 2010-09-22 19:20 - 11987016 _____ C:\Documents and Settings\bonapart\Plocha\22092010054.mp4
2017-03-12 20:57 - 2010-09-16 18:05 - 32903418 _____ C:\Documents and Settings\bonapart\Plocha\16092010051.mp4
2017-03-12 20:57 - 2010-09-16 17:52 - 04968804 _____ C:\Documents and Settings\bonapart\Plocha\16092010050.mp4
2017-03-03 18:44 - 2017-03-03 18:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\slevomat
2017-02-27 19:53 - 2017-03-02 18:01 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\dan
2017-02-20 19:44 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\SilverKeyFree.4.9.0.2 šifrovánĂ
2017-02-18 16:52 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Lucie Melichová
2017-02-17 18:52 - 2017-02-17 18:52 - 01422446 _____ C:\Documents and Settings\bonapart\Plocha\PrvnĂ pĹ™Ăznak 'Alzheimera.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 09:44 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Local Settings\Temp
2017-03-16 09:43 - 2012-06-15 22:10 - 00000000 ___HD C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ
2017-03-16 09:43 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha
2017-03-16 09:39 - 2016-12-17 12:15 - 00000000 ____D C:\FRST
2017-03-16 09:28 - 2012-06-15 22:05 - 00032288 _____ C:\WINDOWS\SchedLgU.Txt
2017-03-16 09:28 - 2012-06-15 22:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-16 09:21 - 2016-12-17 22:00 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-16 09:21 - 2016-07-01 21:25 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
2017-03-16 09:21 - 2014-03-19 10:45 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášenà k oznamovánà konce poskytovánà služeb pro Microsoft Windows XP.job
2017-03-16 09:21 - 2012-06-16 10:12 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.CDF
2017-03-16 09:21 - 2012-06-15 22:10 - 00000000 ___RD C:\Documents and Settings\bonapart\NabĂdka Start\Programy
2017-03-16 09:21 - 2001-10-25 15:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2017-03-16 09:19 - 2013-08-13 08:29 - 02644667 _____ C:\WINDOWS\system32\oodbs.lor
2017-03-15 23:53 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-03-15 23:53 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-03-15 23:53 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-15 23:53 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-15 23:53 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-15 22:10 - 00000178 ___SH C:\Documents and Settings\bonapart\ntuser.ini
2017-03-15 23:38 - 2012-06-15 23:44 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2017-03-15 21:08 - 2012-06-16 19:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-15 21:05 - 2016-12-17 22:00 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-15 20:12 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart
2017-03-13 17:58 - 2017-02-01 18:52 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Ota
2017-03-12 21:06 - 2012-06-18 18:03 - 00000000 ____D C:\Documents and Settings\bonapart\Data aplikacĂ\vlc
2017-03-12 21:05 - 2012-06-29 19:37 - 00042496 _____ C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-09 20:59 - 2015-12-30 20:17 - 00000038 _____ C:\WINDOWS\AviSplitter.INI
2017-03-09 19:16 - 2016-08-25 17:50 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\karta
2017-03-07 12:08 - 2012-06-16 19:25 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Angl.Nella
2017-03-05 16:45 - 2014-07-06 00:07 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NA EXTERAK
2017-03-01 19:50 - 2017-01-26 18:37 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\JIDELĂK od 1.2.2017
2017-02-27 19:22 - 2017-02-13 19:24 - 00000530 _____ C:\Documents and Settings\bonapart\Plocha\Zástupce - Divoké-vlny-(anim.-2007)cz---IRISA.lnk
2017-02-22 19:04 - 2012-06-16 17:32 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NĂSTROJE
2017-02-22 19:04 - 2012-06-15 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-02-14 20:33 - 2012-06-16 19:06 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\new movie
2017-02-14 19:30 - 2012-06-21 08:10 - 00000000 ____D C:\Documents and Settings\bonapart\Data aplikacĂ\YouTube Downloader
==================== Files in the root of some directories =======
2012-12-05 21:43 - 2013-09-09 17:55 - 0087608 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\inst.exe
2012-12-05 21:43 - 2013-09-09 17:55 - 0007887 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.cat
2012-12-05 21:43 - 2013-09-09 17:55 - 0001144 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.inf
2012-12-05 21:43 - 2013-09-09 17:55 - 0000034 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.log
2012-12-05 21:43 - 2013-09-09 17:55 - 0047360 _____ (VSO Software) C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.sys
2012-06-29 19:37 - 2017-03-12 21:05 - 0042496 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-16 08:35 - 2012-06-16 08:35 - 0000128 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\fusioncache.dat
2016-03-08 13:30 - 2016-08-18 19:49 - 45700992 _____ (Sony) C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\pcc.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27AFD587C462E280EE046B8CCA3C2CD1
C:\WINDOWS\system32\winlogon.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) CDDB1F8E1AEA356F3AD106F2CF9B7FEA
C:\WINDOWS\system32\svchost.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) BE4A520E29B6391F49E79CCC52044D93
C:\WINDOWS\system32\services.exe
[2008-04-14 07:52] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9EF697AF07BB8DD82C3B02CA953A95B7
C:\WINDOWS\system32\User32.dll
[2008-04-14 07:52] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) E16E0990967374E76F3E40CACAFD3D53
C:\WINDOWS\system32\userinit.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7DC1830F22E7D275B438127B68030239
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll
[2008-04-14 07:51] - [2011-03-03 07:54] - 0149504 ____A (Microsoft Corporation) 443FA2B9D23DAA57077A670E7B14052A
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 06:42] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28A4B296B47782173C346E376CB374D1
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MÄ›sĂÄŤnĂ oznamovánĂ konce poskytovánĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášenà k oznamovánà konce poskytovánà služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\bonapart\Plocha" je 86590 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\phoenix2\\files\\proxy.exe"="C:\\phoenix2\\files\\proxy.exe:*:Enabled:Proxyy"
"C:\\phoenix2\\files\\phoenix.exe"="C:\\phoenix2\\files\\phoenix.exe:*:Enabled:Phoenixx"
"C:\\phoenix2\\files\\wget.exe"="C:\\phoenix2\\files\\wget.exe:*:Enabled:Wgett"
"C:\\Program Files\\Moloz\\cpu\\cpu.exe"="C:\\Program Files\\Moloz\\cpu\\cpu.exe:*:Enabled:Molozcpu"
"C:\\Program Files\\Moloz\\gpu\\gpu.exe"="C:\\Program Files\\Moloz\\gpu\\gpu.exe:*:Enabled:Molozgpu"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe"="C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe:*:Enabled:Update Engine"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\\Program Files\\VideoViewer\\VideoViewer.exe"="C:\\Program Files\\VideoViewer\\VideoViewer.exe:*:Enabled:VideoViewer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP:*:Disabled:Vzd len spr va syst‚mu Windows "
"80:TCP"="80:TCP:*:Disabled:Vzd len spr va syst‚mu Windows - re§im kompatibility (HTTP-In) "
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu logu FRST
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu FRST
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu FRST
dobrý vecer posilam log , ale nevím jestli je ok, zapomel jsem vypnout antivit, sken probehl dobre ale pri cisteni mi dal antivir ADW do karanteny , musel jsem restartovat po bootu se objevil log v txt
mam to udelat znova s vypnutym antivirem ???
i po cleanu problem stale pretrvava, pokud chci cokoliv delat musim vypnout ve spravci uloh proces SVCHOST.exe který vuziva procesor 94 - 99 procent, pak pc funguje.
zatim dekuji Milan
# AdwCleaner v6.044 - Log vytvořen 16/03/2017 v 19:19:21
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : bonapart - AAA-8D452092365
# Spuštěno z : C:\Documents and Settings\bonapart\Plocha\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Program Files\VideoViewer
[-] Složka smazána: C:\temp
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\temp
[-] Složka smazána: C:\WINDOWS\temp
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\ytd video downloader
[-] Složka smazána: C:\Documents and Settings\All Users\Nabídka Start\Programy\Uniblue
[-] Složka smazána: C:\Documents and Settings\All Users\Nabídka Start\Programy\ytd video downloader
[-] Složka smazána: C:\Program Files\GreenTree Applications
[-] Složka smazána: C:\Program Files\Uniblue
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0BF85F37-ECD3-462C-8F41-902FD170F42E}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0BF85F37-ECD3-462C-8F41-902FD170F42E}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommObj.ExtCommObj.WebCommObj.ExtCommObj
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommObj.ExtCommObj.WebCommObj.ExtCommObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0ED2BF70-D5F2-4C89-BC03-DD3E771D5388}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0ED2BF70-D5F2-4C89-BC03-DD3E771D5388}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommunication.WebComObject.WebCommunication.WebComObject
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommunication.WebComObject.WebCommunication.WebComObject.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}]
[-] Klíč smazán: HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\APN PIP
[-] Klíč smazán: HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Uniblue
[#] Klíč smazán po restartu: HKCU\Software\APN PIP
[#] Klíč smazán po restartu: HKCU\Software\Uniblue
[-] Klíč smazán: HKLM\SOFTWARE\PIP
[-] Klíč smazán: HKLM\SOFTWARE\Uniblue
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4295 Bajty] - [16/03/2017 19:19:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [4516 Bajty] - [16/03/2017 19:10:02]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4441 Bajty] ##########
mam to udelat znova s vypnutym antivirem ???
i po cleanu problem stale pretrvava, pokud chci cokoliv delat musim vypnout ve spravci uloh proces SVCHOST.exe který vuziva procesor 94 - 99 procent, pak pc funguje.
zatim dekuji Milan
# AdwCleaner v6.044 - Log vytvořen 16/03/2017 v 19:19:21
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : bonapart - AAA-8D452092365
# Spuštěno z : C:\Documents and Settings\bonapart\Plocha\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Program Files\VideoViewer
[-] Složka smazána: C:\temp
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\temp
[-] Složka smazána: C:\WINDOWS\temp
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\ytd video downloader
[-] Složka smazána: C:\Documents and Settings\All Users\Nabídka Start\Programy\Uniblue
[-] Složka smazána: C:\Documents and Settings\All Users\Nabídka Start\Programy\ytd video downloader
[-] Složka smazána: C:\Program Files\GreenTree Applications
[-] Složka smazána: C:\Program Files\Uniblue
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0BF85F37-ECD3-462C-8F41-902FD170F42E}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0BF85F37-ECD3-462C-8F41-902FD170F42E}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommObj.ExtCommObj.WebCommObj.ExtCommObj
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommObj.ExtCommObj.WebCommObj.ExtCommObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0ED2BF70-D5F2-4C89-BC03-DD3E771D5388}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0ED2BF70-D5F2-4C89-BC03-DD3E771D5388}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommunication.WebComObject.WebCommunication.WebComObject
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommunication.WebComObject.WebCommunication.WebComObject.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}]
[-] Klíč smazán: HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\APN PIP
[-] Klíč smazán: HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Uniblue
[#] Klíč smazán po restartu: HKCU\Software\APN PIP
[#] Klíč smazán po restartu: HKCU\Software\Uniblue
[-] Klíč smazán: HKLM\SOFTWARE\PIP
[-] Klíč smazán: HKLM\SOFTWARE\Uniblue
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4295 Bajty] - [16/03/2017 19:19:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [4516 Bajty] - [16/03/2017 19:10:02]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4441 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu FRST
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu FRST
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by bonapart (16-03-2017 20:52:45)
Running from C:\Documents and Settings\bonapart\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2012-06-15 21:04:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-448539723-1682526488-1417001333-500 - Administrator - Enabled)
ASPNET (S-1-5-21-448539723-1682526488-1417001333-1004 - Limited - Enabled)
bonapart (S-1-5-21-448539723-1682526488-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\bonapart
Guest (S-1-5-21-448539723-1682526488-1417001333-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-448539723-1682526488-1417001333-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-448539723-1682526488-1417001333-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\uTorrent) (Version: 1.7.7 - )
µTorrent CZ 1.7.7 (build 8179) (HKLM\...\µTorrent CZ_is1) (Version: - emc)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop 6.0.1 CE (HKLM\...\Adobe Photoshop 6.0.1 CE) (Version: 6.0.1 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Apple Application Support (HKLM\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.252-060503a-038185C-ATI - )
Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2) (HKLM\...\819D45A9F73817F5B6D7C71A33ADAB88C5DA1765) (Version: 08/03/2007 6.84.0.2 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6) (HKLM\...\6A630DCEC5EEC912115F2FF59D8C2C769798D930) (Version: 10/12/2007 3.6 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Canon CanoScan Toolbox 4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CorelDRAW Graphics Suite 12 (HKLM\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
CyberLink PowerDVD 9.0.1501 CZ (HKLM\...\CyberLink PowerDVD 9.0.1501) (Version: - Sub - Zero)
DVDFab 7.0.4.0 (15/04/2010) (HKLM\...\DVDFab 7_is1) (Version: - Fengtao Software Inc.)
FormatFactory 3.7.0.0 (HKLM\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 8.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 8.8.0 - )
McAfee Agent (HKLM\...\{D107EA80-023A-443C-AA79-1C4B0CB2E227}) (Version: 4.6.0.2988 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.03000 - McAfee, Inc.)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.85.14.1 - Nokia)
Nokia PC Suite (Version: 6.85.14.1 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
O&O Defrag Professional Edition (HKLM\...\{53480330-E1D1-41CA-B8F8-7F78644F7F50}) (Version: 10.0.1634 - O&O Software GmbH)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Translator (HKLM\...\PC Translator) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.6 - Frank Heindörfer, Philip Chinery)
PDFCreator Toolbar (HKLM\...\PDFCreator Toolbar) (Version: 3.3.0.1 - )
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software602 Form Filler rozšíření pro internetové prohlížeče (HKLM\...\602XMLFiller_CAB) (Version: 4.12 - Software602 a.s.)
Sonic Foundry Sound Forge 6.0a (HKLM\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.16.10.201607130957 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sound Blaster Live! (HKLM\...\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}) (Version: - )
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1006 - SUPERAntiSpyware.com)
Ultra Video Joiner 5.2.0603 (HKLM\...\Ultra Video Joiner_is1) (Version: - Aone Software)
Uniblue RegistryBooster 2009 (HKLM\...\Uniblue RegistryBooster 2009) (Version: - Uniblue Systems)
Uniblue RegistryBooster 2009 (Version: 3.0 - Uniblue Systems) Hidden
Video Viewer (HKLM\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.25 - VSO-Software SARL)
VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip (HKLM\...\WinZip) (Version: - )
XMedia Recode version 3.1.3.7 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.3.7 - XMedia Recode)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
YTD (pepak) (HKLM\...\YTD_Pepak) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{677D54F0-573E-11D4-9385-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpep.dll (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{8AC29A61-573D-11D4-9385-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpeo.ocx (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{943AA438-0ED3-11D3-8CE7-00105AC417F9}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpeo.ocx (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{B4E83711-62D3-11D4-9396-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpep.dll (O&O Software GmbH)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Documents and Settings\bonapart\Okolní síť\Mé stránky WWW v síti MSN\target.lnk -> hxxp://uk.msnusers.co
==================== Loaded Modules (Whitelisted) ==============
2012-12-08 19:41 - 2001-10-28 17:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2007-04-18 20:30 - 2007-04-18 20:30 - 00393216 _____ () C:\Program Files\McAfee\Common Framework\cryptocme2.dll
2007-04-18 20:30 - 2007-04-18 20:30 - 00471040 _____ () C:\Program Files\McAfee\Common Framework\ccme_base.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2012-06-17 08:46 - 2012-06-17 08:46 - 00045056 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
2014-04-20 09:02 - 2009-08-16 16:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-17 08:46 - 2012-06-17 08:46 - 00026624 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
2012-06-17 08:46 - 2012-06-17 08:46 - 00200704 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\TrnOET.dll
2016-09-07 16:27 - 2016-09-06 11:00 - 05197312 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 16:27 - 2016-09-06 11:00 - 00147456 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-10-25 15:00 - 2012-09-27 20:15 - 00000777 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 license.superantispyware.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Program Files\McAfee\Common Framework\FrameworkService.exe] => Enabled:McAfee Framework Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
StandardProfile\AuthorizedApplications: [C:\Program Files\uTorrent\utorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\proxy.exe] => Enabled:Proxyy
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\phoenix.exe] => Enabled:Phoenixx
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\wget.exe] => Enabled:Wgett
StandardProfile\AuthorizedApplications: [C:\Program Files\Moloz\cpu\cpu.exe] => Enabled:Molozcpu
StandardProfile\AuthorizedApplications: [C:\Program Files\Moloz\gpu\gpu.exe] => Enabled:Molozgpu
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe] => Enabled:Update Engine
StandardProfile\AuthorizedApplications: [C:\Program Files\McAfee\Common Framework\FrameworkService.exe] => Enabled:McAfee Framework Service
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoViewer\VideoViewer.exe] => Enabled:VideoViewer
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows
StandardProfile\GloballyOpenPorts: [80:TCP] => Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
==================== Restore Points =========================
20-11-2016 11:44:14 Kontrolní bod systému
24-11-2016 18:08:09 Kontrolní bod systému
28-11-2016 20:51:13 Kontrolní bod systému
02-12-2016 22:15:19 Kontrolní bod systému
04-12-2016 19:59:00 Kontrolní bod systému
07-12-2016 22:52:06 Kontrolní bod systému
10-12-2016 20:32:19 Kontrolní bod systému
16-12-2016 09:08:15 Revo Uninstaller Pro's restore point - RealPlayer
16-12-2016 21:14:00 Revo Uninstaller Pro's restore point - ESET Smart Security
16-12-2016 21:16:17 Removed ESET Smart Security
17-12-2016 09:41:26 Revo Uninstaller Pro's restore point - RealPlayer
17-12-2016 11:30:02 Software Distribution Service 3.0
17-12-2016 22:30:29 Uniblue RegistryBooster 2009
18-12-2016 18:29:41 Installed McAfee VirusScan Enterprise.
18-12-2016 18:41:24 Revo Uninstaller Pro's restore point - QuickTime Alternative 2.9.0
18-12-2016 18:41:53 Removed QuickTime
18-12-2016 18:44:00 Revo Uninstaller Pro's restore point - QuickTime Alternative 2.9.0
18-12-2016 18:46:09 Revo Uninstaller Pro's restore point - YTD Video Downloader 3.9.6
18-12-2016 18:47:10 Revo Uninstaller Pro's restore point - JDownloader 2
18-12-2016 18:49:07 Revo Uninstaller Pro's restore point - Uniblue DriverScanner
18-12-2016 18:50:07 Revo Uninstaller Pro's restore point - Freemake Video Downloader
18-12-2016 19:03:48 Revo Uninstaller Pro's restore point - Encyklopedie historie
18-12-2016 19:03:58 Odstraněno Encyklopedie historie
18-12-2016 19:11:25 Uniblue RegistryBooster 2009
26-12-2016 21:19:05 Kontrolní bod systému
08-01-2017 11:12:35 Kontrolní bod systému
19-01-2017 19:07:04 Kontrolní bod systému
05-02-2017 22:10:40 Odebráno: Software Bluetooth WIDCOMM
07-02-2017 18:55:52 Kontrolní bod systému
07-02-2017 19:22:43 Uniblue RegistryBooster 2009
09-02-2017 19:23:41 Kontrolní bod systému
11-02-2017 12:43:19 Kontrolní bod systému
14-02-2017 19:57:51 Kontrolní bod systému
04-03-2017 10:50:25 Kontrolní bod systému
05-03-2017 16:44:27 Uniblue RegistryBooster 2009
09-03-2017 21:45:14 Kontrolní bod systému
==================== Faulty Device Manager Devices =============
Name: Intel(R) 82801EB SMBus Controller - 24D3 (Intel(R) SMBus 2.0 Driver)
Description: Intel(R) 82801EB SMBus Controller - 24D3 (Intel(R) SMBus 2.0 Driver)
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: smbusp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Multimediální zvukový adaptér
Description: Multimediální zvukový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Nokia 6230i
Description: Nokia 6230i
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2017 11:19:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:19:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:19:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:18:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:17:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/05/2017 04:50:20 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Podproces v procesu C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe trval pøi plnìní požadavku déle než 90000 ms.
Proces bude ukonèen .
Id prodprocesu: 3412 (0xd54)
Adresa podprocesu 0x7C90E514
Zpráva podprocesu
Build VSCORE.15.1.0.500 / 5800.7501
Object being scanned = \Device\HarddiskVolume1\Documents and Settings\bonapart\Local Settings\Temp\689211B7.TMP
by C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
7200(62)(0)
7595(62)(0)
7005(62)(0)
7004(62)(0)
5006(0)(0)
5004(0)(0)
5003(0)(0)
5002(0)(1)
Error: (01/16/2017 07:20:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace AcroRd32.exe, verze 11.0.8.4, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (01/12/2017 06:47:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace AcroRd32.exe, verze 11.0.8.4, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (01/03/2017 09:25:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 49.0.2623.112, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (12/17/2016 12:44:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace FRST.exe, verze 17.12.2016.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
System errors:
=============
Error: (03/16/2017 08:46:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (03/16/2017 07:22:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba O&O Defrag byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba 602Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAS Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (03/16/2017 07:15:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 06:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 2046.73 MB
Available physical RAM: 1374.68 MB
Total Virtual: 3942.66 MB
Available Virtual: 3375.12 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.48 GB) (Free:14.09 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (Nový svazek) (Fixed) (Total:319.27 GB) (Free:15.91 GB) NTFS
Drive g: () (Fixed) (Total:232.88 GB) (Free:18.37 GB) NTFS ==>[drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 79617961)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 644E8DCC)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by bonapart (16-03-2017 20:52:45)
Running from C:\Documents and Settings\bonapart\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2012-06-15 21:04:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-448539723-1682526488-1417001333-500 - Administrator - Enabled)
ASPNET (S-1-5-21-448539723-1682526488-1417001333-1004 - Limited - Enabled)
bonapart (S-1-5-21-448539723-1682526488-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\bonapart
Guest (S-1-5-21-448539723-1682526488-1417001333-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-448539723-1682526488-1417001333-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-448539723-1682526488-1417001333-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\uTorrent) (Version: 1.7.7 - )
µTorrent CZ 1.7.7 (build 8179) (HKLM\...\µTorrent CZ_is1) (Version: - emc)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop 6.0.1 CE (HKLM\...\Adobe Photoshop 6.0.1 CE) (Version: 6.0.1 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Apple Application Support (HKLM\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.252-060503a-038185C-ATI - )
Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2) (HKLM\...\819D45A9F73817F5B6D7C71A33ADAB88C5DA1765) (Version: 08/03/2007 6.84.0.2 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6) (HKLM\...\6A630DCEC5EEC912115F2FF59D8C2C769798D930) (Version: 10/12/2007 3.6 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Canon CanoScan Toolbox 4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CorelDRAW Graphics Suite 12 (HKLM\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
CyberLink PowerDVD 9.0.1501 CZ (HKLM\...\CyberLink PowerDVD 9.0.1501) (Version: - Sub - Zero)
DVDFab 7.0.4.0 (15/04/2010) (HKLM\...\DVDFab 7_is1) (Version: - Fengtao Software Inc.)
FormatFactory 3.7.0.0 (HKLM\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 8.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 8.8.0 - )
McAfee Agent (HKLM\...\{D107EA80-023A-443C-AA79-1C4B0CB2E227}) (Version: 4.6.0.2988 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.03000 - McAfee, Inc.)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.85.14.1 - Nokia)
Nokia PC Suite (Version: 6.85.14.1 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
O&O Defrag Professional Edition (HKLM\...\{53480330-E1D1-41CA-B8F8-7F78644F7F50}) (Version: 10.0.1634 - O&O Software GmbH)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Translator (HKLM\...\PC Translator) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.6 - Frank Heindörfer, Philip Chinery)
PDFCreator Toolbar (HKLM\...\PDFCreator Toolbar) (Version: 3.3.0.1 - )
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software602 Form Filler rozšíření pro internetové prohlížeče (HKLM\...\602XMLFiller_CAB) (Version: 4.12 - Software602 a.s.)
Sonic Foundry Sound Forge 6.0a (HKLM\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.16.10.201607130957 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sound Blaster Live! (HKLM\...\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}) (Version: - )
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1006 - SUPERAntiSpyware.com)
Ultra Video Joiner 5.2.0603 (HKLM\...\Ultra Video Joiner_is1) (Version: - Aone Software)
Uniblue RegistryBooster 2009 (HKLM\...\Uniblue RegistryBooster 2009) (Version: - Uniblue Systems)
Uniblue RegistryBooster 2009 (Version: 3.0 - Uniblue Systems) Hidden
Video Viewer (HKLM\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.25 - VSO-Software SARL)
VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip (HKLM\...\WinZip) (Version: - )
XMedia Recode version 3.1.3.7 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.3.7 - XMedia Recode)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
YTD (pepak) (HKLM\...\YTD_Pepak) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{677D54F0-573E-11D4-9385-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpep.dll (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{8AC29A61-573D-11D4-9385-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpeo.ocx (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{943AA438-0ED3-11D3-8CE7-00105AC417F9}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpeo.ocx (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{B4E83711-62D3-11D4-9396-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpep.dll (O&O Software GmbH)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Documents and Settings\bonapart\Okolní síť\Mé stránky WWW v síti MSN\target.lnk -> hxxp://uk.msnusers.co
==================== Loaded Modules (Whitelisted) ==============
2012-12-08 19:41 - 2001-10-28 17:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2007-04-18 20:30 - 2007-04-18 20:30 - 00393216 _____ () C:\Program Files\McAfee\Common Framework\cryptocme2.dll
2007-04-18 20:30 - 2007-04-18 20:30 - 00471040 _____ () C:\Program Files\McAfee\Common Framework\ccme_base.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2012-06-17 08:46 - 2012-06-17 08:46 - 00045056 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
2014-04-20 09:02 - 2009-08-16 16:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-17 08:46 - 2012-06-17 08:46 - 00026624 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
2012-06-17 08:46 - 2012-06-17 08:46 - 00200704 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\TrnOET.dll
2016-09-07 16:27 - 2016-09-06 11:00 - 05197312 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 16:27 - 2016-09-06 11:00 - 00147456 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-10-25 15:00 - 2012-09-27 20:15 - 00000777 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 license.superantispyware.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Program Files\McAfee\Common Framework\FrameworkService.exe] => Enabled:McAfee Framework Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
StandardProfile\AuthorizedApplications: [C:\Program Files\uTorrent\utorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\proxy.exe] => Enabled:Proxyy
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\phoenix.exe] => Enabled:Phoenixx
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\wget.exe] => Enabled:Wgett
StandardProfile\AuthorizedApplications: [C:\Program Files\Moloz\cpu\cpu.exe] => Enabled:Molozcpu
StandardProfile\AuthorizedApplications: [C:\Program Files\Moloz\gpu\gpu.exe] => Enabled:Molozgpu
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe] => Enabled:Update Engine
StandardProfile\AuthorizedApplications: [C:\Program Files\McAfee\Common Framework\FrameworkService.exe] => Enabled:McAfee Framework Service
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoViewer\VideoViewer.exe] => Enabled:VideoViewer
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows
StandardProfile\GloballyOpenPorts: [80:TCP] => Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
==================== Restore Points =========================
20-11-2016 11:44:14 Kontrolní bod systému
24-11-2016 18:08:09 Kontrolní bod systému
28-11-2016 20:51:13 Kontrolní bod systému
02-12-2016 22:15:19 Kontrolní bod systému
04-12-2016 19:59:00 Kontrolní bod systému
07-12-2016 22:52:06 Kontrolní bod systému
10-12-2016 20:32:19 Kontrolní bod systému
16-12-2016 09:08:15 Revo Uninstaller Pro's restore point - RealPlayer
16-12-2016 21:14:00 Revo Uninstaller Pro's restore point - ESET Smart Security
16-12-2016 21:16:17 Removed ESET Smart Security
17-12-2016 09:41:26 Revo Uninstaller Pro's restore point - RealPlayer
17-12-2016 11:30:02 Software Distribution Service 3.0
17-12-2016 22:30:29 Uniblue RegistryBooster 2009
18-12-2016 18:29:41 Installed McAfee VirusScan Enterprise.
18-12-2016 18:41:24 Revo Uninstaller Pro's restore point - QuickTime Alternative 2.9.0
18-12-2016 18:41:53 Removed QuickTime
18-12-2016 18:44:00 Revo Uninstaller Pro's restore point - QuickTime Alternative 2.9.0
18-12-2016 18:46:09 Revo Uninstaller Pro's restore point - YTD Video Downloader 3.9.6
18-12-2016 18:47:10 Revo Uninstaller Pro's restore point - JDownloader 2
18-12-2016 18:49:07 Revo Uninstaller Pro's restore point - Uniblue DriverScanner
18-12-2016 18:50:07 Revo Uninstaller Pro's restore point - Freemake Video Downloader
18-12-2016 19:03:48 Revo Uninstaller Pro's restore point - Encyklopedie historie
18-12-2016 19:03:58 Odstraněno Encyklopedie historie
18-12-2016 19:11:25 Uniblue RegistryBooster 2009
26-12-2016 21:19:05 Kontrolní bod systému
08-01-2017 11:12:35 Kontrolní bod systému
19-01-2017 19:07:04 Kontrolní bod systému
05-02-2017 22:10:40 Odebráno: Software Bluetooth WIDCOMM
07-02-2017 18:55:52 Kontrolní bod systému
07-02-2017 19:22:43 Uniblue RegistryBooster 2009
09-02-2017 19:23:41 Kontrolní bod systému
11-02-2017 12:43:19 Kontrolní bod systému
14-02-2017 19:57:51 Kontrolní bod systému
04-03-2017 10:50:25 Kontrolní bod systému
05-03-2017 16:44:27 Uniblue RegistryBooster 2009
09-03-2017 21:45:14 Kontrolní bod systému
==================== Faulty Device Manager Devices =============
Name: Intel(R) 82801EB SMBus Controller - 24D3 (Intel(R) SMBus 2.0 Driver)
Description: Intel(R) 82801EB SMBus Controller - 24D3 (Intel(R) SMBus 2.0 Driver)
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: smbusp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Multimediální zvukový adaptér
Description: Multimediální zvukový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Nokia 6230i
Description: Nokia 6230i
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2017 11:19:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:19:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:19:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:18:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/06/2017 11:17:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (03/05/2017 04:50:20 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Podproces v procesu C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe trval pøi plnìní požadavku déle než 90000 ms.
Proces bude ukonèen .
Id prodprocesu: 3412 (0xd54)
Adresa podprocesu 0x7C90E514
Zpráva podprocesu
Build VSCORE.15.1.0.500 / 5800.7501
Object being scanned = \Device\HarddiskVolume1\Documents and Settings\bonapart\Local Settings\Temp\689211B7.TMP
by C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
7200(62)(0)
7595(62)(0)
7005(62)(0)
7004(62)(0)
5006(0)(0)
5004(0)(0)
5003(0)(0)
5002(0)(1)
Error: (01/16/2017 07:20:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace AcroRd32.exe, verze 11.0.8.4, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (01/12/2017 06:47:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace AcroRd32.exe, verze 11.0.8.4, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (01/03/2017 09:25:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 49.0.2623.112, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error: (12/17/2016 12:44:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace FRST.exe, verze 17.12.2016.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
System errors:
=============
Error: (03/16/2017 08:46:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (03/16/2017 07:22:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba O&O Defrag byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba 602Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAS Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (03/16/2017 07:15:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/16/2017 06:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 2046.73 MB
Available physical RAM: 1374.68 MB
Total Virtual: 3942.66 MB
Available Virtual: 3375.12 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.48 GB) (Free:14.09 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (Nový svazek) (Fixed) (Total:319.27 GB) (Free:15.91 GB) NTFS
Drive g: () (Fixed) (Total:232.88 GB) (Free:18.37 GB) NTFS ==>[drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 79617961)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 644E8DCC)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu FRST
Toto je pouze Addition. Potřebuji ještě samotný log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Ran by bonapart (administrator) on AAA-8D452092365 (17-03-2017 10:35:17)
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
() C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Documents and Settings\bonapart\Plocha\FRSTLAUNCHER.EXE
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WINDVDPatch] => C:\WINDOWS\system32\CTHELPER.EXE [24576 2002-07-02] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [OODefragTray] => C:\WINDOWS\system32\oodtray.exe [2512392 2007-05-11] (O&O Software GmbH)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [333416 2012-09-05] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [242792 2012-12-03] (McAfee, Inc.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03] (ATI Technologies Inc.)
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\Run: [OEXPRESS] => C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE [26624 2012-06-17] ()
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1294336 2007-11-07] (Time Information Services Ltd.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuštÄ›nĂ\Adobe Gamma Loader.exe.lnk [2012-06-16]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuštÄ›nĂ\Microsoft Office.lnk [2012-06-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B9E8FD39-D613-4BAE-8870-261FB5703D57}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20161218183001.dll [2016-12-18] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
Toolbar: HKU\S-1-5-21-448539723-1682526488-1417001333-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2012-04-20] (SpoleÄŤnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://85.70.231.178:8888/AVC_AX_764.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1339796493156
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-06-16] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-26] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Default [2016-04-21]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1 [2017-03-17]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\System Profile [2016-12-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-27] (SUPERAntiSpyware.com) [File not signed]
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-05-03] () [File not signed]
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [202376 2016-12-18] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2012-12-03] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [167344 2016-12-18] (McAfee, Inc.)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 btwsecfl; C:\WINDOWS\System32\drivers\btwsecfl.sys [92792 2012-09-18] (Broadcom Corporation.)
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 ggsomc; C:\WINDOWS\System32\DRIVERS\ggsomc.sys [26328 2015-10-27] (Sony Mobile Communications)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [132912 2016-12-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [234824 2016-12-18] (McAfee, Inc.)
R3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [65488 2016-12-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [565352 2016-12-18] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [92192 2016-12-18] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [91168 2016-12-18] (McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2013-09-09] (VSO Software) [File not signed]
S3 pmserenum; C:\WINDOWS\System32\DRIVERS\pmserenum.sys [30616 2012-09-06] (PenMount) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX32.sys [104848 2012-12-14] (Ray Hinchliffe)
S3 smbusp; C:\WINDOWS\System32\DRIVERS\intelsmb.sys [45184 2012-09-06] (Intel Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwmodem; system32\DRIVERS\btwmodem.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 eapihdrv; \??\C:\DOCUME~1\bonapart\LOCALS~1\Temp\ehdrv.sys [X]
U3 mfeavfk01; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-17 10:35 - 2017-03-17 10:37 - 00017240 _____ C:\Documents and Settings\bonapart\Plocha\FRST.txt
2017-03-17 10:34 - 2017-03-17 10:34 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\FRST-OlderVersion
2017-03-17 10:33 - 2017-03-17 10:34 - 01766912 _____ (Farbar) C:\Documents and Settings\bonapart\Plocha\FRST.exe
2017-03-17 10:21 - 2017-03-17 10:21 - 00000000 ____D C:\Documents and Settings\bonapart\NabĂdka Start\Programy\CyberLink PowerDVD 9
2017-03-16 18:43 - 2017-03-16 19:19 - 00000000 ____D C:\AdwCleaner
2017-03-16 18:29 - 2017-03-16 18:30 - 04031440 _____ C:\Documents and Settings\bonapart\Plocha\adwcleaner_6.044.exe
2017-03-16 18:17 - 2017-03-17 10:21 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.BAK
2017-03-12 20:57 - 2010-09-22 19:20 - 11987016 _____ C:\Documents and Settings\bonapart\Plocha\22092010054.mp4
2017-03-12 20:57 - 2010-09-16 18:05 - 32903418 _____ C:\Documents and Settings\bonapart\Plocha\16092010051.mp4
2017-03-12 20:57 - 2010-09-16 17:52 - 04968804 _____ C:\Documents and Settings\bonapart\Plocha\16092010050.mp4
2017-03-03 18:44 - 2017-03-03 18:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\slevomat
2017-02-27 19:53 - 2017-03-02 18:01 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\dan
2017-02-20 19:44 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\SilverKeyFree.4.9.0.2 šifrovánĂ
2017-02-18 16:52 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Lucie Melichová
2017-02-17 18:52 - 2017-02-17 18:52 - 01422446 _____ C:\Documents and Settings\bonapart\Plocha\PrvnĂ pĹ™Ăznak 'Alzheimera.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-17 10:47 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Local Settings\Temp
2017-03-17 10:35 - 2016-12-17 12:15 - 00000000 ____D C:\FRST
2017-03-17 10:35 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha
2017-03-17 10:34 - 2012-06-15 22:10 - 00000000 ___HD C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ
2017-03-17 10:22 - 2001-10-25 15:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2017-03-17 10:21 - 2016-12-17 22:00 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-17 10:21 - 2016-07-01 21:25 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
2017-03-17 10:21 - 2014-03-19 10:45 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášenà k oznamovánà konce poskytovánà služeb pro Microsoft Windows XP.job
2017-03-17 10:21 - 2013-08-13 08:29 - 02652329 _____ C:\WINDOWS\system32\oodbs.lor
2017-03-17 10:21 - 2012-06-16 10:12 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.CDF
2017-03-17 10:21 - 2012-06-15 22:10 - 00000000 ___RD C:\Documents and Settings\bonapart\NabĂdka Start\Programy
2017-03-17 10:21 - 2012-06-15 22:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-16 21:10 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-03-16 21:10 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-03-16 21:10 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-16 21:10 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-16 21:10 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-15 22:10 - 00000178 ___SH C:\Documents and Settings\bonapart\ntuser.ini
2017-03-16 21:10 - 2012-06-15 22:05 - 00032288 _____ C:\WINDOWS\SchedLgU.Txt
2017-03-16 21:08 - 2012-06-16 19:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-16 21:05 - 2016-12-17 22:00 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-16 20:46 - 2016-12-22 16:48 - 00000000 ____D C:\QUARANTINE
2017-03-16 20:46 - 2012-06-15 23:44 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2017-03-16 19:18 - 2012-06-15 23:51 - 00000000 ___RD C:\Documents and Settings\All Users\NabĂdka Start\Programy
2017-03-16 19:18 - 2012-06-15 23:49 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikacĂ
2017-03-16 10:13 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart
2017-03-13 17:58 - 2017-02-01 18:52 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Ota
2017-03-12 21:06 - 2012-06-18 18:03 - 00000000 ____D C:\Documents and Settings\bonapart\Data aplikacĂ\vlc
2017-03-12 21:05 - 2012-06-29 19:37 - 00042496 _____ C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-09 20:59 - 2015-12-30 20:17 - 00000038 _____ C:\WINDOWS\AviSplitter.INI
2017-03-09 19:16 - 2016-08-25 17:50 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\karta
2017-03-07 12:08 - 2012-06-16 19:25 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Angl.Nella
2017-03-05 16:45 - 2014-07-06 00:07 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NA EXTERAK
2017-03-01 19:50 - 2017-01-26 18:37 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\JIDELĂK od 1.2.2017
2017-02-27 19:22 - 2017-02-13 19:24 - 00000530 _____ C:\Documents and Settings\bonapart\Plocha\Zástupce - Divoké-vlny-(anim.-2007)cz---IRISA.lnk
2017-02-22 19:04 - 2012-06-16 17:32 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NĂSTROJE
2017-02-22 19:04 - 2012-06-15 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
==================== Files in the root of some directories =======
2012-12-05 21:43 - 2013-09-09 17:55 - 0087608 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\inst.exe
2012-12-05 21:43 - 2013-09-09 17:55 - 0007887 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.cat
2012-12-05 21:43 - 2013-09-09 17:55 - 0001144 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.inf
2012-12-05 21:43 - 2013-09-09 17:55 - 0000034 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.log
2012-12-05 21:43 - 2013-09-09 17:55 - 0047360 _____ (VSO Software) C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.sys
2012-06-29 19:37 - 2017-03-12 21:05 - 0042496 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-16 08:35 - 2012-06-16 08:35 - 0000128 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\fusioncache.dat
2016-03-08 13:30 - 2016-08-18 19:49 - 45700992 _____ (Sony) C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\pcc.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MÄ›sĂÄŤnĂ oznamovánĂ konce poskytovánĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášenà k oznamovánà konce poskytovánà služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\bonapart\Plocha" je 86594 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\phoenix2\\files\\proxy.exe"="C:\\phoenix2\\files\\proxy.exe:*:Enabled:Proxyy"
"C:\\phoenix2\\files\\phoenix.exe"="C:\\phoenix2\\files\\phoenix.exe:*:Enabled:Phoenixx"
"C:\\phoenix2\\files\\wget.exe"="C:\\phoenix2\\files\\wget.exe:*:Enabled:Wgett"
"C:\\Program Files\\Moloz\\cpu\\cpu.exe"="C:\\Program Files\\Moloz\\cpu\\cpu.exe:*:Enabled:Molozcpu"
"C:\\Program Files\\Moloz\\gpu\\gpu.exe"="C:\\Program Files\\Moloz\\gpu\\gpu.exe:*:Enabled:Molozgpu"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe"="C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe:*:Enabled:Update Engine"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\\Program Files\\VideoViewer\\VideoViewer.exe"="C:\\Program Files\\VideoViewer\\VideoViewer.exe:*:Enabled:VideoViewer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP:*:Disabled:Vzd len spr va syst‚mu Windows "
"80:TCP"="80:TCP:*:Disabled:Vzd len spr va syst‚mu Windows - re§im kompatibility (HTTP-In) "
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by bonapart (administrator) on AAA-8D452092365 (17-03-2017 10:35:17)
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
() C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Documents and Settings\bonapart\Plocha\FRSTLAUNCHER.EXE
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WINDVDPatch] => C:\WINDOWS\system32\CTHELPER.EXE [24576 2002-07-02] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [OODefragTray] => C:\WINDOWS\system32\oodtray.exe [2512392 2007-05-11] (O&O Software GmbH)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [333416 2012-09-05] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [242792 2012-12-03] (McAfee, Inc.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03] (ATI Technologies Inc.)
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\Run: [OEXPRESS] => C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE [26624 2012-06-17] ()
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1294336 2007-11-07] (Time Information Services Ltd.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuštÄ›nĂ\Adobe Gamma Loader.exe.lnk [2012-06-16]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuštÄ›nĂ\Microsoft Office.lnk [2012-06-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B9E8FD39-D613-4BAE-8870-261FB5703D57}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20161218183001.dll [2016-12-18] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
Toolbar: HKU\S-1-5-21-448539723-1682526488-1417001333-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2012-04-20] (SpoleÄŤnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://85.70.231.178:8888/AVC_AX_764.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1339796493156
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-06-16] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-26] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Default [2016-04-21]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1 [2017-03-17]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\System Profile [2016-12-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-27] (SUPERAntiSpyware.com) [File not signed]
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-05-03] () [File not signed]
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [202376 2016-12-18] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2012-12-03] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [167344 2016-12-18] (McAfee, Inc.)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 btwsecfl; C:\WINDOWS\System32\drivers\btwsecfl.sys [92792 2012-09-18] (Broadcom Corporation.)
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 ggsomc; C:\WINDOWS\System32\DRIVERS\ggsomc.sys [26328 2015-10-27] (Sony Mobile Communications)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [132912 2016-12-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [234824 2016-12-18] (McAfee, Inc.)
R3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [65488 2016-12-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [565352 2016-12-18] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [92192 2016-12-18] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [91168 2016-12-18] (McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2013-09-09] (VSO Software) [File not signed]
S3 pmserenum; C:\WINDOWS\System32\DRIVERS\pmserenum.sys [30616 2012-09-06] (PenMount) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX32.sys [104848 2012-12-14] (Ray Hinchliffe)
S3 smbusp; C:\WINDOWS\System32\DRIVERS\intelsmb.sys [45184 2012-09-06] (Intel Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwmodem; system32\DRIVERS\btwmodem.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 eapihdrv; \??\C:\DOCUME~1\bonapart\LOCALS~1\Temp\ehdrv.sys [X]
U3 mfeavfk01; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-17 10:35 - 2017-03-17 10:37 - 00017240 _____ C:\Documents and Settings\bonapart\Plocha\FRST.txt
2017-03-17 10:34 - 2017-03-17 10:34 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\FRST-OlderVersion
2017-03-17 10:33 - 2017-03-17 10:34 - 01766912 _____ (Farbar) C:\Documents and Settings\bonapart\Plocha\FRST.exe
2017-03-17 10:21 - 2017-03-17 10:21 - 00000000 ____D C:\Documents and Settings\bonapart\NabĂdka Start\Programy\CyberLink PowerDVD 9
2017-03-16 18:43 - 2017-03-16 19:19 - 00000000 ____D C:\AdwCleaner
2017-03-16 18:29 - 2017-03-16 18:30 - 04031440 _____ C:\Documents and Settings\bonapart\Plocha\adwcleaner_6.044.exe
2017-03-16 18:17 - 2017-03-17 10:21 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.BAK
2017-03-12 20:57 - 2010-09-22 19:20 - 11987016 _____ C:\Documents and Settings\bonapart\Plocha\22092010054.mp4
2017-03-12 20:57 - 2010-09-16 18:05 - 32903418 _____ C:\Documents and Settings\bonapart\Plocha\16092010051.mp4
2017-03-12 20:57 - 2010-09-16 17:52 - 04968804 _____ C:\Documents and Settings\bonapart\Plocha\16092010050.mp4
2017-03-03 18:44 - 2017-03-03 18:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\slevomat
2017-02-27 19:53 - 2017-03-02 18:01 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\dan
2017-02-20 19:44 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\SilverKeyFree.4.9.0.2 šifrovánĂ
2017-02-18 16:52 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Lucie Melichová
2017-02-17 18:52 - 2017-02-17 18:52 - 01422446 _____ C:\Documents and Settings\bonapart\Plocha\PrvnĂ pĹ™Ăznak 'Alzheimera.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-17 10:47 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Local Settings\Temp
2017-03-17 10:35 - 2016-12-17 12:15 - 00000000 ____D C:\FRST
2017-03-17 10:35 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha
2017-03-17 10:34 - 2012-06-15 22:10 - 00000000 ___HD C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ
2017-03-17 10:22 - 2001-10-25 15:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2017-03-17 10:21 - 2016-12-17 22:00 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-17 10:21 - 2016-07-01 21:25 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
2017-03-17 10:21 - 2014-03-19 10:45 - 00000228 _____ C:\WINDOWS\Tasks\Přihlášenà k oznamovánà konce poskytovánà služeb pro Microsoft Windows XP.job
2017-03-17 10:21 - 2013-08-13 08:29 - 02652329 _____ C:\WINDOWS\system32\oodbs.lor
2017-03-17 10:21 - 2012-06-16 10:12 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.CDF
2017-03-17 10:21 - 2012-06-15 22:10 - 00000000 ___RD C:\Documents and Settings\bonapart\NabĂdka Start\Programy
2017-03-17 10:21 - 2012-06-15 22:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-16 21:10 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-03-16 21:10 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-03-16 21:10 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-16 21:10 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-16 21:10 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-15 22:10 - 00000178 ___SH C:\Documents and Settings\bonapart\ntuser.ini
2017-03-16 21:10 - 2012-06-15 22:05 - 00032288 _____ C:\WINDOWS\SchedLgU.Txt
2017-03-16 21:08 - 2012-06-16 19:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-16 21:05 - 2016-12-17 22:00 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-16 20:46 - 2016-12-22 16:48 - 00000000 ____D C:\QUARANTINE
2017-03-16 20:46 - 2012-06-15 23:44 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2017-03-16 19:18 - 2012-06-15 23:51 - 00000000 ___RD C:\Documents and Settings\All Users\NabĂdka Start\Programy
2017-03-16 19:18 - 2012-06-15 23:49 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikacĂ
2017-03-16 10:13 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart
2017-03-13 17:58 - 2017-02-01 18:52 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Ota
2017-03-12 21:06 - 2012-06-18 18:03 - 00000000 ____D C:\Documents and Settings\bonapart\Data aplikacĂ\vlc
2017-03-12 21:05 - 2012-06-29 19:37 - 00042496 _____ C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-09 20:59 - 2015-12-30 20:17 - 00000038 _____ C:\WINDOWS\AviSplitter.INI
2017-03-09 19:16 - 2016-08-25 17:50 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\karta
2017-03-07 12:08 - 2012-06-16 19:25 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Angl.Nella
2017-03-05 16:45 - 2014-07-06 00:07 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NA EXTERAK
2017-03-01 19:50 - 2017-01-26 18:37 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\JIDELĂK od 1.2.2017
2017-02-27 19:22 - 2017-02-13 19:24 - 00000530 _____ C:\Documents and Settings\bonapart\Plocha\Zástupce - Divoké-vlny-(anim.-2007)cz---IRISA.lnk
2017-02-22 19:04 - 2012-06-16 17:32 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NĂSTROJE
2017-02-22 19:04 - 2012-06-15 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
==================== Files in the root of some directories =======
2012-12-05 21:43 - 2013-09-09 17:55 - 0087608 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\inst.exe
2012-12-05 21:43 - 2013-09-09 17:55 - 0007887 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.cat
2012-12-05 21:43 - 2013-09-09 17:55 - 0001144 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.inf
2012-12-05 21:43 - 2013-09-09 17:55 - 0000034 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.log
2012-12-05 21:43 - 2013-09-09 17:55 - 0047360 _____ (VSO Software) C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.sys
2012-06-29 19:37 - 2017-03-12 21:05 - 0042496 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-16 08:35 - 2012-06-16 08:35 - 0000128 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\fusioncache.dat
2016-03-08 13:30 - 2016-08-18 19:49 - 45700992 _____ (Sony) C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\pcc.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MÄ›sĂÄŤnĂ oznamovánĂ konce poskytovánĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášenà k oznamovánà konce poskytovánà služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\bonapart\Plocha" je 86594 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\phoenix2\\files\\proxy.exe"="C:\\phoenix2\\files\\proxy.exe:*:Enabled:Proxyy"
"C:\\phoenix2\\files\\phoenix.exe"="C:\\phoenix2\\files\\phoenix.exe:*:Enabled:Phoenixx"
"C:\\phoenix2\\files\\wget.exe"="C:\\phoenix2\\files\\wget.exe:*:Enabled:Wgett"
"C:\\Program Files\\Moloz\\cpu\\cpu.exe"="C:\\Program Files\\Moloz\\cpu\\cpu.exe:*:Enabled:Molozcpu"
"C:\\Program Files\\Moloz\\gpu\\gpu.exe"="C:\\Program Files\\Moloz\\gpu\\gpu.exe:*:Enabled:Molozgpu"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe"="C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe:*:Enabled:Update Engine"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\\Program Files\\VideoViewer\\VideoViewer.exe"="C:\\Program Files\\VideoViewer\\VideoViewer.exe:*:Enabled:VideoViewer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP:*:Disabled:Vzd len spr va syst‚mu Windows "
"80:TCP"="80:TCP:*:Disabled:Vzd len spr va syst‚mu Windows - re§im kompatibility (HTTP-In) "
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu FRST
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
U3 mfeavfk01; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
EmptyTemp:
End
Z logu:
To je příliš mnoho a může to způsobovat zpomalení startu systém. Vytvořte v C:\Documents and Settings\bonapart novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Documents and Settings\bonapart\Plocha" je 86594 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu FRST
Fix result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by bonapart (17-03-2017 18:30:16) Run:2
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
U3 mfeavfk01; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
EmptyTemp:
End
*****************
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value restored successfully
HKLM\System\CurrentControlSet\Services\mfeavfk01 => key removed successfully.
mfeavfk01 => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 149011 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/dllcache/drivers => 483 B
Edge => 0 B
Chrome => 22871730 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 66708 B
NetworkService => 66228 B
bonapart => 381645 B
RecycleBin => 0 B
EmptyTemp: => 22.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:31:12 ====
Ran by bonapart (17-03-2017 18:30:16) Run:2
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
U3 mfeavfk01; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
EmptyTemp:
End
*****************
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value restored successfully
HKLM\System\CurrentControlSet\Services\mfeavfk01 => key removed successfully.
mfeavfk01 => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 149011 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/dllcache/drivers => 483 B
Edge => 0 B
Chrome => 22871730 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 66708 B
NetworkService => 66228 B
bonapart => 381645 B
RecycleBin => 0 B
EmptyTemp: => 22.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:31:12 ====
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu FRST
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu FRST
zatim ne, procesor je zahlcenej hned po bootu,jakmile vpravo na liste naskocí antivir a ovladani zvuku atd.
nevim jestli je to podstatne jak jsem už psal pokud vypnu ten proces SVCHOST.exe - system prestane to
nevim jestli je to podstatne jak jsem už psal pokud vypnu ten proces SVCHOST.exe - system prestane to
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu FRST
Svchost spravuje síť. služby. Na zkoušku vypněte aut. aktualizace.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu FRST
to vypnuti auto aktual. pomohlo, :
beží cpu naplno - vypnou se aktualizace nic se nedeje.
reboot - vse chdi ok, jakmile zapnu aktual. cpu jede naplno,
je pravda ze po tom vymazani už zacal chodit lepe chrom, dalo se s tim pracovat , ale procesor a ten proces stale
na plný výkon
beží cpu naplno - vypnou se aktualizace nic se nedeje.
reboot - vse chdi ok, jakmile zapnu aktual. cpu jede naplno,
je pravda ze po tom vymazani už zacal chodit lepe chrom, dalo se s tim pracovat , ale procesor a ten proces stale
na plný výkon
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu FRST
Aktualizace ponecte vypnuté do příštích pravidelných (2. středa v dubnu). Pak je zapněte a nové aktualitace většinou opraví ty předchozí.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu FRST
mam win XP ty uz nejsou tak podporovany, nebo nejaka aktual prijde?
jinak ty logy po vyčistení už nevykazují zadný problem?
jinak ty logy po vyčistení už nevykazují zadný problem?
Přispějete na provoz fóra?