VIRY.CZ

dobrý den ,mam problém že procesor po nabootovaní stale beží naplno, dekuji Milan

stale běží naplnoScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Ran by bonapart (administrator) on AAA-8D452092365 (16-03-2017 09:43:46)
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Platform: SystĂ©m Microsoft Windows XP Professional Service Pack 3 (X86) Language: ÄŚeĹˇtina
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
() C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Documents and Settings\bonapart\Plocha\FRSTLAUNCHER.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WINDVDPatch] => C:\WINDOWS\system32\CTHELPER.EXE [24576 2002-07-02] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [OODefragTray] => C:\WINDOWS\system32\oodtray.exe [2512392 2007-05-11] (O&O Software GmbH)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [333416 2012-09-05] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [242792 2012-12-03] (McAfee, Inc.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03] (ATI Technologies Inc.)
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\Run: [OEXPRESS] => C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE [26624 2012-06-17] ()
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1294336 2007-11-07] (Time Information Services Ltd.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuĹˇtÄ›nĂ\Adobe Gamma Loader.exe.lnk [2012-06-16]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuĹˇtÄ›nĂ\Microsoft Office.lnk [2012-06-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B9E8FD39-D613-4BAE-8870-261FB5703D57}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20161218183001.dll [2016-12-18] (McAfee, Inc.)
BHO: PDFCreator Toolbar Helper -> {C451C08A-EC37-45DF-AAAD-18B51AB5E837} -> C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2012-12-08] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
Toolbar: HKLM - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2012-12-08] ()
Toolbar: HKU\S-1-5-21-448539723-1682526488-1417001333-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2012-04-20] (SpoleÄŤnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://85.70.231.178:8888/AVC_AX_764.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1339796493156
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-06-16] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-26] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Default [2016-04-21]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1 [2017-03-16]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\System Profile [2016-12-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-27] (SUPERAntiSpyware.com)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-05-03] ()
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [202376 2016-12-18] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2012-12-03] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [167344 2016-12-18] (McAfee, Inc.)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btwsecfl; C:\WINDOWS\System32\drivers\btwsecfl.sys [92792 2012-09-18] (Broadcom Corporation.)
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 ggsomc; C:\WINDOWS\System32\DRIVERS\ggsomc.sys [26328 2015-10-27] (Sony Mobile Communications)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] ()
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [132912 2016-12-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [234824 2016-12-18] (McAfee, Inc.)
R3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [65488 2016-12-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [565352 2016-12-18] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [92192 2016-12-18] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [91168 2016-12-18] (McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 pmserenum; C:\WINDOWS\System32\DRIVERS\pmserenum.sys [30616 2012-09-06] (PenMount)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX32.sys [104848 2012-12-14] (Ray Hinchliffe)
S3 smbusp; C:\WINDOWS\System32\DRIVERS\intelsmb.sys [45184 2012-09-06] (Intel Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwmodem; system32\DRIVERS\btwmodem.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 eapihdrv; \??\C:\DOCUME~1\bonapart\LOCALS~1\Temp\ehdrv.sys [X]
U3 mfeavfk01; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-16 09:43 - 2017-03-16 09:43 - 01766912 _____ (Farbar) C:\Documents and Settings\bonapart\Plocha\FRST.exe
2017-03-16 09:43 - 2017-03-16 09:43 - 00017577 _____ C:\Documents and Settings\bonapart\Plocha\FRST.txt
2017-03-16 09:43 - 2017-03-16 09:43 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\FRST-OlderVersion
2017-03-16 09:21 - 2017-03-16 09:21 - 00000000 ____D C:\Documents and Settings\bonapart\NabĂdka Start\Programy\CyberLink PowerDVD 9
2017-03-15 20:19 - 2017-03-16 09:21 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.BAK
2017-03-12 20:57 - 2010-09-22 19:20 - 11987016 _____ C:\Documents and Settings\bonapart\Plocha\22092010054.mp4
2017-03-12 20:57 - 2010-09-16 18:05 - 32903418 _____ C:\Documents and Settings\bonapart\Plocha\16092010051.mp4
2017-03-12 20:57 - 2010-09-16 17:52 - 04968804 _____ C:\Documents and Settings\bonapart\Plocha\16092010050.mp4
2017-03-03 18:44 - 2017-03-03 18:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\slevomat
2017-02-27 19:53 - 2017-03-02 18:01 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\dan
2017-02-20 19:44 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\SilverKeyFree.4.9.0.2 ĹˇifrovĂˇnĂ
2017-02-18 16:52 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Lucie MelichovĂˇ
2017-02-17 18:52 - 2017-02-17 18:52 - 01422446 _____ C:\Documents and Settings\bonapart\Plocha\PrvnĂ pĹ™Ăznak 'Alzheimera.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-16 09:44 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Local Settings\Temp
2017-03-16 09:43 - 2012-06-15 22:10 - 00000000 ___HD C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ
2017-03-16 09:43 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha
2017-03-16 09:39 - 2016-12-17 12:15 - 00000000 ____D C:\FRST
2017-03-16 09:28 - 2012-06-15 22:05 - 00032288 _____ C:\WINDOWS\SchedLgU.Txt
2017-03-16 09:28 - 2012-06-15 22:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-16 09:21 - 2016-12-17 22:00 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-16 09:21 - 2016-07-01 21:25 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
2017-03-16 09:21 - 2014-03-19 10:45 - 00000228 _____ C:\WINDOWS\Tasks\PĹ™ihlĂˇĹˇenĂ k oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job
2017-03-16 09:21 - 2012-06-16 10:12 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.CDF
2017-03-16 09:21 - 2012-06-15 22:10 - 00000000 ___RD C:\Documents and Settings\bonapart\NabĂdka Start\Programy
2017-03-16 09:21 - 2001-10-25 15:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2017-03-16 09:19 - 2013-08-13 08:29 - 02644667 _____ C:\WINDOWS\system32\oodbs.lor
2017-03-15 23:53 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-03-15 23:53 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-03-15 23:53 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-15 23:53 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-15 23:53 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-15 23:53 - 2012-06-15 22:10 - 00000178 ___SH C:\Documents and Settings\bonapart\ntuser.ini
2017-03-15 23:38 - 2012-06-15 23:44 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2017-03-15 21:08 - 2012-06-16 19:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-15 21:05 - 2016-12-17 22:00 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-15 20:12 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart
2017-03-13 17:58 - 2017-02-01 18:52 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Ota
2017-03-12 21:06 - 2012-06-18 18:03 - 00000000 ____D C:\Documents and Settings\bonapart\Data aplikacĂ\vlc
2017-03-12 21:05 - 2012-06-29 19:37 - 00042496 _____ C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-09 20:59 - 2015-12-30 20:17 - 00000038 _____ C:\WINDOWS\AviSplitter.INI
2017-03-09 19:16 - 2016-08-25 17:50 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\karta
2017-03-07 12:08 - 2012-06-16 19:25 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Angl.Nella
2017-03-05 16:45 - 2014-07-06 00:07 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NA EXTERAK
2017-03-01 19:50 - 2017-01-26 18:37 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\JIDELĂK od 1.2.2017
2017-02-27 19:22 - 2017-02-13 19:24 - 00000530 _____ C:\Documents and Settings\bonapart\Plocha\ZĂˇstupce - DivokĂ©-vlny-(anim.-2007)cz---IRISA.lnk
2017-02-22 19:04 - 2012-06-16 17:32 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NĂSTROJE
2017-02-22 19:04 - 2012-06-15 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2017-02-14 20:33 - 2012-06-16 19:06 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\new movie
2017-02-14 19:30 - 2012-06-21 08:10 - 00000000 ____D C:\Documents and Settings\bonapart\Data aplikacĂ\YouTube Downloader

==================== Files in the root of some directories =======

2012-12-05 21:43 - 2013-09-09 17:55 - 0087608 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\inst.exe
2012-12-05 21:43 - 2013-09-09 17:55 - 0007887 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.cat
2012-12-05 21:43 - 2013-09-09 17:55 - 0001144 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.inf
2012-12-05 21:43 - 2013-09-09 17:55 - 0000034 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.log
2012-12-05 21:43 - 2013-09-09 17:55 - 0047360 _____ (VSO Software) C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.sys
2012-06-29 19:37 - 2017-03-12 21:05 - 0042496 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-16 08:35 - 2012-06-16 08:35 - 0000128 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\fusioncache.dat
2016-03-08 13:30 - 2016-08-18 19:49 - 45700992 _____ (Sony) C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\pcc.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27AFD587C462E280EE046B8CCA3C2CD1

C:\WINDOWS\system32\winlogon.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) CDDB1F8E1AEA356F3AD106F2CF9B7FEA

C:\WINDOWS\system32\svchost.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) BE4A520E29B6391F49E79CCC52044D93

C:\WINDOWS\system32\services.exe
[2008-04-14 07:52] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9EF697AF07BB8DD82C3B02CA953A95B7

C:\WINDOWS\system32\User32.dll
[2008-04-14 07:52] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) E16E0990967374E76F3E40CACAFD3D53

C:\WINDOWS\system32\userinit.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7DC1830F22E7D275B438127B68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll
[2008-04-14 07:51] - [2011-03-03 07:54] - 0149504 ____A (Microsoft Corporation) 443FA2B9D23DAA57077A670E7B14052A

C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 06:42] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28A4B296B47782173C346E376CB374D1

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MÄ›sĂÄŤnĂ oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PĹ™ihlĂˇĹˇenĂ k oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\bonapart\Plocha" je 86590 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\phoenix2\\files\\proxy.exe"="C:\\phoenix2\\files\\proxy.exe:*:Enabled:Proxyy"
"C:\\phoenix2\\files\\phoenix.exe"="C:\\phoenix2\\files\\phoenix.exe:*:Enabled:Phoenixx"
"C:\\phoenix2\\files\\wget.exe"="C:\\phoenix2\\files\\wget.exe:*:Enabled:Wgett"
"C:\\Program Files\\Moloz\\cpu\\cpu.exe"="C:\\Program Files\\Moloz\\cpu\\cpu.exe:*:Enabled:Molozcpu"
"C:\\Program Files\\Moloz\\gpu\\gpu.exe"="C:\\Program Files\\Moloz\\gpu\\gpu.exe:*:Enabled:Molozgpu"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe"="C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe:*:Enabled:Update Engine"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\\Program Files\\VideoViewer\\VideoViewer.exe"="C:\\Program Files\\VideoViewer\\VideoViewer.exe:*:Enabled:VideoViewer"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP:*:Disabled:Vzd len spr va syst‚mu Windows "
"80:TCP"="80:TCP:*:Disabled:Vzd len spr va syst‚mu Windows - re§im kompatibility (HTTP-In) "

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

dobrý vecer posilam log , ale nevím jestli je ok, zapomel jsem vypnout antivit, sken probehl dobre ale pri cisteni mi dal antivir ADW do karanteny , musel jsem restartovat po bootu se objevil log v txt
mam to udelat znova s vypnutym antivirem ???
i po cleanu problem stale pretrvava, pokud chci cokoliv delat musim vypnout ve spravci uloh proces SVCHOST.exe který vuziva procesor 94 - 99 procent, pak pc funguje.
zatim dekuji Milan

# AdwCleaner v6.044 - Log vytvořen 16/03/2017 v 19:19:21
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : bonapart - AAA-8D452092365
# Spuštěno z : C:\Documents and Settings\bonapart\Plocha\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka smazána: C:\Program Files\VideoViewer
[-] Složka smazána: C:\temp
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\temp
[-] Složka smazána: C:\WINDOWS\temp
[-] Složka smazána: C:\Documents and Settings\All Users\Data aplikací\ytd video downloader
[-] Složka smazána: C:\Documents and Settings\All Users\Nabídka Start\Programy\Uniblue
[-] Složka smazána: C:\Documents and Settings\All Users\Nabídka Start\Programy\ytd video downloader
[-] Složka smazána: C:\Program Files\GreenTree Applications
[-] Složka smazána: C:\Program Files\Uniblue

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0BF85F37-ECD3-462C-8F41-902FD170F42E}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0BF85F37-ECD3-462C-8F41-902FD170F42E}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommObj.ExtCommObj.WebCommObj.ExtCommObj
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommObj.ExtCommObj.WebCommObj.ExtCommObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{0ED2BF70-D5F2-4C89-BC03-DD3E771D5388}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0ED2BF70-D5F2-4C89-BC03-DD3E771D5388}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommunication.WebComObject.WebCommunication.WebComObject
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\WebCommunication.WebComObject.WebCommunication.WebComObject.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}]
[-] Klíč smazán: HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\APN PIP
[-] Klíč smazán: HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Uniblue
[#] Klíč smazán po restartu: HKCU\Software\APN PIP
[#] Klíč smazán po restartu: HKCU\Software\Uniblue
[-] Klíč smazán: HKLM\SOFTWARE\PIP
[-] Klíč smazán: HKLM\SOFTWARE\Uniblue
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4295 Bajty] - [16/03/2017 19:19:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [4516 Bajty] - [16/03/2017 19:10:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4441 Bajty] ##########

Dejte nový log FRST.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by bonapart (16-03-2017 20:52:45)
Running from C:\Documents and Settings\bonapart\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2012-06-15 21:04:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-448539723-1682526488-1417001333-500 - Administrator - Enabled)
ASPNET (S-1-5-21-448539723-1682526488-1417001333-1004 - Limited - Enabled)
bonapart (S-1-5-21-448539723-1682526488-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\bonapart
Guest (S-1-5-21-448539723-1682526488-1417001333-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-448539723-1682526488-1417001333-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-448539723-1682526488-1417001333-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\uTorrent) (Version: 1.7.7 - )
µTorrent CZ 1.7.7 (build 8179) (HKLM\...\µTorrent CZ_is1) (Version: - emc)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop 6.0.1 CE (HKLM\...\Adobe Photoshop 6.0.1 CE) (Version: 6.0.1 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Apple Application Support (HKLM\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.252-060503a-038185C-ATI - )
Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2) (HKLM\...\819D45A9F73817F5B6D7C71A33ADAB88C5DA1765) (Version: 08/03/2007 6.84.0.2 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6) (HKLM\...\6A630DCEC5EEC912115F2FF59D8C2C769798D930) (Version: 10/12/2007 3.6 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Canon CanoScan Toolbox 4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CorelDRAW Graphics Suite 12 (HKLM\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
CyberLink PowerDVD 9.0.1501 CZ (HKLM\...\CyberLink PowerDVD 9.0.1501) (Version: - Sub - Zero)
DVDFab 7.0.4.0 (15/04/2010) (HKLM\...\DVDFab 7_is1) (Version: - Fengtao Software Inc.)
FormatFactory 3.7.0.0 (HKLM\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 8.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 8.8.0 - )
McAfee Agent (HKLM\...\{D107EA80-023A-443C-AA79-1C4B0CB2E227}) (Version: 4.6.0.2988 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.03000 - McAfee, Inc.)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.85.14.1 - Nokia)
Nokia PC Suite (Version: 6.85.14.1 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
O&O Defrag Professional Edition (HKLM\...\{53480330-E1D1-41CA-B8F8-7F78644F7F50}) (Version: 10.0.1634 - O&O Software GmbH)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Translator (HKLM\...\PC Translator) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.6 - Frank Heindörfer, Philip Chinery)
PDFCreator Toolbar (HKLM\...\PDFCreator Toolbar) (Version: 3.3.0.1 - )
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software602 Form Filler rozšíření pro internetové prohlížeče (HKLM\...\602XMLFiller_CAB) (Version: 4.12 - Software602 a.s.)
Sonic Foundry Sound Forge 6.0a (HKLM\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.16.10.201607130957 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sound Blaster Live! (HKLM\...\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}) (Version: - )
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1006 - SUPERAntiSpyware.com)
Ultra Video Joiner 5.2.0603 (HKLM\...\Ultra Video Joiner_is1) (Version: - Aone Software)
Uniblue RegistryBooster 2009 (HKLM\...\Uniblue RegistryBooster 2009) (Version: - Uniblue Systems)
Uniblue RegistryBooster 2009 (Version: 3.0 - Uniblue Systems) Hidden
Video Viewer (HKLM\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.25 - VSO-Software SARL)
VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip (HKLM\...\WinZip) (Version: - )
XMedia Recode version 3.1.3.7 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.3.7 - XMedia Recode)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
YTD (pepak) (HKLM\...\YTD_Pepak) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{677D54F0-573E-11D4-9385-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpep.dll (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{8AC29A61-573D-11D4-9385-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpeo.ocx (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{943AA438-0ED3-11D3-8CE7-00105AC417F9}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpeo.ocx (O&O Software GmbH)
CustomCLSID: HKU\S-1-5-21-448539723-1682526488-1417001333-1003_Classes\CLSID\{B4E83711-62D3-11D4-9396-005004518EC8}\InprocServer32 -> C:\Program Files\OO Software\Defrag Professional\oodpep.dll (O&O Software GmbH)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\bonapart\Okolní síť\Mé stránky WWW v síti MSN\target.lnk -> hxxp://uk.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2012-12-08 19:41 - 2001-10-28 17:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2007-04-18 20:30 - 2007-04-18 20:30 - 00393216 _____ () C:\Program Files\McAfee\Common Framework\cryptocme2.dll
2007-04-18 20:30 - 2007-04-18 20:30 - 00471040 _____ () C:\Program Files\McAfee\Common Framework\ccme_base.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2012-06-17 08:46 - 2012-06-17 08:46 - 00045056 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
2014-04-20 09:02 - 2009-08-16 16:06 - 00141312 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-17 08:46 - 2012-06-17 08:46 - 00026624 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
2012-06-17 08:46 - 2012-06-17 08:46 - 00200704 _____ () C:\Documents and Settings\All Users\Data aplikací\LangSoft\TrnOET.dll
2016-09-07 16:27 - 2016-09-06 11:00 - 05197312 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 16:27 - 2016-09-06 11:00 - 00147456 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-10-25 15:00 - 2012-09-27 20:15 - 00000777 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 license.superantispyware.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\McAfee\Common Framework\FrameworkService.exe] => Enabled:McAfee Framework Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
StandardProfile\AuthorizedApplications: [C:\Program Files\uTorrent\utorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\proxy.exe] => Enabled:Proxyy
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\phoenix.exe] => Enabled:Phoenixx
StandardProfile\AuthorizedApplications: [C:\phoenix2\files\wget.exe] => Enabled:Wgett
StandardProfile\AuthorizedApplications: [C:\Program Files\Moloz\cpu\cpu.exe] => Enabled:Molozcpu
StandardProfile\AuthorizedApplications: [C:\Program Files\Moloz\gpu\gpu.exe] => Enabled:Molozgpu
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe] => Enabled:Update Engine
StandardProfile\AuthorizedApplications: [C:\Program Files\McAfee\Common Framework\FrameworkService.exe] => Enabled:McAfee Framework Service
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoViewer\VideoViewer.exe] => Enabled:VideoViewer
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows
StandardProfile\GloballyOpenPorts: [80:TCP] => Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)

==================== Restore Points =========================

20-11-2016 11:44:14 Kontrolní bod systému
24-11-2016 18:08:09 Kontrolní bod systému
28-11-2016 20:51:13 Kontrolní bod systému
02-12-2016 22:15:19 Kontrolní bod systému
04-12-2016 19:59:00 Kontrolní bod systému
07-12-2016 22:52:06 Kontrolní bod systému
10-12-2016 20:32:19 Kontrolní bod systému
16-12-2016 09:08:15 Revo Uninstaller Pro's restore point - RealPlayer
16-12-2016 21:14:00 Revo Uninstaller Pro's restore point - ESET Smart Security
16-12-2016 21:16:17 Removed ESET Smart Security
17-12-2016 09:41:26 Revo Uninstaller Pro's restore point - RealPlayer
17-12-2016 11:30:02 Software Distribution Service 3.0
17-12-2016 22:30:29 Uniblue RegistryBooster 2009
18-12-2016 18:29:41 Installed McAfee VirusScan Enterprise.
18-12-2016 18:41:24 Revo Uninstaller Pro's restore point - QuickTime Alternative 2.9.0
18-12-2016 18:41:53 Removed QuickTime
18-12-2016 18:44:00 Revo Uninstaller Pro's restore point - QuickTime Alternative 2.9.0
18-12-2016 18:46:09 Revo Uninstaller Pro's restore point - YTD Video Downloader 3.9.6
18-12-2016 18:47:10 Revo Uninstaller Pro's restore point - JDownloader 2
18-12-2016 18:49:07 Revo Uninstaller Pro's restore point - Uniblue DriverScanner
18-12-2016 18:50:07 Revo Uninstaller Pro's restore point - Freemake Video Downloader
18-12-2016 19:03:48 Revo Uninstaller Pro's restore point - Encyklopedie historie
18-12-2016 19:03:58 Odstraněno Encyklopedie historie
18-12-2016 19:11:25 Uniblue RegistryBooster 2009
26-12-2016 21:19:05 Kontrolní bod systému
08-01-2017 11:12:35 Kontrolní bod systému
19-01-2017 19:07:04 Kontrolní bod systému
05-02-2017 22:10:40 Odebráno: Software Bluetooth WIDCOMM
07-02-2017 18:55:52 Kontrolní bod systému
07-02-2017 19:22:43 Uniblue RegistryBooster 2009
09-02-2017 19:23:41 Kontrolní bod systému
11-02-2017 12:43:19 Kontrolní bod systému
14-02-2017 19:57:51 Kontrolní bod systému
04-03-2017 10:50:25 Kontrolní bod systému
05-03-2017 16:44:27 Uniblue RegistryBooster 2009
09-03-2017 21:45:14 Kontrolní bod systému

==================== Faulty Device Manager Devices =============

Name: Intel(R) 82801EB SMBus Controller - 24D3 (Intel(R) SMBus 2.0 Driver)
Description: Intel(R) 82801EB SMBus Controller - 24D3 (Intel(R) SMBus 2.0 Driver)
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: smbusp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Multimediální zvukový adaptér
Description: Multimediální zvukový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Nokia 6230i
Description: Nokia 6230i
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2017 11:19:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (03/06/2017 11:19:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (03/06/2017 11:19:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (03/06/2017 11:18:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (03/06/2017 11:17:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (03/05/2017 04:50:20 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Podproces v procesu C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe trval pøi plnìní požadavku déle než 90000 ms.

Proces bude ukonèen .
Id prodprocesu: 3412 (0xd54)

Adresa podprocesu 0x7C90E514

Zpráva podprocesu

Build VSCORE.15.1.0.500 / 5800.7501
Object being scanned = \Device\HarddiskVolume1\Documents and Settings\bonapart\Local Settings\Temp\689211B7.TMP
by C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
7200(62)(0)
7595(62)(0)
7005(62)(0)
7004(62)(0)
5006(0)(0)
5004(0)(0)
5003(0)(0)
5002(0)(1)

Error: (01/16/2017 07:20:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace AcroRd32.exe, verze 11.0.8.4, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (01/12/2017 06:47:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace AcroRd32.exe, verze 11.0.8.4, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (01/03/2017 09:25:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 49.0.2623.112, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (12/17/2016 12:44:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikace FRST.exe, verze 17.12.2016.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

System errors:
=============
Error: (03/16/2017 08:46:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (03/16/2017 07:22:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/16/2017 07:15:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba O&O Defrag byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba 602Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAS Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/16/2017 07:15:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/16/2017 07:15:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/16/2017 06:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 2046.73 MB
Available physical RAM: 1374.68 MB
Total Virtual: 3942.66 MB
Available Virtual: 3375.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.48 GB) (Free:14.09 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (Nový svazek) (Fixed) (Total:319.27 GB) (Free:15.91 GB) NTFS
Drive g: () (Fixed) (Total:232.88 GB) (Free:18.37 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 79617961)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 644E8DCC)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Toto je pouze Addition. Potřebuji ještě samotný log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Ran by bonapart (administrator) on AAA-8D452092365 (17-03-2017 10:35:17)
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Platform: SystĂ©m Microsoft Windows XP Professional Service Pack 3 (X86) Language: ÄŚeĹˇtina
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
() C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Documents and Settings\bonapart\Plocha\FRSTLAUNCHER.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WINDVDPatch] => C:\WINDOWS\system32\CTHELPER.EXE [24576 2002-07-02] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [OODefragTray] => C:\WINDOWS\system32\oodtray.exe [2512392 2007-05-11] (O&O Software GmbH)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [333416 2012-09-05] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [242792 2012-12-03] (McAfee, Inc.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03] (ATI Technologies Inc.)
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\...\Run: [OEXPRESS] => C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\OETRN.EXE [26624 2012-06-17] ()
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1294336 2007-11-07] (Time Information Services Ltd.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuĹˇtÄ›nĂ\Adobe Gamma Loader.exe.lnk [2012-06-16]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\NabĂdka Start\Programy\Po spuĹˇtÄ›nĂ\Microsoft Office.lnk [2012-06-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B9E8FD39-D613-4BAE-8870-261FB5703D57}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-448539723-1682526488-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20161218183001.dll [2016-12-18] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikacĂ\LangSoft\WebIE.dll [2012-06-17] ()
Toolbar: HKU\S-1-5-21-448539723-1682526488-1417001333-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2012-04-20] (SpoleÄŤnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://85.70.231.178:8888/AVC_AX_764.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1339796493156
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-06-16] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-26] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Default [2016-04-21]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1 [2017-03-17]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR Profile: C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\Google\Chrome\User Data\System Profile [2016-12-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-27] (SUPERAntiSpyware.com) [File not signed]
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-05-03] () [File not signed]
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [132712 2012-09-05] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [202376 2016-12-18] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2012-12-03] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [167344 2016-12-18] (McAfee, Inc.)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btwsecfl; C:\WINDOWS\System32\drivers\btwsecfl.sys [92792 2012-09-18] (Broadcom Corporation.)
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
S3 emu10k; C:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
S3 emu10k1; C:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 ggsomc; C:\WINDOWS\System32\DRIVERS\ggsomc.sys [26328 2015-10-27] (Sony Mobile Communications)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [132912 2016-12-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [234824 2016-12-18] (McAfee, Inc.)
R3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [65488 2016-12-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [565352 2016-12-18] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [92192 2016-12-18] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [91168 2016-12-18] (McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2013-09-09] (VSO Software) [File not signed]
S3 pmserenum; C:\WINDOWS\System32\DRIVERS\pmserenum.sys [30616 2012-09-06] (PenMount) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sfman; C:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX32.sys [104848 2012-12-14] (Ray Hinchliffe)
S3 smbusp; C:\WINDOWS\System32\DRIVERS\intelsmb.sys [45184 2012-09-06] (Intel Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwmodem; system32\DRIVERS\btwmodem.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 eapihdrv; \??\C:\DOCUME~1\bonapart\LOCALS~1\Temp\ehdrv.sys [X]
U3 mfeavfk01; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-17 10:35 - 2017-03-17 10:37 - 00017240 _____ C:\Documents and Settings\bonapart\Plocha\FRST.txt
2017-03-17 10:34 - 2017-03-17 10:34 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\FRST-OlderVersion
2017-03-17 10:33 - 2017-03-17 10:34 - 01766912 _____ (Farbar) C:\Documents and Settings\bonapart\Plocha\FRST.exe
2017-03-17 10:21 - 2017-03-17 10:21 - 00000000 ____D C:\Documents and Settings\bonapart\NabĂdka Start\Programy\CyberLink PowerDVD 9
2017-03-16 18:43 - 2017-03-16 19:19 - 00000000 ____D C:\AdwCleaner
2017-03-16 18:29 - 2017-03-16 18:30 - 04031440 _____ C:\Documents and Settings\bonapart\Plocha\adwcleaner_6.044.exe
2017-03-16 18:17 - 2017-03-17 10:21 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.BAK
2017-03-12 20:57 - 2010-09-22 19:20 - 11987016 _____ C:\Documents and Settings\bonapart\Plocha\22092010054.mp4
2017-03-12 20:57 - 2010-09-16 18:05 - 32903418 _____ C:\Documents and Settings\bonapart\Plocha\16092010051.mp4
2017-03-12 20:57 - 2010-09-16 17:52 - 04968804 _____ C:\Documents and Settings\bonapart\Plocha\16092010050.mp4
2017-03-03 18:44 - 2017-03-03 18:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\slevomat
2017-02-27 19:53 - 2017-03-02 18:01 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\dan
2017-02-20 19:44 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\SilverKeyFree.4.9.0.2 ĹˇifrovĂˇnĂ
2017-02-18 16:52 - 2017-02-20 19:44 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Lucie MelichovĂˇ
2017-02-17 18:52 - 2017-02-17 18:52 - 01422446 _____ C:\Documents and Settings\bonapart\Plocha\PrvnĂ pĹ™Ăznak 'Alzheimera.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-17 10:47 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Local Settings\Temp
2017-03-17 10:35 - 2016-12-17 12:15 - 00000000 ____D C:\FRST
2017-03-17 10:35 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha
2017-03-17 10:34 - 2012-06-15 22:10 - 00000000 ___HD C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ
2017-03-17 10:22 - 2001-10-25 15:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2017-03-17 10:21 - 2016-12-17 22:00 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-17 10:21 - 2016-07-01 21:25 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
2017-03-17 10:21 - 2014-03-19 10:45 - 00000228 _____ C:\WINDOWS\Tasks\PĹ™ihlĂˇĹˇenĂ k oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job
2017-03-17 10:21 - 2013-08-13 08:29 - 02652329 _____ C:\WINDOWS\system32\oodbs.lor
2017-03-17 10:21 - 2012-06-16 10:12 - 03373917 _____ C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000002-80401102}.CDF
2017-03-17 10:21 - 2012-06-15 22:10 - 00000000 ___RD C:\Documents and Settings\bonapart\NabĂdka Start\Programy
2017-03-17 10:21 - 2012-06-15 22:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-16 21:10 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:27 - 00016420 _____ C:\WINDOWS\system32\BMXState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-03-16 21:10 - 2012-06-16 10:27 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-03-16 21:10 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-16 21:10 - 2012-06-16 10:27 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000A-00001102-00000002-80401102}.dat
2017-03-16 21:10 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-16 10:11 - 00024672 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000002-00000000-0000000A-00001102-00000002-80401102}.rfx
2017-03-16 21:10 - 2012-06-15 22:10 - 00000178 ___SH C:\Documents and Settings\bonapart\ntuser.ini
2017-03-16 21:10 - 2012-06-15 22:05 - 00032288 _____ C:\WINDOWS\SchedLgU.Txt
2017-03-16 21:08 - 2012-06-16 19:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-16 21:05 - 2016-12-17 22:00 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-16 20:46 - 2016-12-22 16:48 - 00000000 ____D C:\QUARANTINE
2017-03-16 20:46 - 2012-06-15 23:44 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2017-03-16 19:18 - 2012-06-15 23:51 - 00000000 ___RD C:\Documents and Settings\All Users\NabĂdka Start\Programy
2017-03-16 19:18 - 2012-06-15 23:49 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikacĂ
2017-03-16 10:13 - 2012-06-15 22:10 - 00000000 ____D C:\Documents and Settings\bonapart
2017-03-13 17:58 - 2017-02-01 18:52 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Ota
2017-03-12 21:06 - 2012-06-18 18:03 - 00000000 ____D C:\Documents and Settings\bonapart\Data aplikacĂ\vlc
2017-03-12 21:05 - 2012-06-29 19:37 - 00042496 _____ C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-09 20:59 - 2015-12-30 20:17 - 00000038 _____ C:\WINDOWS\AviSplitter.INI
2017-03-09 19:16 - 2016-08-25 17:50 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\karta
2017-03-07 12:08 - 2012-06-16 19:25 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\Angl.Nella
2017-03-05 16:45 - 2014-07-06 00:07 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NA EXTERAK
2017-03-01 19:50 - 2017-01-26 18:37 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\JIDELĂK od 1.2.2017
2017-02-27 19:22 - 2017-02-13 19:24 - 00000530 _____ C:\Documents and Settings\bonapart\Plocha\ZĂˇstupce - DivokĂ©-vlny-(anim.-2007)cz---IRISA.lnk
2017-02-22 19:04 - 2012-06-16 17:32 - 00000000 ____D C:\Documents and Settings\bonapart\Plocha\NĂSTROJE
2017-02-22 19:04 - 2012-06-15 23:51 - 00000000 ____D C:\Documents and Settings\All Users\Plocha

==================== Files in the root of some directories =======

2012-12-05 21:43 - 2013-09-09 17:55 - 0087608 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\inst.exe
2012-12-05 21:43 - 2013-09-09 17:55 - 0007887 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.cat
2012-12-05 21:43 - 2013-09-09 17:55 - 0001144 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.inf
2012-12-05 21:43 - 2013-09-09 17:55 - 0000034 _____ () C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.log
2012-12-05 21:43 - 2013-09-09 17:55 - 0047360 _____ (VSO Software) C:\Documents and Settings\bonapart\Data aplikacĂ\pcouffin.sys
2012-06-29 19:37 - 2017-03-12 21:05 - 0042496 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-16 08:35 - 2012-06-16 08:35 - 0000128 _____ () C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\fusioncache.dat
2016-03-08 13:30 - 2016-08-18 19:49 - 45700992 _____ (Sony) C:\Documents and Settings\bonapart\Local Settings\Data aplikacĂ\pcc.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

VSO Image Resizer 1.3.4d (HKLM\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MÄ›sĂÄŤnĂ oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PĹ™ihlĂˇĹˇenĂ k oznamovĂˇnĂ konce poskytovĂˇnĂ sluĹľeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\bonapart\Plocha" je 86594 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\phoenix2\\files\\proxy.exe"="C:\\phoenix2\\files\\proxy.exe:*:Enabled:Proxyy"
"C:\\phoenix2\\files\\phoenix.exe"="C:\\phoenix2\\files\\phoenix.exe:*:Enabled:Phoenixx"
"C:\\phoenix2\\files\\wget.exe"="C:\\phoenix2\\files\\wget.exe:*:Enabled:Wgett"
"C:\\Program Files\\Moloz\\cpu\\cpu.exe"="C:\\Program Files\\Moloz\\cpu\\cpu.exe:*:Enabled:Molozcpu"
"C:\\Program Files\\Moloz\\gpu\\gpu.exe"="C:\\Program Files\\Moloz\\gpu\\gpu.exe:*:Enabled:Molozgpu"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe"="C:\\Program Files\\Sony Mobile\\Update Engine\\Sony Mobile Update Engine.exe:*:Enabled:Update Engine"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\\Program Files\\VideoViewer\\VideoViewer.exe"="C:\\Program Files\\VideoViewer\\VideoViewer.exe:*:Enabled:VideoViewer"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP:*:Disabled:Vzd len spr va syst‚mu Windows "
"80:TCP"="80:TCP:*:Disabled:Vzd len spr va syst‚mu Windows - re§im kompatibility (HTTP-In) "

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
U3 mfeavfk01; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Documents and Settings\bonapart\Plocha" je 86594 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systém. Vytvořte v C:\Documents and Settings\bonapart novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Fix result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by bonapart (17-03-2017 18:30:16) Run:2
Running from C:\Documents and Settings\bonapart\Plocha
Loaded Profiles: bonapart (Available Profiles: bonapart)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
U3 mfeavfk01; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

EmptyTemp:
End
*****************

HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value restored successfully
HKLM\System\CurrentControlSet\Services\mfeavfk01 => key removed successfully.
mfeavfk01 => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1682526488-1417001333-1003.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 149011 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/dllcache/drivers => 483 B
Edge => 0 B
Chrome => 22871730 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 66708 B
NetworkService => 66228 B
bonapart => 381645 B

RecycleBin => 0 B
EmptyTemp: => 22.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:31:12 ====

Smazáno. Nastala nějaká změna?

zatim ne, procesor je zahlcenej hned po bootu,jakmile vpravo na liste naskocí antivir a ovladani zvuku atd.
nevim jestli je to podstatne jak jsem už psal pokud vypnu ten proces SVCHOST.exe - system prestane to

Svchost spravuje síť. služby. Na zkoušku vypněte aut. aktualizace.

to vypnuti auto aktual. pomohlo, :
beží cpu naplno - vypnou se aktualizace nic se nedeje.
reboot - vse chdi ok, jakmile zapnu aktual. cpu jede naplno,
je pravda ze po tom vymazani už zacal chodit lepe chrom, dalo se s tim pracovat , ale procesor a ten proces stale
na plný výkon

Aktualizace ponecte vypnuté do příštích pravidelných (2. středa v dubnu). Pak je zapněte a nové aktualitace většinou opraví ty předchozí.

mam win XP ty uz nejsou tak podporovany, nebo nejaka aktual prijde?
jinak ty logy po vyčistení už nevykazují zadný problem?

VIRY.CZ

prosim o kontrolu logu FRST

prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST

Re: prosim o kontrolu logu FRST