Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
Romiska
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 92
Registrován: 14 říj 2005 16:09

Prosím o kontrolu logu

#1 Příspěvek od Romiska »

Dobrý den,

prosím o kontrolu logu, zda náhodou není něco příčinou mého problému. Poslední dva dny, se mi stává, že se mi nesprávně zobrazuje, nebo vůbec nezobrazuje některá stránka, občas je to v pohodě, občas ne, po restartu téměř vždy v pohodě a po nějaké chvilce to začne psát hlášku ''SyntaxError: Unexpected end of input'' zkoušela jsem to googlit, ale bohužel tomu moc nerozumím. Používám standartně prohlížeč Google Chrome, nicméně i v mozille to psalo obdobnou hlášku. Nikdy dříve jsem tento problém neměla. Děkuji za jakoukoliv pomoc.



Logfile of random's system information tool 1.10 (written by random/random)
Run by Romča at 2018-12-08 01:47:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 334 GB (70%) free of 477 GB
Total RAM: 3070 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:47:31, on 8. 12. 2018
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Romča\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Romča.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4786 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player NPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe -check plugin
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Romča\Data aplikací\Mozilla\Firefox\Profiles\tk2f9qun.default-1530108688718

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.101 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-23 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-23 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-06-25 13529088]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-04-26 1243864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2016-11-15 27226072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Romča^Nabídka Start^Programy^Po spuštění^Registrace FIFA 11.lnk]
C:\Program Files\EA Sports\FIFA 11\Support\EAregister.exe /remind /language=CS /PRID=DR:185015500 /WHPR=FIFA 11 /PRNM=Electronic Arts Product []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FIFA 12\Game\fifa.exe"="C:\Program Files\FIFA 12\Game\fifa.exe:*:Enabled:FIFA 12"
"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"
"C:\Program Files\FIFA 13\Game\fifa13.exe"="C:\Program Files\FIFA 13\Game\fifa13.exe:*:Enabled:FIFA 13"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Documents and Settings\Romča\Plocha\Warcraft III\war3.exe"="C:\Documents and Settings\Romča\Plocha\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe"="C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\2K Sports\NBA 2K14\nba2k14.exe"="C:\Program Files\2K Sports\NBA 2K14\nba2k14.exe:*:Enabled:NBA 2K14"
"C:\Documents and Settings\Romča\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Romča\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Maxthon3\Bin\Maxthon.exe"="C:\Program Files\Maxthon3\Bin\Maxthon.exe:*:Enabled:Maxthon"
"C:\Program Files\Maxthon3\Bin\MxUp.exe"="C:\Program Files\Maxthon3\Bin\MxUp.exe:*:Enabled:MxUp"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FMVC"=fmcodec.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.xvid"=xvidvfw.dll
"vidc.lags"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.divxa32"=DivXa32.acm
"msacm.lameacm"=LameACM.acm

======List of files/folders created in the last 1 month======

2018-12-07 19:59:31 ----D---- C:\Program Files\Safari
2018-12-07 19:59:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2018-12-07 19:59:03 ----D---- C:\Program Files\Apple Software Update
2018-12-07 19:59:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2018-12-07 17:48:24 ----D---- C:\Program Files\Java
2018-12-07 17:48:22 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 1 month======

2018-12-08 01:47:26 ----D---- C:\Program Files\trend micro
2018-12-08 01:18:29 ----D---- C:\WINDOWS\Temp
2018-12-08 01:17:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2018-12-07 20:10:13 ----D---- C:\WINDOWS\system32
2018-12-07 20:10:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2018-12-07 20:10:06 ----D---- C:\WINDOWS\system32\Macromed
2018-12-07 20:02:39 ----D---- C:\Documents and Settings\Romča\Data aplikací\Apple Computer
2018-12-07 19:59:53 ----SHD---- C:\WINDOWS\Installer
2018-12-07 19:59:53 ----D---- C:\Config.Msi
2018-12-07 19:59:43 ----D---- C:\WINDOWS\WinSxS
2018-12-07 19:59:31 ----RD---- C:\Program Files
2018-12-07 19:59:09 ----SD---- C:\WINDOWS\Tasks
2018-12-07 18:13:27 ----D---- C:\WINDOWS\system32\CatRoot2
2018-12-07 17:56:29 ----D---- C:\Program Files\Google
2018-12-07 17:49:05 ----D---- C:\WINDOWS\system32\config
2018-12-07 17:48:47 ----D---- C:\WINDOWS\system32\wbem
2018-12-07 17:48:46 ----D---- C:\WINDOWS\Registration
2018-12-07 17:48:22 ----D---- C:\Program Files\Common Files
2018-12-07 17:34:47 ----D---- C:\WINDOWS\Prefetch
2018-12-07 16:58:32 ----D---- C:\WINDOWS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2018-04-26 105560]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2015-01-30 15576]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2018-04-26 620120]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2018-04-26 29912]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2017-06-04 218688]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2017-06-04 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2017-06-04 25888]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-23 4402176]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-06-25 6555168]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-15 83200]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 ovt519;TRUST 320 SPACEC@M; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-05-06 163072]
S3 SliceDisk5;SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2017-06-04 30720]
S3 vdrive;vdrive; C:\WINDOWS\system32\DRIVERS\vdrive.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2018-04-26 5868440]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-06-25 159812]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-12-10 66872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-12-07 153168]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-07 335872]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-05-26 35160]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2018-04-26 1664216]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-12-07 153168]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-08-03 174032]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Na zaciatok by som chcel upozornit, ze pre system Windows XP skoncila podpora s bezpecnostnymi aktualizaciami uz v roku 2014. Takisto aj prehliadace Chrome a Firefox ukoncili Windows XP (sice Firefox len relativne nedavno - 09/2018). Pouzivanie neaktualizovaneho systemu alebo prehliadacov je riziko (najma ak je pripojeny k internetu), kedze system obsahuje verejne zname a neopravene bezpecnostne chyby, ktore mozu ulahcit napadnutie skodlivym kodom.

:arrow: Stiahni AdwCleaner 6.046 (posledna verzia kompatibilna s WinXP): https://filehippo.com/download_adwcleaner/74895/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na OK
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
:arrow: Stiahni Junkware Removal Tool (JRT): https://downloads.malwarebytes.com/file/JRT-EOL/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti JRT ako spravca
  • Stlac lubovolnu klavesu cim sa spusti cistenie
  • Po dokonceni sa otvori log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Romiska
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 92
Registrován: 14 říj 2005 16:09

Re: Prosím o kontrolu logu

#3 Příspěvek od Romiska »

Zde jsou logy, přidávám do přílohy screen té chyby, jedná se například o stránku http://www.chance.cz, kde se nezobrazí obsah, ale pouze tato chyba, po odkliknutí se dále nic nenačte.


# AdwCleaner v6.046 - Log vytvořen 08/12/2018 v 09:16:54
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-04-24.1 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Romča - ROMANPC
# Spuštěno z : C:\Documents and Settings\Romča\Plocha\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2037 Bajty] - [09/02/2017 17:59:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [1213 Bajty] - [04/06/2017 11:50:53]
C:\AdwCleaner\AdwCleaner[C3].txt - [976 Bajty] - [08/12/2018 09:16:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [2193 Bajty] - [09/02/2017 17:57:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1560 Bajty] - [04/06/2017 11:50:36]
C:\AdwCleaner\AdwCleaner[S2].txt - [1693 Bajty] - [11/06/2017 10:51:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1766 Bajty] - [12/07/2017 17:30:44]
C:\AdwCleaner\AdwCleaner[S4].txt - [1839 Bajty] - [08/12/2018 09:16:44]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1413 Bajty] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Microsoft Windows XP x86
Ran by Romźa (Administrator) on so 08. 12. 2018 at 9:20:13,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 18

Successfully deleted: C:\Documents and Settings\Romźa\Data aplikacˇ\paretologic\regcure pro (Folder)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\2G4SZFPZ (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5JNGHL66 (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5XXPMN8N (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IGE6B6NG (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\KOWETDD3 (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QLSWETPQ (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\TM559GVW (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W4XE1OMJ (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\2G4SZFPZ (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\5JNGHL66 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\5XXPMN8N (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IGE6B6NG (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KOWETDD3 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QLSWETPQ (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\TM559GVW (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\W4XE1OMJ (Temporary Internet Files Folder)



Registry: 1

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 08. 12. 2018 at 9:21:25,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Přílohy
chyba.JPG
chyba.JPG (23.47 KiB) Zobrazeno 2441 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#4 Příspěvek od Conder »

:arrow: Aky prehliadac pouzivas na to?

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Romiska
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 92
Registrován: 14 říj 2005 16:09

Re: Prosím o kontrolu logu

#5 Příspěvek od Romiska »

Používám standartně Google Chrome, nicméně od doby co to začalo dělat, jsem zkusila i Mozillu a následně i prohlížeč seznam.cz, ve všech třech případech to jde na poprvé , podruhé, ale potřetí se objeví tato hláška, akorát u prohlížeče seznam.cz bylo jedno slovo jinak, ale to nemám bohužel vyfocené :( Každopádně po zobrazení této hlášky se nic dalšího na stránce již nenačte ani po stisknutí OK...




Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01.12.2018 01
Ran by Romča (administrator) on ROMANPC (08-12-2018 20:45:45)
Running from C:\Documents and Settings\Romča\Dokumenty\Downloads
Loaded Profiles: Romča (Available Profiles: Romča & Maminka & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-04-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKU\S-1-5-21-1606980848-1500820517-725345543-1003\...\MountPoints2: {87ab8829-9172-11e6-9cd8-001fc6c9b067} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1606980848-1500820517-725345543-1003\...\MountPoints2: {cb2233f2-3f8e-11e2-9540-001fc6c9b067} - F:\Install.exe
HKU\S-1-5-21-1606980848-1500820517-725345543-1003\...\MountPoints2: {e34ee378-46b7-11e2-9553-001fc6c9b067} - G:\Install_Nokia_Ovi_Suite.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.202.73.93 109.202.72.93
Tcpip\..\Interfaces\{AD0BA375-ECA2-4C93-88FD-01B050BC9B70}: [DhcpNameServer] 109.202.73.93 109.202.72.93

Internet Explorer:
==================
HKU\S-1-5-21-1606980848-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-23] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1606980848-1500820517-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Romča\Data aplikací\Mozilla\Firefox\Profiles\tk2f9qun.default-1530108688718 [2018-12-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-07] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-07] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-12-08]
CHR Extension: (Prezentace) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-19]
CHR Extension: (Volání přes Skype) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-01-06]
CHR Extension: (YouTube) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-08]
CHR Extension: (Tabulky) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-08]
CHR Profile: C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\System Profile [2018-12-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-12-07] (Adobe Systems Incorporated) [File not signed]
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2018-04-26] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2018-04-26] (COMODO)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [159812 2008-06-25] (NVIDIA Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2013-12-10] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15576 2015-01-30] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [620120 2018-04-26] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2018-04-26] (COMODO)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [105560 2018-04-26] (COMODO)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [6555168 2008-06-25] (NVIDIA Corporation) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
S3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2017-06-04] (Elaborate Bytes AG) [File not signed]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk.sys [X]
S3 vdrive; system32\DRIVERS\vdrive.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-08 20:45 - 2018-12-08 20:45 - 000000000 ____D C:\FRST
2018-12-08 17:13 - 2018-12-08 17:13 - 000000000 ____D C:\Documents and Settings\Romča\Dokumenty\Stalker-SHOC
2018-12-08 17:02 - 2018-12-08 17:04 - 000000000 ____D C:\Documents and Settings\Romča\Dokumenty\LEGO
2018-12-08 16:54 - 2018-12-08 16:54 - 000000000 ____D C:\WINDOWS\LastGood
2018-12-08 13:59 - 2014-03-23 16:18 - 000264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2018-12-08 13:59 - 2014-03-23 16:18 - 000175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2018-12-08 13:59 - 2014-03-23 16:18 - 000174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2018-12-08 13:43 - 2018-12-08 13:43 - 000000000 ____D C:\Documents and Settings\Romča\Local Settings\Data aplikací\Crashpad
2018-12-08 09:16 - 2018-12-08 09:16 - 001790024 _____ (Malwarebytes) C:\Documents and Settings\Romča\Plocha\JRT.exe
2018-12-08 09:14 - 2018-12-08 09:14 - 004102600 _____ C:\Documents and Settings\Romča\Plocha\adwcleaner_6.046.exe
2018-12-07 17:56 - 2018-12-08 20:02 - 000000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-12-07 17:56 - 2018-12-08 18:01 - 000000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-12-07 17:56 - 2018-12-07 17:56 - 000001819 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2018-12-07 17:56 - 2018-12-07 17:56 - 000001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2018-12-07 17:48 - 2018-12-08 13:58 - 000000000 ____D C:\Program Files\Java
2018-12-07 17:48 - 2018-12-07 17:48 - 000000000 ____D C:\Program Files\Common Files\Java
2018-12-07 17:48 - 2018-12-07 17:48 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2018-12-04 20:50 - 2018-12-05 00:04 - 000000231 _____ C:\Documents and Settings\Romča\Dokumenty\Zpravodaj prosinec 2018.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-08 20:46 - 2012-11-14 22:58 - 000000000 ____D C:\Documents and Settings\Romča\Local Settings\Temp
2018-12-08 20:45 - 2012-11-14 22:58 - 000000000 ___RD C:\Documents and Settings\Romča\Dokumenty
2018-12-08 20:43 - 2012-11-14 17:37 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-12-08 20:41 - 2015-01-27 08:44 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2018-12-08 20:26 - 2016-09-08 16:18 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-12-08 20:26 - 2012-11-13 19:50 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-08 20:10 - 2016-09-08 16:18 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-12-08 19:54 - 2018-03-13 19:10 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-12-08 18:26 - 2012-11-13 20:03 - 000032458 _____ C:\WINDOWS\SchedLgU.Txt
2018-12-08 18:01 - 2012-11-14 22:58 - 000000000 ___HD C:\Documents and Settings\Romča\Local Settings\Data aplikací
2018-12-08 17:51 - 2015-01-27 08:44 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2018-12-08 17:49 - 2015-01-27 08:44 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2018-12-08 17:18 - 2012-11-14 22:58 - 000000000 ___RD C:\Documents and Settings\Romča\Nabídka Start\Programy
2018-12-08 17:18 - 2012-11-14 22:58 - 000000000 ____D C:\Documents and Settings\Romča\Plocha
2018-12-08 17:17 - 2012-11-14 22:58 - 000000000 __RHD C:\Documents and Settings\Romča\Data aplikací
2018-12-08 17:17 - 2012-11-13 20:43 - 000000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-12-08 17:17 - 2012-11-13 20:43 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2018-12-08 17:17 - 2012-11-13 20:05 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-12-08 17:13 - 2018-07-10 20:01 - 000000000 ____D C:\Program Files\Recuva
2018-12-08 17:12 - 2012-11-13 22:09 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2018-12-08 17:02 - 2012-11-15 16:22 - 000000000 ____D C:\Documents and Settings\Romča\Dokumenty\Záloha
2018-12-08 16:59 - 2016-06-09 19:27 - 000000000 ____D C:\Program Files\GTA San Andreas (2005)(CZ)
2018-12-08 16:57 - 2012-12-07 12:22 - 000000000 ____D C:\Program Files\FIFA 12
2018-12-08 16:55 - 2015-10-23 16:15 - 000000000 ____D C:\Program Files\CDex
2018-12-08 16:55 - 2013-12-10 19:59 - 000000000 ____D C:\Program Files\Call of Duty
2018-12-08 16:54 - 2013-03-28 23:17 - 000000000 ____D C:\Program Files\DsNET Corp
2018-12-08 16:54 - 2012-11-13 20:33 - 000000000 ___HD C:\WINDOWS\inf
2018-12-08 16:53 - 2016-05-25 21:32 - 000000000 ____D C:\Program Files\7-Zip
2018-12-08 16:53 - 2012-11-13 20:42 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2018-12-08 16:41 - 2012-11-13 20:05 - 000022126 _____ C:\WINDOWS\Ascd_log.ini
2018-12-08 16:41 - 2012-11-13 20:05 - 000022088 _____ C:\WINDOWS\Ascd_tmp.ini
2018-12-08 16:35 - 2015-01-27 08:44 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2018-12-08 16:35 - 2012-11-13 20:47 - 000183744 _____ C:\WINDOWS\system32\nvapps.xml
2018-12-08 16:34 - 2012-11-14 22:58 - 000000178 ___SH C:\Documents and Settings\Romča\ntuser.ini
2018-12-08 16:34 - 2012-11-13 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-08 13:46 - 2012-11-14 22:58 - 000000000 ___RD C:\Documents and Settings\Romča\Nabídka Start
2018-12-08 09:20 - 2016-05-26 18:47 - 000000000 ____D C:\Documents and Settings\Romča\Data aplikací\ParetoLogic
2018-12-08 09:16 - 2017-02-09 17:55 - 000000000 ____D C:\AdwCleaner
2018-12-08 01:47 - 2014-09-20 19:35 - 000000000 ____D C:\Program Files\trend micro
2018-12-07 20:10 - 2016-09-08 16:18 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-12-07 20:10 - 2016-09-08 16:18 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-12-07 20:02 - 2017-05-07 09:24 - 000000000 ____D C:\Documents and Settings\Romča\Data aplikací\Apple Computer
2018-12-07 17:56 - 2014-03-23 15:55 - 000000000 ____D C:\Program Files\Google
2018-12-07 17:55 - 2016-09-07 14:58 - 000000000 ____D C:\Documents and Settings\Romča\Local Settings\Data aplikací\Deployment
2018-12-07 17:48 - 2012-11-18 20:45 - 000000000 ____D C:\Documents and Settings\Maminka
2018-12-07 17:48 - 2012-11-14 22:58 - 000000000 ____D C:\Documents and Settings\Romča
2018-12-07 17:48 - 2012-11-13 20:03 - 000000000 __SHD C:\Documents and Settings\LocalService
2018-12-07 17:48 - 2012-11-13 20:03 - 000000000 ____D C:\Documents and Settings\Administrator
2018-12-07 17:48 - 2012-11-13 19:55 - 000000000 __SHD C:\Documents and Settings\NetworkService
2018-12-07 17:48 - 2012-11-13 19:49 - 000000000 ____D C:\WINDOWS\Registration
2018-12-07 15:43 - 2001-10-25 16:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
2018-11-08 14:04 - 2012-11-13 20:43 - 001181504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-08 14:04 - 2001-10-25 16:00 - 000488796 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-08 14:04 - 2001-10-25 16:00 - 000097826 _____ C:\WINDOWS\system32\perfc005.dat

==================== Files in the root of some directories =======

2018-02-04 21:51 - 2018-02-04 21:52 - 000000096 _____ () C:\Documents and Settings\Romča\license.dat
2012-12-10 17:24 - 2012-12-10 17:24 - 006919079 _____ () C:\Program Files\War3Patch.mpq
2016-05-26 18:47 - 2016-05-26 18:58 - 000000115 _____ () C:\Documents and Settings\Romča\Data aplikací\LogFile.txt
2012-11-14 23:48 - 2018-10-09 20:55 - 000158208 _____ () C:\Documents and Settings\Romča\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-04 19:40 - 2014-10-04 19:40 - 000000000 ___SH () C:\Documents and Settings\Romča\Local Settings\Data aplikací\LumaEmu
2014-11-04 15:37 - 2015-08-23 19:45 - 000029696 _____ () C:\Documents and Settings\Romča\Local Settings\Data aplikací\MSGBOX.EXE
2014-02-02 21:48 - 2014-02-02 21:48 - 000000108 _____ () C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
2018-12-08 16:55 - 2003-03-24 15:18 - 000153088 _____ () C:\Documents and Settings\Romča\Local Settings\Temp\GLB1A2B.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01.12.2018 01
Ran by Romča (08-12-2018 20:46:35)
Running from C:\Documents and Settings\Romča\Dokumenty\Downloads
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2012-11-14 21:55:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1606980848-1500820517-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1606980848-1500820517-725345543-1005 - Limited - Enabled)
Guest (S-1-5-21-1606980848-1500820517-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1606980848-1500820517-725345543-1000 - Limited - Disabled)
Maminka (S-1-5-21-1606980848-1500820517-725345543-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Maminka
Romča (S-1-5-21-1606980848-1500820517-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Romča
SUPPORT_388945a0 (S-1-5-21-1606980848-1500820517-725345543-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
AMD Processor Driver (HKLM\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.3.2.0053 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
COMODO Internet Security (HKLM\...\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}) (Version: 4.0.10770.828 - COMODO Group Inc.)
COMODO livePCsupport (HKLM\...\{A31A5DFC-3439-48FC-99BB-5174168AE471}) (Version: 3.0.133262.11 - COMODO)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 5.4.3.920 - Foxit Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Malwarebytes' Anti-Malware (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.0.6746 - Mozilla)
NBA 2K14 (HKLM\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5404 - Realtek Semiconductor Corp.)
Recover Data for FAT & NTFS (Trial Version) (HKLM\...\Recover Data for FAT & NTFS (Trial Version)_is1) (Version: - Recover Data)
Softarová utilita ATI - Odinstalovat (HKLM\...\All ATI Software) (Version: 6.14.10.1016 - )
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
TRUST 320 SPACEC@M (HKLM\...\TRUST 320 SPACEC@M) (Version: - )
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (HKLM\...\{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031517 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XML Paper Specification Shared Components Language Pack 1.0 (HKLM\...\XPSEPSCLP) (Version: - Microsoft Corporation) Hidden
Z (DOSBox 0.74 emulation) (HKLM\...\Z (DOSBox 0.74 emulation)) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1606980848-1500820517-725345543-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\Romča\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-1500820517-725345543-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\Romča\Local Settings\Data aplikací\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-04-26] (COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-04-26] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2017-06-29] (Malwarebytes Corporation)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\WINDOWS\system32\nvshell.dll [2008-06-25] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\WINDOWS\system32\nvcpl.dll [2008-06-25] (NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-04-26] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2017-06-29] (Malwarebytes Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:MSFT_UCScenarioControl.Name=\"Microsoft WMI Updating Consumer Scenario Control\"",Filter="\\.\root\subscription:__EventFilter.Name=\"Microsoft WMI Updating Consumer Scenario Control\":
WMI:subscription\__EventFilter->Microsoft WMI Updating Consumer Scenario Control:

==================== Loaded Modules (Whitelisted) ==============

2013-12-10 21:42 - 2013-12-10 21:42 - 000066872 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2012-11-14 23:13 - 2013-04-15 18:39 - 000070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2004-08-17 14:49 - 2008-04-14 08:51 - 000014336 _____ () C:\WINDOWS\system32\msdmo.dll
2016-09-08 22:02 - 2016-09-06 11:00 - 005197312 _____ () C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-08 22:02 - 2016-09-06 11:00 - 000147456 _____ () C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PhysXCompatCplUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PhysXCplUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmdGuard.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmdhlp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\inspect.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamswissarmy.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Trufos.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VClone.sys:$CmdTcID [64]
AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\adwcleaner_6.046.exe:$CmdZnID [26]
AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\adwcleaner_6.047.exe:$CmdTcID [64]
AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\adwcleaner_6.047.exe:$CmdZnID [26]
AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\JRT.exe:$CmdZnID [26]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-10-25 16:00 - 2015-08-24 23:06 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1606980848-1500820517-725345543-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Romča\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 109.202.73.93 - 109.202.72.93
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> C:\WINDOWS\system32\ipconf.tsp (Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName4 -> C:\WINDOWS\system32\h323.tsp (Microsoft Corporation)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^Documents and Settings^Romča^Nabídka Start^Programy^Po spuštění^Registrace FIFA 11.lnk => C:\WINDOWS\pss\Registrace FIFA 11.lnkStartup
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe] => Enabled:Facebook Video Calling Plugin
StandardProfile\AuthorizedApplications: [C:\Program Files\QIP\qip.exe] => Enabled:Quiet Internet Pager
StandardProfile\AuthorizedApplications: [C:\Program Files\FIFA 12\Game\fifa.exe] => Enabled:FIFA 12
StandardProfile\AuthorizedApplications: [C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe] => Enabled:FIFA 11
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\Steam.exe] => Enabled:Steam
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Romča\Plocha\Warcraft III\war3.exe] => Enabled:Warcraft III
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe] => Enabled:Dota 2
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\plugin-container.exe] => Enabled:Plugin Container for Firefox
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Romča\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe] => Enabled:Google Talk Plugin
StandardProfile\AuthorizedApplications: [C:\Program Files\2K Sports\NBA 2K14\nba2k14.exe] => Enabled:NBA 2K14
StandardProfile\AuthorizedApplications: [C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe] => Enabled:Grand Theft Auto IV
StandardProfile\AuthorizedApplications: [C:\Program Files\Maxthon3\Bin\Maxthon.exe] => Enabled:Maxthon
StandardProfile\AuthorizedApplications: [C:\Program Files\Maxthon3\Bin\MxUp.exe] => Enabled:MxUp
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome

==================== Restore Points =========================

10-09-2018 14:44:16 Kontrolní bod systému
11-09-2018 17:17:44 Kontrolní bod systému
12-09-2018 18:26:27 Kontrolní bod systému
14-09-2018 15:38:53 Kontrolní bod systému
19-09-2018 14:22:20 Kontrolní bod systému
20-09-2018 14:53:25 Kontrolní bod systému
22-09-2018 09:18:10 Kontrolní bod systému
23-09-2018 17:20:15 Kontrolní bod systému
04-10-2018 16:08:15 Kontrolní bod systému
08-10-2018 16:17:20 Kontrolní bod systému
11-10-2018 16:02:03 Kontrolní bod systému
13-10-2018 08:49:01 Kontrolní bod systému
21-10-2018 22:14:09 Kontrolní bod systému
26-10-2018 18:51:14 Kontrolní bod systému
31-10-2018 17:32:21 Kontrolní bod systému
17-11-2018 07:29:46 Kontrolní bod systému
18-11-2018 19:32:13 Kontrolní bod systému
22-11-2018 09:28:46 Kontrolní bod systému
23-11-2018 15:50:01 Kontrolní bod systému
27-11-2018 18:16:48 Kontrolní bod systému
30-11-2018 22:41:57 Kontrolní bod systému
07-12-2018 17:36:29 Removed Java 7 Update 51
07-12-2018 17:47:40 Operace obnovení
07-12-2018 19:59:24 Installed Safari
08-12-2018 09:20:27 JRT Pre-Junkware Removal
08-12-2018 13:48:19 Removed Safari
08-12-2018 13:58:39 Installed Java(TM) 6 Update 20
08-12-2018 16:53:24 Removed Apple Software Update
08-12-2018 16:57:09 Removed Facebook Video Calling 3.1.0.521
08-12-2018 17:12:38 Removed Skype™ 7.30
08-12-2018 17:17:28 Removed Prison Break
08-12-2018 17:18:05 Removed VirtualDJ 8

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/21/2018 04:49:38 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (10/21/2018 04:49:38 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (10/19/2018 03:56:37 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (10/19/2018 03:56:37 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/28/2018 09:09:35 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/28/2018 09:09:35 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/28/2018 09:09:35 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/26/2018 04:49:53 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


System errors:
=============
Error: (12/08/2018 07:11:23 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (12/08/2018 07:11:20 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (12/08/2018 07:11:17 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (12/08/2018 07:11:14 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (12/08/2018 07:11:11 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (12/08/2018 07:11:08 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (12/08/2018 07:11:05 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7

Error: (12/08/2018 07:11:02 PM) (Source: 0) (EventID: 7) (User: )
Description: Event-ID 7


==================== Memory info ===========================

Processor: AMD Phenom(tm) 8650 Triple-Core Processor
Percentage of memory in use: 52%
Total physical RAM: 3070.42 MB
Available physical RAM: 1460.88 MB
Total Virtual: 4956.2 MB
Available Virtual: 3227.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:372.35 GB) NTFS ==>[drive with boot components (Windows XP)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 587291C3)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#6 Příspěvek od Conder »

:arrow: Logy vyzeraju OK, toto by nemalo byt sposobene malwarom, ale zrejme nekompatibilitou alebo mozno aj chybou na ich strane, najma ak sa na inych strankach nevysktuju problemy. Pripadne sa skus obratit na ich podporu.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    File: C:\WINDOWS\system32\nvsvc32.exe
    File: C:\WINDOWS\System32\giveio.sys
    File: C:\WINDOWS\System32\DRIVERS\nv4_mini.sys
    File: C:\WINDOWS\System32\DRIVERS\VClone.sys
    
    HKU\S-1-5-21-1606980848-1500820517-725345543-1003\...\MountPoints2: {87ab8829-9172-11e6-9cd8-001fc6c9b067} - G:\Lenovo_Suite.exe
    HKU\S-1-5-21-1606980848-1500820517-725345543-1003\...\MountPoints2: {cb2233f2-3f8e-11e2-9540-001fc6c9b067} - F:\Install.exe
    HKU\S-1-5-21-1606980848-1500820517-725345543-1003\...\MountPoints2: {e34ee378-46b7-11e2-9553-001fc6c9b067} - G:\Install_Nokia_Ovi_Suite.exe
    HKU\S-1-5-21-1606980848-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
    S4 IntelIde; no ImagePath
    S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk.sys [X]
    S3 vdrive; system32\DRIVERS\vdrive.sys [X]
    U1 WS2IFSL; no ImagePath
    2014-10-04 19:40 - 2014-10-04 19:40 - 000000000 ___SH () C:\Documents and Settings\Romča\Local Settings\Data aplikací\LumaEmu
    AlternateDataStreams: C:\install.exe:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\PhysXCompatCplUI.exe:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\PhysXCplUI.exe:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\PnkBstrB.exe:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmdGuard.sys:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmdhlp.sys:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\inspect.sys:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamswissarmy.sys:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\Trufos.sys:$CmdTcID [64]
    AlternateDataStreams: C:\WINDOWS\system32\Drivers\VClone.sys:$CmdTcID [64]
    AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\adwcleaner_6.046.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\adwcleaner_6.047.exe:$CmdTcID [64]
    AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\adwcleaner_6.047.exe:$CmdZnID [26]
    AlternateDataStreams: C:\Documents and Settings\Romča\Plocha\JRT.exe:$CmdZnID [26]
    StandardProfile\AuthorizedApplications: [C:\Program Files\QIP\qip.exe] => Enabled:Quiet Internet Pager
    
    Hosts:
    EmptyTemp:
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět