VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=151918

Stránka 1 z 3

kontrola logu

Napsal: 18 dub 2017 09:29
od Emil
Zdravím Rudy,
systém v původním PC spadl, potřebuji zprovoznit starý počítač, který by mohl fungovat, ale přestal jsem ho před časem aktivně využívat, protože mi na něm nešel nainstalovat jiný antivir než ESET, který není free.
Navíc mi nefunguje prohlížeč bez stálých blokací nedůvěryhodným připojením a musím schvalovat bezp.vyjímky.
Můžu poprosit o kontrolu logu a vyřešení problémů ?
Děkuji mnohokrát.
Log níže.

Emil

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Ran by Silhan (administrator) on SILHAN-28569D83 (12-04-2017 12:30:25)
Running from C:\Documents and Settings\Silhan\Plocha
Loaded Profiles: Silhan (Available Profiles: Silhan & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Nuance Communications, Inc.) C:\Program Files\Dell Printers\paperport\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files\Dell Printers\paperport\PDFViewer\pdfPro5Hook.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Jing\Jing.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Acresso Corporation) C:\Documents and Settings\All Users\Data aplikacĂ­\FLEXnet\Connect\11\ISUSPM.exe
(GIGABYTE TECHNOLOGY CO., LTD.) C:\Program Files\Gigabyte\Gigabyte GN-WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig61.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Nuance Communications, Inc.) C:\Program Files\Dell Printers\paperport\PaperPort\PDFProFiltSrvPP.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
(Microsoft Corporation) C:\WINDOWS\system32\Restore\rstrui.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\Silhan\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio] => RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [IndexSearch] => C:\Program Files\Dell Printers\paperport\PaperPort\IndexSearch.exe [46368 2010-03-17] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\Dell Printers\paperport\PaperPort\pptd40nt.exe [29984 2010-03-17] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] => C:\Program Files\Dell Printers\paperport\PDFViewer\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF5 Registry Controller] => C:\Program Files\Dell Printers\paperport\PDFViewer\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [DLPSP] => C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [886152 2010-06-01] (Dell Inc.)
HKLM\...\Run: [DLUPDR] => C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE [566680 2010-06-01] (Dell Inc.)
HKLM\...\Run: [DLQLU] => C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE [1127744 2010-06-01] (Dell Inc.)
HKU\S-1-5-21-448539723-1004336348-725345543-1004\...\Run: [Jing] => C:\Program Files\TechSmith\Jing\Jing.exe [2911224 2015-09-11] (TechSmith Corporation)
HKU\S-1-5-21-448539723-1004336348-725345543-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6851288 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-448539723-1004336348-725345543-1004\...\Run: [ISUSPM] => C:\Documents and Settings\All Users\Data aplikacĂ­\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-448539723-1004336348-725345543-1004\...\MountPoints2: {29850b0c-0f1a-11e2-be7c-00110966d916} - RunClubSanDisk.exe
Lsa: [Notification Packages] scecli scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GN-WP01GS Utility.lnk [2008-01-07]
ShortcutTarget: GN-WP01GS Utility.lnk -> C:\Program Files\Gigabyte\Gigabyte GN-WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig61.exe (GIGABYTE TECHNOLOGY CO., LTD.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1B3735D8-820C-49B3-8694-2D1465E794F7}: [NameServer] 82.150.180.253,213.180.44.1
Tcpip\..\Interfaces\{8F5CB747-F9EB-4157-8D1A-4DEF2E060CFE}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-448539723-1004336348-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.volny.cz/
HKU\S-1-5-21-448539723-1004336348-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Dell Printers\paperport\PDFViewer\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-04-02] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-04-02] ()
Toolbar: HKU\S-1-5-21-448539723-1004336348-725345543-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (SpoleÄŤnost Microsoft)
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Silhan\Data aplikacĂ­\Mozilla\Firefox\Profiles\i6adm9g4.default-1491991084031 [2017-04-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-05-28] [not signed]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2007-11-21] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-448539723-1004336348-725345543-1004: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2007-11-21] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-15] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2007-05-10] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2000856 2016-06-10] (ESET)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-09] (Nero AG) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files\Dell Printers\paperport\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-17] (Nuance Communications, Inc.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [572928 2008-04-29] (Nokia.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [17119 2008-01-07] (Meetinghouse Data Communications) [File not signed]
R3 cmuda; C:\WINDOWS\System32\drivers\cmuda.sys [815296 2004-02-20] (C-Media Inc)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2013-04-02] (Phoenix Technologies) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206496 2016-06-28] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [156320 2016-06-28] (ESET)
R2 ekbdflt; C:\WINDOWS\System32\DRIVERS\ekbdflt.sys [121504 2016-06-28] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [162472 2016-06-28] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [55968 2016-06-28] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [77992 2016-06-28] (ESET)
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [220032 2004-08-04] (Conexant Systems, Inc.)
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-04] (Conexant Systems, Inc.)
R3 RT61; C:\WINDOWS\System32\DRIVERS\RT61.sys [319104 2005-06-04] (Ralink Technology Inc.)
S3 upperdev; C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys [8064 2007-11-29] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [8064 2007-11-29] (Windows (R) Codename Longhorn DDK provider)
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [685056 2004-08-04] (Conexant Systems, Inc.)
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; no ImagePath
S3 NTACCESS; \??\D:\NTACCESS.sys [X]
S0 rseb; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-12 12:30 - 2017-04-12 12:31 - 00011493 _____ C:\Documents and Settings\Silhan\Plocha\FRST.txt
2017-04-12 12:30 - 2017-04-12 12:30 - 00000000 ____D C:\FRST
2017-04-12 12:29 - 2017-04-12 12:29 - 01766912 _____ (Farbar) C:\Documents and Settings\Silhan\Plocha\FRST.exe
2017-04-12 12:26 - 2017-04-12 12:27 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Silhan\Plocha\FRSTLauncher.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-12 12:31 - 2008-01-07 19:07 - 00000000 ____D C:\Documents and Settings\Silhan\Local Settings\Temp
2017-04-12 12:30 - 2008-01-07 19:07 - 00000000 ____D C:\Documents and Settings\Silhan\Plocha
2017-04-12 12:29 - 2013-04-02 16:18 - 00000000 ____D C:\Documents and Settings\Silhan\Dokumenty\Stažené soubory
2017-04-12 12:29 - 2008-01-07 19:07 - 00000000 ___HD C:\Documents and Settings\Silhan\Local Settings\Data aplikacĂ­
2017-04-12 12:10 - 2013-04-02 12:16 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-04-12 12:06 - 2013-04-02 12:16 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-04-12 11:58 - 2015-06-23 10:54 - 00000000 ____D C:\Documents and Settings\Silhan\Plocha\PĹŻvodnĂ­ data aplikace Firefox
2017-04-12 11:10 - 2016-08-03 16:30 - 00032384 _____ C:\WINDOWS\SchedLgU.Txt
2017-04-12 10:41 - 2016-05-28 21:55 - 00000224 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2017-04-12 10:41 - 2013-04-02 12:16 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-04-12 10:41 - 2008-01-07 20:04 - 00088566 _____ C:\WINDOWS\system32\nvapps.xml
2017-04-12 10:40 - 2008-01-07 19:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-12 10:39 - 2016-07-05 17:34 - 00189346 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikacĂ­\WPFFontCache_v0400-System.dat
2017-04-12 10:39 - 2016-07-05 17:31 - 00631538 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikacĂ­\WPFFontCache_v0400-S-1-5-21-448539723-1004336348-725345543-1004-0.dat
2017-04-12 10:39 - 2008-01-07 19:07 - 00000178 ___SH C:\Documents and Settings\Silhan\ntuser.ini
2017-04-12 10:39 - 2008-01-07 19:07 - 00000000 ____D C:\Documents and Settings\Silhan
2017-04-12 10:04 - 2008-01-07 19:50 - 01278934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-12 10:04 - 2006-03-02 14:00 - 00526492 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-12 10:04 - 2006-03-02 14:00 - 00108026 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-12 10:02 - 2006-03-02 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl

==================== Files in the root of some directories =======

2013-04-02 16:20 - 2013-04-02 16:20 - 48524296 _____ (Microsoft Corporation) C:\Program Files\Net FRAMEWORK 4.exe
2013-04-02 16:24 - 2013-04-02 16:24 - 25001480 _____ (Microsoft Corporation) C:\Program Files\NetFx20SP2_x86.exe
2015-02-09 12:15 - 2015-02-09 12:15 - 0318904 _____ (Microsoft Corporation) C:\Program Files\wmpfirefoxplugin.exe
2008-04-07 21:09 - 2016-05-30 17:56 - 0013824 ____C () C:\Documents and Settings\Silhan\Local Settings\Data aplikacĂ­\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikacĂ­\TEMP:0B4227B4 [145]

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ESET Smart Security 9.0.385.1 (Disabled - Out of date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personální firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Silhan\Plocha" je 61 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe:*:Enabled:Instal tor AVG"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: kontrola logu

Napsal: 18 dub 2017 16:55
od Rudy
Zdravím!
Eset odinstalujte pomocí tohoto odinstalátoru: https://www.techsupportall.com/eset-rem ... -download/ . Pak by měl jít jiná antivirus nainstalovat.

Re: kontrola logu

Napsal: 18 dub 2017 19:20
od Emil
No zkusil jsem to, ale za
1.eset jsem instaloval až poté, co jsem odzkoušel avast, avg, kašperskeho...což nešlo nainstalovat,
tedy po odinstalaci esetu to asi nebude jinak
2. eset mi uvedeným uninstalatorem nejde odebrat, píše to chybu a pak to spadne..

Re: kontrola logu

Napsal: 18 dub 2017 19:22
od Rudy
Tak to je průšvih. Antiviry se tam asi popraly. Obnovte syste systém k datu, kdy korketně fungoval.

Re: kontrola logu

Napsal: 18 dub 2017 19:26
od Emil
no budu zkoušet, ale myslím, že jsem to tenkrát taky dělal ale proč to neudělat znovu..dám vědět

Re: kontrola logu

Napsal: 18 dub 2017 19:37
od Emil
Tak eset jsem odinstaloval klasicky přes ovládací panely a úspěšně, následně uninstalátor nic nenašel a tak se to nejspíš povedlo..zkusím nainstalovat avast, ale i tak budu prosit zkontrolovat log, protože tohle PC určitě nebude v pořádku..

Re: kontrola logu

Napsal: 18 dub 2017 19:57
od Emil
Tak je to zatím jak jsem psal, avast nejde spustit,respektive stažený program exe ze stránek avastu nelze otevřít..co teď ?

Re: kontrola logu

Napsal: 18 dub 2017 20:23
od Rudy
Jakou dává hlašku?

Re: kontrola logu

Napsal: 18 dub 2017 20:26
od Emil
Nápověda a odborná pomoc nejde spustit, tedy návrat v systému také ne...
zde je RSIT :
Logfile of random's system information tool 1.16 (written by random/random)
Run by Silhan at 2017-04-18 21:29:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 126 GB (82%) free of 153 GB
Total RAM: 511 MB (21% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:29:30, on 18.4.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell Printers\paperport\PaperPort\pptd40nt.exe
C:\Program Files\Dell Printers\paperport\PDFViewer\pdfpro5hook.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TechSmith\Jing\Jing.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Gigabyte\Gigabyte GN-WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig61.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dell Printers\paperport\PaperPort\PDFProFiltSrvPP.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Silhan\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Silhan_RSIT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.volny.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Dell Printers\paperport\PDFViewer\Bin\PlusIEContextMenu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Dell Printers\paperport\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Dell Printers\paperport\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Dell Printers\paperport\PDFViewer\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Dell Printers\paperport\PDFViewer\RegistryController.exe
O4 - HKLM\..\Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE"
O4 - HKLM\..\Run: [DLQLU] "C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE" /S
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [ISUSPM] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GN-WP01GS Utility.lnk = C:\Program Files\Gigabyte\Gigabyte GN-WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig61.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9730660125
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B3735D8-820C-49B3-8694-2D1465E794F7}: NameServer = 82.150.180.253,213.180.44.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Dell Printers\paperport\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7763 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Silhan\Data aplikací\Mozilla\Firefox\Profiles\i6adm9g4.default-1491991084031

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 9
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll


C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Documents and Settings\Silhan\Data aplikací\Mozilla\Firefox\Profiles\i6adm9g4.default-1491991084031\addons.json

C:\Documents and Settings\Silhan\Data aplikací\Mozilla\Firefox\Profiles\i6adm9g4.default-1491991084031\extensions.json
Microsoft .NET Framework Assistant - extension - {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Firefox Hello - extension - loop@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\loop@mozilla.org.xpi
Websense Helper - extension - websensehelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\websensehelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Documents and Settings\Silhan\Data aplikací\Mozilla\Firefox\Profiles\i6adm9g4.default-1491991084031\pluginreg.dat
Plugin - Windows Media Player Plug-in Dynamic Link Library - 3.0.2.629 - C:\Program Files\Windows Media Player\npdsplay.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npwmsdrm.dll
Plugin - Microsoft® DRM - 9.0.0.4503 - C:\Program Files\Windows Media Player\npdrmv2.dll
Plugin - Adobe Acrobat - 8.1.0.137 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll
Plugin - Google Update - 1.3.33.3 - C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll
Plugin - Windows Presentation Foundation - 3.5.30729.1 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Plugin - Shockwave Flash - 9.0.115.0 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://search.live.com/results.aspx?q={ ... rer:source?}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files\Dell Printers\paperport\PDFViewer\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-04-02 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-04-02 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"IndexSearch"=C:\Program Files\Dell Printers\paperport\PaperPort\IndexSearch.exe [2010-03-17 46368]
"PaperPort PTD"=C:\Program Files\Dell Printers\paperport\PaperPort\pptd40nt.exe [2010-03-17 29984]
"PDFHook"=C:\Program Files\Dell Printers\paperport\PDFViewer\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files\Dell Printers\paperport\PDFViewer\RegistryController.exe [2010-03-05 62752]
"DLPSP"=C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [2010-06-01 886152]
"DLUPDR"=C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE [2010-06-01 566680]
"DLQLU"=C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE [2010-06-01 1127744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Jing"=C:\Program Files\TechSmith\Jing\Jing.exe [2015-09-11 2911224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-07-13 6851288]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
GN-WP01GS Utility.lnk - C:\Program Files\Gigabyte\Gigabyte GN-WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig61.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2017-04-18 21:29:21 ----D---- C:\Program Files\trend micro
2017-04-18 21:29:20 ----D---- C:\rsit
2017-04-18 20:26:37 ----A---- C:\WINDOWS\ESETUninstaller(2).exe
2017-04-18 20:19:53 ----A---- C:\WINDOWS\ESETUninstaller(1).exe
2017-04-18 20:18:40 ----A---- C:\WINDOWS\ESETUninstaller.0.exe
2017-04-18 20:17:25 ----A---- C:\WINDOWS\ESETUninstaller.exe
2017-04-18 12:02:10 ----D---- C:\Program Files\Mozilla Firefox
2017-04-12 12:30:05 ----D---- C:\FRST

======List of files/folders modified in the last 1 month======

2017-04-18 21:29:30 ----D---- C:\WINDOWS\Prefetch
2017-04-18 21:29:21 ----RD---- C:\Program Files
2017-04-18 21:24:20 ----D---- C:\WINDOWS\Temp
2017-04-18 21:23:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-04-18 21:06:29 ----D---- C:\WINDOWS
2017-04-18 20:50:08 ----D---- C:\WINDOWS\Debug
2017-04-18 20:35:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-04-18 20:35:31 ----D---- C:\Config.Msi
2017-04-18 20:33:38 ----D---- C:\Program Files\ESET
2017-04-18 20:33:20 ----HD---- C:\WINDOWS\inf
2017-04-18 20:33:20 ----D---- C:\WINDOWS\system32\drivers
2017-04-18 20:32:39 ----SHD---- C:\WINDOWS\Installer
2017-04-18 20:17:44 ----D---- C:\WINDOWS\system32\CatRoot2
2017-04-12 10:05:11 ----SD---- C:\WINDOWS\Tasks
2017-04-12 10:04:57 ----D---- C:\WINDOWS\system32
2017-04-12 10:04:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-01-07 17119]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-21 175360]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-02-20 815296]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 RT61;Gigabyte Wireless Driver(Turbo); C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-06-04 319104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S0 rseb;rseb; C:\WINDOWS\system32\drivers\rseb.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DLPWD;Dell Printer Status Watcher; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [2009-10-16 116016]
R2 DLSDB;Dell Printer Status Database; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [2010-06-01 226696]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Dell Printers\paperport\PaperPort\PDFProFiltSrvPP.exe [2010-03-17 144672]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; %SystemRoot%\system32\svchost.exe -k WudfServiceGroup;"ServiceDll"=%SystemRoot%\System32\WUDFSvc.dll
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-06 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-06 107848]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-04-18 146888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-29 572928]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: kontrola logu

Napsal: 18 dub 2017 20:51
od Emil
"Jakou dává hlášku" co ?, když chci spustit avast exe ? žádnou, prostě se vůbec nic nedějě...

Re: kontrola logu

Napsal: 18 dub 2017 21:09
od Rudy
Myslí po kliknutí na instalační exáč. Tady: http://pc.poradna.net/q/view/1393573-ne ... -antivirus řeší podobný problém.

Re: kontrola logu

Napsal: 18 dub 2017 21:43
od Emil
No jo psal jsem,ze po "kliknutí na instalační exac" se nedeje nic, proste vubec nic..eset jsem odinstaloval jak jsem umel a uninstal esetu na ktery jsem dostal odkaz uz nasledne nic nenasel, tak nevím co dal...

Re: kontrola logu

Napsal: 19 dub 2017 17:46
od Rudy
Zkuste spustit jako správce. Postup zde: https://www.avast.com/cs-sk/faq.php?article=AVKB3 .

Re: kontrola logu

Napsal: 19 dub 2017 21:37
od Emil
Zkousim to opakovane, ale nikdy se to nestahne komplet a pak jakoby spadlo spojeni s poskytovatelem signálu. Po restartu zase vse bezi, ale jakmile se pokusim stáhnout soubor opet stejny problem...to nechapu..

Re: kontrola logu

Napsal: 19 dub 2017 21:55
od Emil
Pokusim se stahnout v nouzovem rezimu...mozna to pujde ..
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz