Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 07:19
No ako??problem zmizol??
VIRY.CZ
Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
Ordinální číslo 459 se nepodařilo v dynamicky ...
Stránka 3 z 5
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 09:01
Ne, okno s chybovou hlaskou vyskakuje porad.
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 09:10
stiahni na plochu Minitoolbox>>VSETKO spustaj ako SPRAVCA/ADMIN aj programy.
http://www.bleepingcomputer.com/downloa ... box/dl/65/
Zafajkni>>LIST LAST 10 EVENTWIEVER ERRORS>>klikno na GO
log vloz sem
http://www.bleepingcomputer.com/downloa ... box/dl/65/
Zafajkni>>LIST LAST 10 EVENTWIEVER ERRORS>>klikno na GO
log vloz sem
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 09:35
MiniToolBox by Farbar Version: 23-01-2014
Ran by Sesr (administrator) on 26-02-2014 at 09:34:54
Running from "C:\Users\Sesr\Desktop"
Microsoft Windows 7 Home Basic Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
========================= Event log errors: ===============================
Application errors:
==================
Error: (02/24/2014 11:12:45 AM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {1b19f06d-b6d3-4e19-b18f-df2cb94a2e7c}
Error: (02/23/2014 06:49:20 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/22/2014 00:39:56 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/22/2014 10:52:44 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/22/2014 10:46:24 AM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {afae50b8-9ada-45ec-aa68-f66bf0020bf5}
Error: (02/22/2014 10:23:08 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/21/2014 07:39:41 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/21/2014 07:32:39 PM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {aa592e1b-a0fd-4906-8df0-60ecfbde5a98}
Error: (02/21/2014 07:14:00 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/20/2014 09:25:15 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
System errors:
=============
Error: (02/26/2014 08:28:52 AM) (Source: Service Control Manager) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (02/26/2014 08:26:07 AM) (Source: Service Control Manager) (User: )
Description: Při čekání na připojení služby Nero Update bylo dosaženo časového limitu (30000 ms).
Error: (02/26/2014 08:25:34 AM) (Source: Service Control Manager) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86 bylo dosaženo časového limitu (30000 ms).
Error: (02/25/2014 09:15:22 AM) (Source: Service Control Manager) (User: )
Description: Služba Klient zásad skupiny se po přijetí pokynu pro vypnutí neukončila správně.
Error: (02/24/2014 11:22:15 AM) (Source: Service Control Manager) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068
Error: (02/24/2014 11:22:15 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (02/24/2014 11:22:15 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (02/24/2014 11:22:02 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (02/24/2014 11:22:00 AM) (Source: Service Control Manager) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068
Error: (02/24/2014 11:22:00 AM) (Source: Service Control Manager) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068
Microsoft Office Sessions:
=========================
**** End of log ****
Ran by Sesr (administrator) on 26-02-2014 at 09:34:54
Running from "C:\Users\Sesr\Desktop"
Microsoft Windows 7 Home Basic Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
========================= Event log errors: ===============================
Application errors:
==================
Error: (02/24/2014 11:12:45 AM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {1b19f06d-b6d3-4e19-b18f-df2cb94a2e7c}
Error: (02/23/2014 06:49:20 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/22/2014 00:39:56 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/22/2014 10:52:44 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/22/2014 10:46:24 AM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {afae50b8-9ada-45ec-aa68-f66bf0020bf5}
Error: (02/22/2014 10:23:08 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/21/2014 07:39:41 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/21/2014 07:32:39 PM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {aa592e1b-a0fd-4906-8df0-60ecfbde5a98}
Error: (02/21/2014 07:14:00 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
Error: (02/20/2014 09:25:15 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Nenapravitelná systémová chyba.
System errors:
=============
Error: (02/26/2014 08:28:52 AM) (Source: Service Control Manager) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (02/26/2014 08:26:07 AM) (Source: Service Control Manager) (User: )
Description: Při čekání na připojení služby Nero Update bylo dosaženo časového limitu (30000 ms).
Error: (02/26/2014 08:25:34 AM) (Source: Service Control Manager) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86 bylo dosaženo časového limitu (30000 ms).
Error: (02/25/2014 09:15:22 AM) (Source: Service Control Manager) (User: )
Description: Služba Klient zásad skupiny se po přijetí pokynu pro vypnutí neukončila správně.
Error: (02/24/2014 11:22:15 AM) (Source: Service Control Manager) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068
Error: (02/24/2014 11:22:15 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (02/24/2014 11:22:15 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (02/24/2014 11:22:02 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (02/24/2014 11:22:00 AM) (Source: Service Control Manager) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068
Error: (02/24/2014 11:22:00 AM) (Source: Service Control Manager) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068
Microsoft Office Sessions:
=========================
**** End of log ****
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 09:53
1:Stiahni na plochu
GrantPerms
http://www.bleepingcomputer.com/downloa ... rms/dl/79/
Rozbal to na plochu>>Pravy klik a spust ako spravca>>Klikni na ListPermissions>.ak nieco sa objavi v okne, tak klikni na UNLOCK.
2:spust prikazovy riadok ako spravca>do pola hladat daj cmd>.pravy klik na cmd>spstit ako spravca a napis tam tento prikaz>stlac enter.Mal by si dostat odpoved>>prikaz bol uspesne vykonany.
regsvr32.exe urlmon.dll
3:Spust znovu prikazovy riadok ako spravca,teraz napis tento prikaz.
sfc /scannow
Stlac ENTER, pockaj az dokonci opravu, potom najdi subory, sfcdetails.txt a CBS.log a nahraj to do mojho E-mailu>>mam to v podpise
Restart pocitaca a napis ci problem bol vyrieseny.
GrantPerms
http://www.bleepingcomputer.com/downloa ... rms/dl/79/
Rozbal to na plochu>>Pravy klik a spust ako spravca>>Klikni na ListPermissions>.ak nieco sa objavi v okne, tak klikni na UNLOCK.
2:spust prikazovy riadok ako spravca>do pola hladat daj cmd>.pravy klik na cmd>spstit ako spravca a napis tam tento prikaz>stlac enter.Mal by si dostat odpoved>>prikaz bol uspesne vykonany.
regsvr32.exe urlmon.dll
3:Spust znovu prikazovy riadok ako spravca,teraz napis tento prikaz.
sfc /scannow
Stlac ENTER, pockaj az dokonci opravu, potom najdi subory, sfcdetails.txt a CBS.log a nahraj to do mojho E-mailu>>mam to v podpise
Restart pocitaca a napis ci problem bol vyrieseny.
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 10:07
1. krok jsem provedl, klikl na List, napsalo to:
No File/Directory is entered.
Kliknul jsem na OK,ale dal uz se dam poddat
Prikazovy radek jako spravce mam spustit jak? Z nabidky Start, Programy, Prislusenstvi?
No File/Directory is entered.
Kliknul jsem na OK,ale dal uz se dam poddat
Prikazovy radek jako spravce mam spustit jak? Z nabidky Start, Programy, Prislusenstvi?
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 10:11
Napisal som
spust prikazovy riadok ako spravca>klik start>do pola hladat daj cmd>.pravy klik na cmd>spstit ako spravca
spust prikazovy riadok ako spravca>klik start>do pola hladat daj cmd>.pravy klik na cmd>spstit ako spravca
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 10:20
Z nabidky Start>>Programy>>Prislusenstvi>>Prikazovy radek>>Spustit jako spravce se otevrelo DOS okno:
C:/Windows/system32>
cmd mam napsat za to?
Nebo Spustit? Ale tam chybi moznost Spustit jako spravce.
Promin, jsem v tomto nymand.
C:/Windows/system32>
cmd mam napsat za to?
Nebo Spustit? Ale tam chybi moznost Spustit jako spravce.
Promin, jsem v tomto nymand.
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 10:26
C:\Windows\system32>
Uz si spustil ako admin, teraz napis alebo vloz >.skopiruj stadial tam prikaz .
regsvr32.exe urlmon.dll
Stlac>>ENTER
mal by ti vypisat Prikaz bol uspesne vykonan.
Teraz vloz alebo napis tam druhy prikaz.
sfc /scannow
Stlac ENTER>>a pockaj az dokonci opravu, bude tam vypisovat percenta, ked to dokonci, tak najdi tie logy, co som napisal, a posli do E-mailu, ak nenajdes tak sa netrap>>Restartuj pocitac, a odskusaj ci problem pretrvava,
Uz si spustil ako admin, teraz napis alebo vloz >.skopiruj stadial tam prikaz .
regsvr32.exe urlmon.dll
Stlac>>ENTER
mal by ti vypisat Prikaz bol uspesne vykonan.
Teraz vloz alebo napis tam druhy prikaz.
sfc /scannow
Stlac ENTER>>a pockaj az dokonci opravu, bude tam vypisovat percenta, ked to dokonci, tak najdi tie logy, co som napisal, a posli do E-mailu, ak nenajdes tak sa netrap>>Restartuj pocitac, a odskusaj ci problem pretrvava,
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 11:20
Tak ta zku..ena hlaska je tam zas.
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 11:32
spust znova pprogram FRST>ako admin, a daj scan, log vloz sem.
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 11:40
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-02-2014 01
Ran by Sesr (administrator) on SESR-PC on 26-02-2014 11:35:10
Running from C:\Users\Sesr\Desktop
Microsoft Windows 7 Home Basic Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Nero AG) C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\ipmGui.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [NBAgent] - C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-04-03] (Nero AG)
HKLM\...\Run: [WinampAgent] - "C:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-08-14] (Microsoft Corporation)
HKU\S-1-5-21-3899871698-3722792670-1451281827-1000\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
==================== Internet (Whitelisted) ====================
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 21 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Sesr\AppData\Roaming\Mozilla\Firefox\Profiles\sn2fhdob.default
FF user.js: detected! => C:\Users\Sesr\AppData\Roaming\Mozilla\Firefox\Profiles\sn2fhdob.default\user.js
FF Homepage: hxxp://www.seznam.cz/|hxxp://tv.sms.cz/index.p ... m/football
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-30] (Avira GmbH)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16128 2013-08-19] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-26 11:35 - 2014-02-26 11:35 - 00007083 _____ () C:\Users\Sesr\Desktop\FRST.txt
2014-02-26 10:00 - 2013-05-02 07:56 - 00459114 _____ () C:\Users\Sesr\Desktop\GrantPerms.exe
2014-02-26 10:00 - 2011-02-19 17:05 - 00015504 _____ () C:\Users\Sesr\Desktop\License GPL.txt
2014-02-26 09:59 - 2014-02-26 09:59 - 00000000 ____D () C:\Users\Sesr\Desktop\GrantPerms
2014-02-26 09:58 - 2014-02-26 09:57 - 00453083 _____ () C:\Users\Sesr\Desktop\GrantPerms.zip
2014-02-26 09:57 - 2014-02-26 09:57 - 00453083 _____ () C:\Users\Sesr\Downloads\GrantPerms.zip
2014-02-26 09:33 - 2014-02-26 09:30 - 00982016 _____ (Farbar) C:\Users\Sesr\Desktop\MiniToolBox.exe
2014-02-26 09:30 - 2014-02-26 09:30 - 00982016 _____ (Farbar) C:\Users\Sesr\Downloads\MiniToolBox.exe
2014-02-25 10:00 - 2014-02-25 10:24 - 00000000 ____D () C:\audiograbber
2014-02-25 09:59 - 2014-02-25 10:00 - 00000646 _____ () C:\Users\Sesr\Desktop\Audiograbber.lnk
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Program Files\audiograbber
2014-02-25 09:42 - 2014-02-25 09:43 - 01144320 _____ (Farbar) C:\Users\Sesr\Desktop\FRST.exe
2014-02-24 11:33 - 2014-02-24 11:33 - 00000632 _____ () C:\Users\Sesr\Desktop\Total Commander.lnk
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\GHISLER
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\totalcmd
2014-02-24 11:32 - 2014-02-24 11:32 - 06344480 _____ (Ghisler Software GmbH) C:\Users\Sesr\Downloads\tcm850x32_64.exe
2014-02-24 10:06 - 2014-02-24 10:06 - 00002221 _____ () C:\Users\Sesr\Desktop\Fantasy_Pivka.xls – zástupce.lnk
2014-02-24 10:04 - 2014-02-24 10:04 - 00021504 _____ () C:\Users\Sesr\Documents\Fantasy_Pivka.xls
2014-02-23 08:48 - 2014-02-23 08:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-22 12:06 - 2014-02-22 12:06 - 01102336 _____ (Microsoft Corporation) C:\Users\Sesr\Downloads\urlmon.dll
2014-02-22 10:51 - 2014-02-24 08:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-22 10:51 - 2014-02-22 10:51 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-22 10:24 - 2014-02-22 10:24 - 03012365 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-22.pcv
2014-02-21 19:27 - 2014-02-21 19:29 - 24501312 _____ (Mozilla) C:\Users\Sesr\Downloads\Firefox Setup 27.0.exe
2014-02-21 19:26 - 2014-02-21 19:26 - 06108586 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-21.pcv
2014-02-21 19:25 - 2014-02-21 19:25 - 00000989 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-21 19:23 - 2014-02-21 19:23 - 01035926 _____ () C:\Users\Sesr\Downloads\MozBackup-1.5.1-EN.exe
2014-02-20 10:15 - 2014-02-26 11:35 - 00000000 ____D () C:\FRST
2014-02-20 10:12 - 2014-02-20 10:12 - 01141248 _____ (Farbar) C:\Users\Sesr\Downloads\FRST.exe
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\rsit
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\Program Files\trend micro
2014-02-20 09:30 - 2014-02-20 09:30 - 00781909 _____ () C:\Users\Sesr\Downloads\RSIT.exe
2014-02-20 09:21 - 2014-02-20 09:21 - 00001117 _____ () C:\Users\Public\Desktop\Cinema HD 2.0.lnk
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\OGG
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\HDX4
2014-02-20 09:11 - 2014-02-20 09:12 - 26735944 _____ (Engelmann Media GmbH) C:\Users\Sesr\Downloads\cinemahd-full.exe
2014-02-12 21:52 - 2014-02-12 21:53 - 02152176 _____ () C:\Users\Sesr\Downloads\CodecPerformerSetup.exe
2014-02-12 21:15 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 21:14 - 2013-12-10 03:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 21:14 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 21:14 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 21:14 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 21:14 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 21:14 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 21:14 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 21:14 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-01-29 12:49 - 2013-09-13 12:16 - 417921024 _____ () C:\Users\Sesr\Downloads\5x11-Šťastí až navěky.avi
2014-01-27 10:14 - 2014-01-28 10:40 - 00000000 ____D () C:\Users\Sesr\Desktop\Ennio-Morricone-discography-1969-2007
==================== One Month Modified Files and Folders =======
2014-02-26 11:35 - 2014-02-26 11:35 - 00007083 _____ () C:\Users\Sesr\Desktop\FRST.txt
2014-02-26 11:35 - 2014-02-20 10:15 - 00000000 ____D () C:\FRST
2014-02-26 11:23 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:23 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:11 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-26 11:11 - 2009-07-14 05:39 - 00045873 _____ () C:\Windows\setupact.log
2014-02-26 11:10 - 2013-08-12 09:04 - 01418221 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 10:47 - 2013-08-12 09:46 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 09:59 - 2014-02-26 09:59 - 00000000 ____D () C:\Users\Sesr\Desktop\GrantPerms
2014-02-26 09:57 - 2014-02-26 09:58 - 00453083 _____ () C:\Users\Sesr\Desktop\GrantPerms.zip
2014-02-26 09:57 - 2014-02-26 09:57 - 00453083 _____ () C:\Users\Sesr\Downloads\GrantPerms.zip
2014-02-26 09:30 - 2014-02-26 09:33 - 00982016 _____ (Farbar) C:\Users\Sesr\Desktop\MiniToolBox.exe
2014-02-26 09:30 - 2014-02-26 09:30 - 00982016 _____ (Farbar) C:\Users\Sesr\Downloads\MiniToolBox.exe
2014-02-25 10:24 - 2014-02-25 10:00 - 00000000 ____D () C:\audiograbber
2014-02-25 10:00 - 2014-02-25 09:59 - 00000646 _____ () C:\Users\Sesr\Desktop\Audiograbber.lnk
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Program Files\audiograbber
2014-02-25 09:57 - 2013-08-27 08:55 - 00000000 ____D () C:\Users\Sesr\Documents\_install
2014-02-25 09:43 - 2014-02-25 09:42 - 01144320 _____ (Farbar) C:\Users\Sesr\Desktop\FRST.exe
2014-02-24 11:33 - 2014-02-24 11:33 - 00000632 _____ () C:\Users\Sesr\Desktop\Total Commander.lnk
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\GHISLER
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\totalcmd
2014-02-24 11:32 - 2014-02-24 11:32 - 06344480 _____ (Ghisler Software GmbH) C:\Users\Sesr\Downloads\tcm850x32_64.exe
2014-02-24 10:06 - 2014-02-24 10:06 - 00002221 _____ () C:\Users\Sesr\Desktop\Fantasy_Pivka.xls – zástupce.lnk
2014-02-24 10:04 - 2014-02-24 10:04 - 00021504 _____ () C:\Users\Sesr\Documents\Fantasy_Pivka.xls
2014-02-24 08:23 - 2014-02-22 10:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-23 08:48 - 2014-02-23 08:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-23 08:17 - 2013-08-12 10:39 - 00180402 _____ () C:\Windows\PFRO.log
2014-02-22 12:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-22 12:06 - 2014-02-22 12:06 - 01102336 _____ (Microsoft Corporation) C:\Users\Sesr\Downloads\urlmon.dll
2014-02-22 10:51 - 2014-02-22 10:51 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-22 10:43 - 2013-08-12 09:07 - 00000000 ____D () C:\Users\Sesr
2014-02-22 10:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-02-22 10:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-02-22 10:24 - 2014-02-22 10:24 - 03012365 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-22.pcv
2014-02-21 19:29 - 2014-02-21 19:27 - 24501312 _____ (Mozilla) C:\Users\Sesr\Downloads\Firefox Setup 27.0.exe
2014-02-21 19:26 - 2014-02-21 19:26 - 06108586 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-21.pcv
2014-02-21 19:25 - 2014-02-21 19:25 - 00000989 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-21 19:23 - 2014-02-21 19:23 - 01035926 _____ () C:\Users\Sesr\Downloads\MozBackup-1.5.1-EN.exe
2014-02-21 19:01 - 2013-08-12 09:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 19:01 - 2013-08-12 09:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 10:12 - 2014-02-20 10:12 - 01141248 _____ (Farbar) C:\Users\Sesr\Downloads\FRST.exe
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\rsit
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\Program Files\trend micro
2014-02-20 09:30 - 2014-02-20 09:30 - 00781909 _____ () C:\Users\Sesr\Downloads\RSIT.exe
2014-02-20 09:21 - 2014-02-20 09:21 - 00001117 _____ () C:\Users\Public\Desktop\Cinema HD 2.0.lnk
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\OGG
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\HDX4
2014-02-20 09:17 - 2013-08-12 09:42 - 00000000 ____D () C:\Users\Sesr\AppData\Local\Adobe
2014-02-20 09:12 - 2014-02-20 09:11 - 26735944 _____ (Engelmann Media GmbH) C:\Users\Sesr\Downloads\cinemahd-full.exe
2014-02-17 21:58 - 2013-08-21 06:13 - 00000000 ____D () C:\Users\Sesr\AppData\Local\PokerStars
2014-02-17 21:57 - 2013-08-21 06:12 - 00000000 ____D () C:\Program Files\PokerStars
2014-02-17 14:30 - 2013-08-12 09:10 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-13 17:39 - 2013-08-20 08:13 - 00000000 ____D () C:\Program Files\Opera
2014-02-13 09:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-12 21:53 - 2014-02-12 21:52 - 02152176 _____ () C:\Users\Sesr\Downloads\CodecPerformerSetup.exe
2014-02-12 21:31 - 2013-08-14 10:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 21:27 - 2013-08-13 15:45 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-02 09:29 - 2013-09-09 09:19 - 00007680 _____ () C:\Users\Sesr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-01 14:55 - 2013-08-22 13:08 - 00706048 _____ () C:\Users\Sesr\Documents\KolemDvou.cz.xls
2014-01-31 10:38 - 2013-10-17 09:07 - 00000000 ____D () C:\Users\Sesr\Documents\Osobni
2014-01-28 10:40 - 2014-01-27 10:14 - 00000000 ____D () C:\Users\Sesr\Desktop\Ennio-Morricone-discography-1969-2007
Some content of TEMP:
====================
C:\Users\Sesr\AppData\Local\Temp\avgnt.exe
C:\Users\Sesr\AppData\Local\Temp\Checkupdate.exe
C:\Users\Sesr\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Sesr\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Sesr\AppData\Local\Temp\gtapi_signed.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-22 12:33
==================== End Of Log ============================
Ran by Sesr (administrator) on SESR-PC on 26-02-2014 11:35:10
Running from C:\Users\Sesr\Desktop
Microsoft Windows 7 Home Basic Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Nero AG) C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\ipmGui.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [NBAgent] - C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-04-03] (Nero AG)
HKLM\...\Run: [WinampAgent] - "C:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-08-14] (Microsoft Corporation)
HKU\S-1-5-21-3899871698-3722792670-1451281827-1000\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
==================== Internet (Whitelisted) ====================
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 21 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Sesr\AppData\Roaming\Mozilla\Firefox\Profiles\sn2fhdob.default
FF user.js: detected! => C:\Users\Sesr\AppData\Roaming\Mozilla\Firefox\Profiles\sn2fhdob.default\user.js
FF Homepage: hxxp://www.seznam.cz/|hxxp://tv.sms.cz/index.p ... m/football
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-30] (Avira GmbH)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16128 2013-08-19] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-26 11:35 - 2014-02-26 11:35 - 00007083 _____ () C:\Users\Sesr\Desktop\FRST.txt
2014-02-26 10:00 - 2013-05-02 07:56 - 00459114 _____ () C:\Users\Sesr\Desktop\GrantPerms.exe
2014-02-26 10:00 - 2011-02-19 17:05 - 00015504 _____ () C:\Users\Sesr\Desktop\License GPL.txt
2014-02-26 09:59 - 2014-02-26 09:59 - 00000000 ____D () C:\Users\Sesr\Desktop\GrantPerms
2014-02-26 09:58 - 2014-02-26 09:57 - 00453083 _____ () C:\Users\Sesr\Desktop\GrantPerms.zip
2014-02-26 09:57 - 2014-02-26 09:57 - 00453083 _____ () C:\Users\Sesr\Downloads\GrantPerms.zip
2014-02-26 09:33 - 2014-02-26 09:30 - 00982016 _____ (Farbar) C:\Users\Sesr\Desktop\MiniToolBox.exe
2014-02-26 09:30 - 2014-02-26 09:30 - 00982016 _____ (Farbar) C:\Users\Sesr\Downloads\MiniToolBox.exe
2014-02-25 10:00 - 2014-02-25 10:24 - 00000000 ____D () C:\audiograbber
2014-02-25 09:59 - 2014-02-25 10:00 - 00000646 _____ () C:\Users\Sesr\Desktop\Audiograbber.lnk
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Program Files\audiograbber
2014-02-25 09:42 - 2014-02-25 09:43 - 01144320 _____ (Farbar) C:\Users\Sesr\Desktop\FRST.exe
2014-02-24 11:33 - 2014-02-24 11:33 - 00000632 _____ () C:\Users\Sesr\Desktop\Total Commander.lnk
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\GHISLER
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\totalcmd
2014-02-24 11:32 - 2014-02-24 11:32 - 06344480 _____ (Ghisler Software GmbH) C:\Users\Sesr\Downloads\tcm850x32_64.exe
2014-02-24 10:06 - 2014-02-24 10:06 - 00002221 _____ () C:\Users\Sesr\Desktop\Fantasy_Pivka.xls – zástupce.lnk
2014-02-24 10:04 - 2014-02-24 10:04 - 00021504 _____ () C:\Users\Sesr\Documents\Fantasy_Pivka.xls
2014-02-23 08:48 - 2014-02-23 08:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-22 12:06 - 2014-02-22 12:06 - 01102336 _____ (Microsoft Corporation) C:\Users\Sesr\Downloads\urlmon.dll
2014-02-22 10:51 - 2014-02-24 08:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-22 10:51 - 2014-02-22 10:51 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-22 10:24 - 2014-02-22 10:24 - 03012365 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-22.pcv
2014-02-21 19:27 - 2014-02-21 19:29 - 24501312 _____ (Mozilla) C:\Users\Sesr\Downloads\Firefox Setup 27.0.exe
2014-02-21 19:26 - 2014-02-21 19:26 - 06108586 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-21.pcv
2014-02-21 19:25 - 2014-02-21 19:25 - 00000989 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-21 19:23 - 2014-02-21 19:23 - 01035926 _____ () C:\Users\Sesr\Downloads\MozBackup-1.5.1-EN.exe
2014-02-20 10:15 - 2014-02-26 11:35 - 00000000 ____D () C:\FRST
2014-02-20 10:12 - 2014-02-20 10:12 - 01141248 _____ (Farbar) C:\Users\Sesr\Downloads\FRST.exe
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\rsit
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\Program Files\trend micro
2014-02-20 09:30 - 2014-02-20 09:30 - 00781909 _____ () C:\Users\Sesr\Downloads\RSIT.exe
2014-02-20 09:21 - 2014-02-20 09:21 - 00001117 _____ () C:\Users\Public\Desktop\Cinema HD 2.0.lnk
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\OGG
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\HDX4
2014-02-20 09:11 - 2014-02-20 09:12 - 26735944 _____ (Engelmann Media GmbH) C:\Users\Sesr\Downloads\cinemahd-full.exe
2014-02-12 21:52 - 2014-02-12 21:53 - 02152176 _____ () C:\Users\Sesr\Downloads\CodecPerformerSetup.exe
2014-02-12 21:15 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 21:14 - 2013-12-10 03:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 21:14 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 21:14 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 21:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 21:14 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 21:14 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 21:14 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 21:14 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 21:14 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-01-29 12:49 - 2013-09-13 12:16 - 417921024 _____ () C:\Users\Sesr\Downloads\5x11-Šťastí až navěky.avi
2014-01-27 10:14 - 2014-01-28 10:40 - 00000000 ____D () C:\Users\Sesr\Desktop\Ennio-Morricone-discography-1969-2007
==================== One Month Modified Files and Folders =======
2014-02-26 11:35 - 2014-02-26 11:35 - 00007083 _____ () C:\Users\Sesr\Desktop\FRST.txt
2014-02-26 11:35 - 2014-02-20 10:15 - 00000000 ____D () C:\FRST
2014-02-26 11:23 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:23 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 11:11 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-26 11:11 - 2009-07-14 05:39 - 00045873 _____ () C:\Windows\setupact.log
2014-02-26 11:10 - 2013-08-12 09:04 - 01418221 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 10:47 - 2013-08-12 09:46 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 09:59 - 2014-02-26 09:59 - 00000000 ____D () C:\Users\Sesr\Desktop\GrantPerms
2014-02-26 09:57 - 2014-02-26 09:58 - 00453083 _____ () C:\Users\Sesr\Desktop\GrantPerms.zip
2014-02-26 09:57 - 2014-02-26 09:57 - 00453083 _____ () C:\Users\Sesr\Downloads\GrantPerms.zip
2014-02-26 09:30 - 2014-02-26 09:33 - 00982016 _____ (Farbar) C:\Users\Sesr\Desktop\MiniToolBox.exe
2014-02-26 09:30 - 2014-02-26 09:30 - 00982016 _____ (Farbar) C:\Users\Sesr\Downloads\MiniToolBox.exe
2014-02-25 10:24 - 2014-02-25 10:00 - 00000000 ____D () C:\audiograbber
2014-02-25 10:00 - 2014-02-25 09:59 - 00000646 _____ () C:\Users\Sesr\Desktop\Audiograbber.lnk
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiograbber
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\Program Files\audiograbber
2014-02-25 09:57 - 2013-08-27 08:55 - 00000000 ____D () C:\Users\Sesr\Documents\_install
2014-02-25 09:43 - 2014-02-25 09:42 - 01144320 _____ (Farbar) C:\Users\Sesr\Desktop\FRST.exe
2014-02-24 11:33 - 2014-02-24 11:33 - 00000632 _____ () C:\Users\Sesr\Desktop\Total Commander.lnk
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\Users\Sesr\AppData\Roaming\GHISLER
2014-02-24 11:33 - 2014-02-24 11:33 - 00000000 ____D () C:\totalcmd
2014-02-24 11:32 - 2014-02-24 11:32 - 06344480 _____ (Ghisler Software GmbH) C:\Users\Sesr\Downloads\tcm850x32_64.exe
2014-02-24 10:06 - 2014-02-24 10:06 - 00002221 _____ () C:\Users\Sesr\Desktop\Fantasy_Pivka.xls – zástupce.lnk
2014-02-24 10:04 - 2014-02-24 10:04 - 00021504 _____ () C:\Users\Sesr\Documents\Fantasy_Pivka.xls
2014-02-24 08:23 - 2014-02-22 10:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-23 08:48 - 2014-02-23 08:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-23 08:17 - 2013-08-12 10:39 - 00180402 _____ () C:\Windows\PFRO.log
2014-02-22 12:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-22 12:06 - 2014-02-22 12:06 - 01102336 _____ (Microsoft Corporation) C:\Users\Sesr\Downloads\urlmon.dll
2014-02-22 10:51 - 2014-02-22 10:51 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-22 10:43 - 2013-08-12 09:07 - 00000000 ____D () C:\Users\Sesr
2014-02-22 10:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-02-22 10:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-02-22 10:24 - 2014-02-22 10:24 - 03012365 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-22.pcv
2014-02-21 19:29 - 2014-02-21 19:27 - 24501312 _____ (Mozilla) C:\Users\Sesr\Downloads\Firefox Setup 27.0.exe
2014-02-21 19:26 - 2014-02-21 19:26 - 06108586 _____ () C:\Users\Sesr\Documents\Firefox 27.0.1 (cs) - 2014-02-21.pcv
2014-02-21 19:25 - 2014-02-21 19:25 - 00000989 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-21 19:23 - 2014-02-21 19:23 - 01035926 _____ () C:\Users\Sesr\Downloads\MozBackup-1.5.1-EN.exe
2014-02-21 19:01 - 2013-08-12 09:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 19:01 - 2013-08-12 09:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-20 10:12 - 2014-02-20 10:12 - 01141248 _____ (Farbar) C:\Users\Sesr\Downloads\FRST.exe
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\rsit
2014-02-20 09:50 - 2014-02-20 09:50 - 00000000 ____D () C:\Program Files\trend micro
2014-02-20 09:30 - 2014-02-20 09:30 - 00781909 _____ () C:\Users\Sesr\Downloads\RSIT.exe
2014-02-20 09:21 - 2014-02-20 09:21 - 00001117 _____ () C:\Users\Public\Desktop\Cinema HD 2.0.lnk
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Engelmann Media
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\OGG
2014-02-20 09:21 - 2014-02-20 09:21 - 00000000 ____D () C:\Program Files\Common Files\HDX4
2014-02-20 09:17 - 2013-08-12 09:42 - 00000000 ____D () C:\Users\Sesr\AppData\Local\Adobe
2014-02-20 09:12 - 2014-02-20 09:11 - 26735944 _____ (Engelmann Media GmbH) C:\Users\Sesr\Downloads\cinemahd-full.exe
2014-02-17 21:58 - 2013-08-21 06:13 - 00000000 ____D () C:\Users\Sesr\AppData\Local\PokerStars
2014-02-17 21:57 - 2013-08-21 06:12 - 00000000 ____D () C:\Program Files\PokerStars
2014-02-17 14:30 - 2013-08-12 09:10 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-13 17:39 - 2013-08-20 08:13 - 00000000 ____D () C:\Program Files\Opera
2014-02-13 09:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-12 21:53 - 2014-02-12 21:52 - 02152176 _____ () C:\Users\Sesr\Downloads\CodecPerformerSetup.exe
2014-02-12 21:31 - 2013-08-14 10:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 21:27 - 2013-08-13 15:45 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-02 09:29 - 2013-09-09 09:19 - 00007680 _____ () C:\Users\Sesr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-01 14:55 - 2013-08-22 13:08 - 00706048 _____ () C:\Users\Sesr\Documents\KolemDvou.cz.xls
2014-01-31 10:38 - 2013-10-17 09:07 - 00000000 ____D () C:\Users\Sesr\Documents\Osobni
2014-01-28 10:40 - 2014-01-27 10:14 - 00000000 ____D () C:\Users\Sesr\Desktop\Ennio-Morricone-discography-1969-2007
Some content of TEMP:
====================
C:\Users\Sesr\AppData\Local\Temp\avgnt.exe
C:\Users\Sesr\AppData\Local\Temp\Checkupdate.exe
C:\Users\Sesr\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Sesr\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Sesr\AppData\Local\Temp\gtapi_signed.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-22 12:33
==================== End Of Log ============================
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 11:55
spust poznamkovy blog, vloz text KOD, do poznamkoveho blogu>>bez textu KOD
nastavtav vsetky subory>>
Klikni na zalozku>>subor, ulozt,ako fixlist.txt
Tam kde mas program FRST>.spust FRST ako admin>>a teraz pozor Kliknes na FIX
Log fixlog vloz sem
Restartuj pocitac a napis co je noveho.
Kód: Vybrat vše
C:\Users\Sesr\AppData\Local\Temp\avgnt.exe
C:\Users\Sesr\AppData\Local\Temp\Checkupdate.exe
C:\Users\Sesr\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Sesr\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Sesr\AppData\Local\Temp\gtapi_signed.dll
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16128 2013-08-19] (Windows (R) Win 7 DDK provider)
C:\Windows\System32\DRIVERS\gtkdrv.sys
Replace: C:\Users\Sesr\Downloads\urlmon.dll c:\WINDOWS\system32\urlmon.dll Klikni na zalozku>>subor, ulozt,ako fixlist.txt
Tam kde mas program FRST>.spust FRST ako admin>>a teraz pozor Kliknes na FIX
Log fixlog vloz sem
Restartuj pocitac a napis co je noveho.
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 14:05
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-02-2014 01
Ran by Sesr at 2014-02-26 14:03:43 Run:3
Running from C:\Users\Sesr\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\Sesr\AppData\Local\Temp\avgnt.exe
C:\Users\Sesr\AppData\Local\Temp\Checkupdate.exe
C:\Users\Sesr\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Sesr\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Sesr\AppData\Local\Temp\gtapi_signed.dll
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16128 2013-08-19] (Windows (R) Win 7 DDK provider)
C:\Windows\System32\DRIVERS\gtkdrv.sys
Replace: C:\Users\Sesr\Downloads\urlmon.dll c:\WINDOWS\system32\urlmon.dll
*****************
C:\Users\Sesr\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\Checkupdate.exe => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\Foxit Reader Updater.exe => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\gcapi_dll.dll => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\gtapi_signed.dll => Moved successfully.
TrojanKillerDriver => Service deleted successfully.
C:\Windows\System32\DRIVERS\gtkdrv.sys => Moved successfully.
c:\WINDOWS\system32\urlmon.dll => Moved successfully.
C:\Users\Sesr\Downloads\urlmon.dll copied successfully to c:\WINDOWS\system32\urlmon.dll
==== End of Fixlog ====
Ran by Sesr at 2014-02-26 14:03:43 Run:3
Running from C:\Users\Sesr\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\Sesr\AppData\Local\Temp\avgnt.exe
C:\Users\Sesr\AppData\Local\Temp\Checkupdate.exe
C:\Users\Sesr\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Sesr\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Sesr\AppData\Local\Temp\gtapi_signed.dll
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16128 2013-08-19] (Windows (R) Win 7 DDK provider)
C:\Windows\System32\DRIVERS\gtkdrv.sys
Replace: C:\Users\Sesr\Downloads\urlmon.dll c:\WINDOWS\system32\urlmon.dll
*****************
C:\Users\Sesr\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\Checkupdate.exe => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\Foxit Reader Updater.exe => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\gcapi_dll.dll => Moved successfully.
C:\Users\Sesr\AppData\Local\Temp\gtapi_signed.dll => Moved successfully.
TrojanKillerDriver => Service deleted successfully.
C:\Windows\System32\DRIVERS\gtkdrv.sys => Moved successfully.
c:\WINDOWS\system32\urlmon.dll => Moved successfully.
C:\Users\Sesr\Downloads\urlmon.dll copied successfully to c:\WINDOWS\system32\urlmon.dll
==== End of Fixlog ====
Re: Ordinální číslo 459 se nepodařilo v dynamicky ...
Napsal: 26 úno 2014 14:22
No ako??restartoval pc??odskusal?? vsak napis ze co a ako...
Ak tam mas este ten program Trojankiller>>tak to odinstaluj, je to suviks program.
Ak tam mas este ten program Trojankiller>>tak to odinstaluj, je to suviks program.